bc5aea38a0568cb5a0b0ce3ac12e318734a2eb3baaf9d20d95ee3d92008c86c6

Sharing

Copy URL Twitter E-mail

General

Target

bc5aea38a0568cb5a0b0ce3ac12e318734a2eb3baaf9d20d95ee3d92008c86c6
Size

3.6MB
MD5

7923b44973248e342ff3eb6245c0834c
SHA1

f00943dfa67716f9a175ec65edc0e988aea82688
SHA256

bc5aea38a0568cb5a0b0ce3ac12e318734a2eb3baaf9d20d95ee3d92008c86c6
SHA512

77d6a7209cebd39c2c8e698b984120ab47e4ce8a806b9f4b6ba251669b250659321795fd93d0725f47e534802ecef2a19e46acb718ddef2980e65e1924efa705
SSDEEP

98304:Uvc0FPtP95EQFO4IGn73S6BxC49sbAcgqZhs+4P8DU1k:gpFDrxCiugqZhs+4UDAk

Score

N/A

Malware Config

Signatures

Files

bc5aea38a0568cb5a0b0ce3ac12e318734a2eb3baaf9d20d95ee3d92008c86c6
.exe windows x86

7789bb2f8e365ab921963cfb11f2bcde

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileInformationByHandle
PeekNamedPipe
FormatMessageW
LocalFree
GetTickCount
SetUnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryW
CreateMutexW
OpenMutexW
WaitForSingleObject
SetPriorityClass
DebugActiveProcess
WaitForDebugEvent
ContinueDebugEvent
Sleep
TerminateProcess
GetModuleFileNameA
ReleaseMutex
SetEnvironmentVariableA
CompareStringA
SetEndOfFile
IsBadCodePtr
IsBadReadPtr
CreateFileA
SetStdHandle
GetOEMCP
GetStartupInfoW
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetTimeZoneInformation
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
SetLastError
IsBadWritePtr
VirtualFree
HeapCreate
GetStringTypeW
GetStringTypeA
GetCPInfo
LCMapStringW
LCMapStringA
ExitThread
RtlUnwind
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
ExitProcess
HeapSize
HeapReAlloc
HeapDestroy
CreateEventA
GetLocalTime
GetDateFormatA
GetTimeFormatA
QueryPerformanceFrequency
GetVersion
GetVersionExA
LoadLibraryA
QueryPerformanceCounter
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
OutputDebugStringA
GetStdHandle
GetModuleHandleA
FormatMessageA
lstrlenA
MoveFileExW
GetLocaleInfoW
GlobalAlloc
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
GetSystemTime
WriteFile
GetSystemDirectoryW
GetComputerNameW
lstrcmpW
CompareStringW
GetCurrentDirectoryW
CreateProcessW
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WideCharToMultiByte
GetCurrentProcessId
SetCurrentDirectoryW
ResetEvent
FileTimeToLocalFileTime
lstrcatW
lstrcpynW
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameW
HeapFree
OpenProcess
GetCurrentThread
CloseHandle
GetCurrentThreadId
MultiByteToWideChar
lstrcmpiW
GetProcessHeap
HeapAlloc
GetCurrentProcess
FlushInstructionCache
GetLastError
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
lstrcpyW
lstrlenW
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
IsValidCodePage
InterlockedExchange
SystemTimeToFileTime
ExpandEnvironmentStringsW
AllocConsole
SetConsoleCtrlHandler
MoveFileW
FindNextFileW
FindFirstFileW
FindClose
FileTimeToSystemTime
GetDateFormatW
GetTimeFormatW
MulDiv
GetFileAttributesExW
RemoveDirectoryW
CreateHardLinkW
CopyFileW
GetTempFileNameW
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GetLongPathNameW
GetSystemTimeAsFileTime
ResumeThread
SetThreadPriority
CreateThread
GetProcAddress
LocalAlloc
ReadFile
SetFilePointer
GetFileSize
FlushFileBuffers
CreateFileW
GetTempPathW
GetFileAttributesW
CreateDirectoryW
SetEvent
CreateEventW
DeleteFileW

