592d547af28abdb90567e7c50483d009fb1629281373d54a50c979f42773cf38

Sharing

Copy URL Twitter E-mail

General

Target

592d547af28abdb90567e7c50483d009fb1629281373d54a50c979f42773cf38
Size

388KB
MD5

7e75de93fdbb57f470dee6e558e7e380
SHA1

1e90bb9d602660a1d5c95cc08b6458d46144c666
SHA256

592d547af28abdb90567e7c50483d009fb1629281373d54a50c979f42773cf38
SHA512

a80c5f69e4e55f0d6950e3205ab52d6410f1173cb641fd9531fe37d186bdc61eda5e4a3bccafadc4d208480d0ff65875e5ef5cd2f054b04135ee08aaa0d7cb1e
SSDEEP

6144:EUi/rhF6DcyZt03Qs4wB8zX9xqj6KtYb+UnBPSLo:r2hFZyZt0/5B8r94ttkRnBPV

Score

N/A

Malware Config

Signatures

Files

592d547af28abdb90567e7c50483d009fb1629281373d54a50c979f42773cf38
.exe windows x86

9ba33053c4b04e08319b2226f2a3dd9e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

_TrackMouseEvent
ImageList_ReplaceIcon
ImageList_SetOverlayImage
ImageList_SetBkColor
ImageList_GetIcon
ImageList_SetDragCursorImage
ord17
ImageList_GetDragImage
ImageList_DragShowNolock
CreatePropertySheetPageA
ImageList_Write
ImageList_EndDrag
ImageList_Duplicate
ImageList_GetImageInfo
CreatePropertySheetPageW
PropertySheetW
InitCommonControlsEx
ImageList_Draw
ImageList_LoadImageW
ImageList_Merge
DestroyPropertySheetPage
ImageList_DragLeave
ImageList_Read
ImageList_Remove
ImageList_BeginDrag
ImageList_Destroy
ImageList_GetImageCount
ImageList_LoadImageA
ImageList_AddMasked
ImageList_DrawEx
ImageList_GetIconSize
ImageList_DragEnter
ImageList_DragMove

advapi32

GetSidIdentifierAuthority
RegCreateKeyExW
InitializeSecurityDescriptor
RegSetValueA
SetSecurityDescriptorDacl
CreateServiceA
RegSetKeySecurity
CryptGetHashParam
CryptDeriveKey
ControlService
OpenServiceA
AddAccessAllowedAce
OpenSCManagerA
CryptCreateHash
RegFlushKey
RegQueryInfoKeyA
CryptDestroyHash
DeregisterEventSource
DeleteService
ReportEventA
CryptEncrypt
AccessCheck
GetTokenInformation
RegOpenKeyExW
OpenProcessToken
RegSetValueExA
OpenThreadToken
RegQueryValueExW
CryptHashData
RegDeleteValueA
GetSecurityDescriptorDacl
AdjustTokenPrivileges
CloseServiceHandle
RegEnumValueA
RegCreateKeyExA
GetFileSecurityA
RegEnumKeyA
RegDeleteKeyW
CryptDestroyKey
QueryServiceStatus
CreateServiceW
RegQueryInfoKeyW
RegEnumKeyExW
CryptReleaseContext
FreeSid
RegOpenKeyA
LookupPrivilegeValueA
RegQueryValueW
GetLengthSid
InitializeAcl
CryptAcquireContextA
AllocateAndInitializeSid
RegCreateKeyW
RegOpenKeyExA
LookupPrivilegeValueW
RegQueryValueA
RegDeleteKeyA
GetFileSecurityW
RegCloseKey
RegQueryValueExA
CopySid
CryptImportKey

ole32

CoLoadLibrary
CreateILockBytesOnHGlobal
OleRegGetUserType
OleGetClipboard
StgCreateDocfileOnILockBytes
OleTranslateAccelerator
CoInitialize
CoCreateGuid
CoFreeUnusedLibraries
WriteClassStg
CreateDataAdviseHolder
CoInitializeSecurity
ReleaseStgMedium
CoGetInterfaceAndReleaseStream
GetRunningObjectTable
StgIsStorageFile
CoRevokeClassObject
ReadClassStg
CoDisconnectObject
WriteClassStm
OleRun
CoGetClassObject
OleQueryLinkFromData
ProgIDFromCLSID
OleIsRunning
GetHGlobalFromILockBytes
OleQueryCreateFromData
CoReleaseMarshalData
OleCreateMenuDescriptor
WriteFmtUserTypeStg
CoTaskMemRealloc
OleRegEnumVerbs
CoRegisterMessageFilter
CreateFileMoniker
OleIsCurrentClipboard
OleDestroyMenuDescriptor
CoCreateInstance
StringFromGUID2
StgOpenStorageOnILockBytes
StgOpenStorage
CreateBindCtx
OleDuplicateData
CoMarshalInterface
OleInitialize
OleCreateFromData
IsAccelerator
StringFromCLSID
CreateOleAdviseHolder
CoInitializeEx
CreateItemMoniker
OleUninitialize
CreateGenericComposite
OleLoad
OleRegGetMiscStatus
CLSIDFromProgID
ReadFmtUserTypeStg
StgCreateDocfile
CLSIDFromString
CreateStreamOnHGlobal
OleLockRunning
OleSetClipboard
OleSaveToStream
CoTaskMemFree
RegisterDragDrop
CoTreatAsClass
CoUnmarshalInterface
DoDragDrop
CoRegisterClassObject
RevokeDragDrop
OleSetContainedObject
CoUninitialize
SetConvertStg

user32

FrameRect
GetClassInfoA
GetSysColor
WinHelpW
EndPaint
wsprintfW
GetKeyboardState
MoveWindow
SetMenuItemBitmaps
GetTopWindow
SetWindowTextW
MapDialogRect
GrayStringW
LoadMenuA
SetTimer
PtInRect
PeekMessageA
CreateMenu
GetClassInfoExA
EnableWindow
GetWindowDC
RegisterClassA
GetSystemMetrics
PeekMessageW
FindWindowA
MessageBeep
SetFocus
LoadAcceleratorsW
SetWindowPos
GetDesktopWindow
TrackMouseEvent
UnregisterClassA
MessageBoxA
CreateDialogIndirectParamW
GetSystemMenu
BeginPaint
DestroyWindow
LoadStringA
LoadCursorA
DestroyCursor
CopyAcceleratorTableW
IsWindow
SetRect
DefFrameProcA
HideCaret
FillRect
CreateCaret
GetClipboardData
KillTimer
CharUpperBuffA
wsprintfA
CreateDialogIndirectParamA
DestroyCaret
DrawStateA
GetMenuState
InvalidateRect
ModifyMenuA
GetCapture
LockWindowUpdate
LoadIconA
EndDialog
TabbedTextOutA
GetIconInfo
InsertMenuA
IsIconic
DeleteMenu
GetScrollPos
GetDlgItem
IsDialogMessageA
CloseClipboard
SetWindowsHookExW
AdjustWindowRectEx
GetWindowRect
GetCursorPos
GetWindowPlacement
SendDlgItemMessageA
BeginDeferWindowPos
DrawIcon
LoadImageA
DestroyAcceleratorTable
PostMessageA
UnregisterClassW
OpenClipboard
GetMenuItemCount
GetKeyState
GetClassLongA
GetParent
GetKeyNameTextW
RegisterWindowMessageA
DdeFreeDataHandle
OpenIcon
InflateRect
UpdateWindow
GetWindowTextLengthA
SetRectEmpty
ShowWindow
ReleaseCapture
GetFocus
LoadBitmapA
DispatchMessageA
DispatchMessageW
GetActiveWindow
GetMessageA
EnumWindows
GetClassInfoExW
SetWindowsHookExA
GetClientRect
SetWindowRgn
GetWindowLongA
SetForegroundWindow
CheckMenuItem
CreateWindowExW
PostQuitMessage
ExitWindowsEx
WindowFromPoint
DefWindowProcA
SetActiveWindow
IsWindowEnabled
IsMenu
WinHelpA
CopyImage
InvalidateRgn
DrawEdge
GrayStringA
SetScrollInfo
GetClassLongW
GetScrollInfo
SetWindowTextA
DialogBoxParamA
EmptyClipboard
AppendMenuW
EndDeferWindowPos
SendMessageA
SendMessageTimeoutA
GetMenuDefaultItem
IntersectRect
CallWindowProcW
GetNextDlgGroupItem
DrawFrameControl
DialogBoxParamW
DrawIconEx
UnhookWindowsHookEx
EnumChildWindows
SetCursor
PostMessageW
GetMessageW
PostThreadMessageW
SetCapture
GetDC
CharUpperW
SetClipboardData
SetWindowPlacement
GetWindowTextLengthW
SendMessageW
DrawFocusRect
GetLastActivePopup
SystemParametersInfoA
ExcludeUpdateRgn
TranslateAcceleratorW
LoadMenuW
PostThreadMessageA
GetSysColorBrush
ClientToScreen
GetMessagePos
OffsetRect
RedrawWindow
MapWindowPoints
RegisterClipboardFormatA
GetClassNameA
TranslateMDISysAccel
InsertMenuItemA
SystemParametersInfoW
TranslateMessage
CallWindowProcA
CharToOemA
TabbedTextOutW
GetAsyncKeyState
DdeGetData
RemoveMenu
SetParent
SetWindowLongA
FlashWindow
DestroyIcon
EqualRect
GetMenuItemID
RegisterClassExA
GetMenuItemInfoA
GetDlgCtrlID
CharNextW
CloseWindow
GetMessageTime
MsgWaitForMultipleObjects
CreateDialogParamW
GetWindowTextA
SetPropA
ValidateRect
IsZoomed
IsRectEmpty
ScrollWindowEx
InsertMenuW
RegisterWindowMessageW
UnionRect
LoadAcceleratorsA
CreatePopupMenu
LoadStringW
CopyRect
CreateWindowExA
GetUpdateRect
DrawTextA
GetMonitorInfoW
GetSubMenu
SetDlgItemInt
RemovePropA
GetMenu
CharNextA
DrawTextW
GetDCEx
IsChild
GetAncestor
SetScrollPos
GetPropA
CallNextHookEx
GetNextDlgTabItem
TrackPopupMenu
GetForegroundWindow
GetScrollRange
GetDoubleClickTime
ScreenToClient
DeferWindowPos
DefWindowProcW
CheckMenuRadioItem
MonitorFromRect
SetMenu
TrackPopupMenuEx
ScrollWindow
AppendMenuA
ShowWindowAsync
LoadCursorW
GetMenuCheckMarkDimensions
GetWindow
IsClipboardFormatAvailable
IsWindowVisible
ShowOwnedPopups
ReleaseDC

kernel32

GetModuleHandleA
QueryPerformanceCounter
GetTempFileNameA
LCMapStringA
CompareStringA
GetCurrentThreadId
CreateFileA
GetPrivateProfileIntA
CreateEventA
CreateProcessA
GetLastError
FindClose
IsBadReadPtr
FreeEnvironmentStringsA
GetProfileStringA
ExitProcess
GetConsoleMode
SystemTimeToFileTime
FileTimeToLocalFileTime
GetFileAttributesA
GetModuleHandleW
TlsGetValue
CreateDirectoryA
WaitForMultipleObjects
GetSystemTimeAsFileTime
SuspendThread
VirtualFree
GetVersionExA
FreeResource
Sleep
RtlUnwind
LocalFileTimeToFileTime
RaiseException
TerminateProcess
LocalLock
OpenProcess
CreateMutexA
GetEnvironmentStrings
InterlockedIncrement
GetProfileIntA
GlobalFindAtomA
GetCurrentThread
EnumResourceLanguagesW
GetACP
WritePrivateProfileStringW
FormatMessageW
GlobalUnlock
GlobalDeleteAtom
CreateFileMappingA
GetSystemInfo
FindFirstFileA
GetModuleFileNameW
GetFullPathNameA
HeapSize
RemoveDirectoryA
LoadLibraryW
CompareStringW
GetShortPathNameW
GetDateFormatA
CopyFileW
WaitForSingleObject
ExpandEnvironmentStringsA
GlobalFlags
MulDiv
GetCommandLineA
TerminateThread
GlobalReAlloc
GetCPInfo
LocalAlloc
GetSystemDefaultLangID
VirtualProtect
GlobalAlloc
GetUserDefaultLCID
FlushFileBuffers
lstrcmpiA
GetLocaleInfoW
TlsSetValue
GetProcessHeap
FreeLibrary
GetProcAddress
LoadLibraryA
OpenMutexA
HeapReAlloc
LocalUnlock
SizeofResource
VirtualQuery
lstrcmpiW
UnlockFile
WritePrivateProfileStringA
FatalAppExitA
GetDriveTypeA
ReadFile
GetFileSize
GetModuleFileNameA
GetFileType
SetThreadPriority
GetCurrentProcessId
GetStdHandle
GetConsoleCP
LockFile
GetPrivateProfileSectionA
CloseHandle
HeapCreate
SetLastError
lstrcmpA
WriteFile
LocalReAlloc
GlobalHandle
GetOEMCP
FormatMessageA
LeaveCriticalSection
IsBadWritePtr
GetShortPathNameA
LoadResource
TlsAlloc
GetStringTypeA
DeviceIoControl
GetSystemDirectoryW
HeapAlloc
DuplicateHandle
InterlockedExchange
GetTimeZoneInformation
GetStartupInfoA
IsBadCodePtr
RemoveDirectoryW
GetLogicalDrives
lstrlenA
SetEvent
lstrcpyW
FindResourceA
UnhandledExceptionFilter
WinExec
InitializeCriticalSection
SetFileAttributesA
ResumeThread
lstrcpyA
GetPrivateProfileStringA
CreateFileMappingW
ExitThread
IsValidLocale
SetFilePointer
FreeEnvironmentStringsW
QueryPerformanceFrequency
GetWindowsDirectoryA
ExpandEnvironmentStringsW
HeapDestroy
DeleteFileW
LoadLibraryExA
GetTickCount
GetThreadLocale
LocalFree
GetWindowsDirectoryW
EnterCriticalSection
GlobalMemoryStatus
GetConsoleOutputCP
GetSystemDirectoryA
GetStringTypeW
_lopen
FileTimeToSystemTime
SetEnvironmentVariableA
GetFileTime
LockResource
InterlockedDecrement
GetStartupInfoW
WriteConsoleW
EnumSystemLocalesA
HeapFree
GlobalFree
IsDebuggerPresent
SetUnhandledExceptionFilter
GlobalAddAtomA
GlobalLock
GetEnvironmentStringsW
WideCharToMultiByte
lstrcmpW
ResetEvent
GetVolumeInformationA
SetHandleCount
FindResourceW
GlobalGetAtomNameA
lstrcpynA
LCMapStringW
IsDBCSLeadByte
lstrcatA
SetStdHandle
GetFileAttributesW
VirtualAlloc
GetVersion
DeleteFileA
GetCurrentProcess
SetEndOfFile
IsValidCodePage
GetTimeFormatA
DeleteCriticalSection
FindNextFileA
SetErrorMode
FindResourceExA
GetSystemTime
GetLocaleInfoA
GetEnvironmentVariableW
TlsFree
MultiByteToWideChar
SetFileTime

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9ba33053c4b04e08319b2226f2a3dd9e

Headers

File Characteristics

Imports

comctl32

advapi32

ole32

user32

kernel32

Sections

.text Size: 84KB - Virtual size: 83KB

.rdata Size: 88KB - Virtual size: 86KB

.data Size: 72KB - Virtual size: 75KB

.rsrc Size: 140KB - Virtual size: 136KB

.text
Size: 84KB - Virtual size: 83KB

.rdata
Size: 88KB - Virtual size: 86KB

.data
Size: 72KB - Virtual size: 75KB

.rsrc
Size: 140KB - Virtual size: 136KB