user32

PostMessageW
SetWindowsHookExW
RegisterClipboardFormatW
CopyRect
DestroyIcon
CreateWindowExW
GetWindowLongW
SendMessageW
IsIconic
SetWindowPos
GetWindowRect
GetClientRect
MapWindowPoints
InvalidateRect
IsWindowVisible
SetTimer
KillTimer
SetActiveWindow
IsChild
SetWindowRgn
GetAncestor
GetDesktopWindow
SetFocus
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
GetMessagePos
CallNextHookEx
GetMonitorInfoW
MonitorFromWindow
GetClassInfoExW
wsprintfW
LoadCursorW
SystemParametersInfoW
InflateRect
GetSystemMetrics
IsRectEmpty
IntersectRect
GetWindow
EqualRect
OffsetRect
TrackPopupMenu
DestroyMenu
GetLastInputInfo
GetForegroundWindow
EnumWindows
CallWindowProcW
SetCursor
GetKeyState
GetActiveWindow
GetWindowThreadProcessId
WindowFromPoint
RegisterClassExW
EndDialog
GetParent
SetWindowTextW
LoadIconW
GetDlgItem
MonitorFromRect
MonitorFromPoint
DialogBoxParamW
CreateDialogParamW
DrawAnimatedRects
FindWindowExW
GetCursorPos
SetMenuItemInfoW
InsertMenuItemW
GetSubMenu
LoadMenuW
MessageBoxW
CopyIcon
EndPaint
BeginPaint
ReleaseCapture
SetCapture
RegisterHotKey
GetCaretBlinkTime
RegisterWindowMessageW
GetWindowTextW
GetWindowTextLengthW
PostThreadMessageW
ReleaseDC
GetDC
FillRect
LoadBitmapW
FrameRect
PtInRect
SetRectEmpty
UnionRect
DrawFocusRect
ClientToScreen
ScreenToClient
IsWindowEnabled
EnableWindow
GetDlgItemInt
SetDlgItemInt
SetDlgItemTextW
MessageBeep
GetFocus
RegisterClassW
GetSysColor
SetParent
AppendMenuW
CreatePopupMenu
GetMenuStringW
GetWindowDC
GetPropW
DrawFrameControl
UpdateWindow
RedrawWindow
HideCaret
ShowCaret
GetMenuItemInfoW
GetSysColorBrush
RemoveMenu
EnableMenuItem
CheckMenuItem
IsDialogMessageW
GetCapture
GetMouseMovePointsEx
GetLastActivePopup
FlashWindowEx
ClipCursor
GetDCEx
GetUpdateRect
ScrollWindowEx
GetScrollInfo
SetScrollInfo
GetDoubleClickTime
AnimateWindow
BringWindowToTop
GetMenuItemRect
SetRect
GetIconInfo
InvalidateRgn
DestroyAcceleratorTable
CreateAcceleratorTableW
TrackMouseEvent
GetSystemMenu
ValidateRect
DeleteMenu
MessageBoxA
UnhookWindowsHookEx
CharNextW
PostQuitMessage
DefWindowProcW
SetForegroundWindow
FindWindowW
IsWindow
GetClassNameW
LoadImageW
DestroyWindow
SendMessageTimeoutW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
UnregisterClassW
ShowWindow
SetWindowLongW

advapi32

RegDeleteKeyW
CryptReleaseContext
CryptDestroyHash
CryptGetHashParam
CryptHashData
CryptCreateHash
CryptAcquireContextW
CryptImportKey
CryptDestroyKey
CryptVerifySignatureW
CryptGenRandom
RegOpenKeyA
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryInfoKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
OpenThreadToken
LookupAccountSidW
GetTokenInformation
RegEnumKeyExW
RegQueryValueExW
RegOpenKeyW
RegCreateKeyW
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA

secur32

QueryCredentialsAttributesW
QueryContextAttributesW
EncryptMessage
DecryptMessage
ApplyControlToken
FreeContextBuffer
InitializeSecurityContextA
AcquireCredentialsHandleA
CompleteAuthToken
DeleteSecurityContext
FreeCredentialsHandle
InitSecurityInterfaceW
AcquireCredentialsHandleW

ws2_32

WSACloseEvent
WSASetEvent
WSAResetEvent
WSAEnumNetworkEvents
WSAWaitForMultipleEvents
WSAEventSelect
WSACreateEvent
WSAStartup
ioctlsocket
socket
WSACleanup
ntohl
WSAGetLastError
WSAAsyncGetHostByName
ntohs
htons
htonl
connect
setsockopt
send
sendto
recv
recvfrom
listen
WSACancelAsyncRequest
closesocket
getsockname
getpeername
WSAAsyncSelect
WSASocketW
bind
accept
inet_ntoa
gethostbyname
gethostname
inet_addr

riched20

ord6
ord4

ole32

OleInitialize
CoInitializeSecurity
OleUninitialize
CoCreateInstance
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
CoRegisterClassObject
CoRevokeClassObject
CoUninitialize
RegisterDragDrop
CoInitializeEx
ReleaseStgMedium
CreateStreamOnHGlobal
OleLockRunning
CoGetClassObject
CoInitialize
CoCreateFreeThreadedMarshaler
CoCreateGuid
CLSIDFromProgID
CLSIDFromString
StringFromGUID2
RevokeDragDrop

shell32

DragQueryFileW
SHCreateDirectoryExW
SHGetFolderPathW
SHGetSpecialFolderPathW
SHAppBarMessage
ShellExecuteW
Shell_NotifyIconW
SHFileOperationW
ShellExecuteExW
SHGetFileInfoW

oleaut32

SysFreeString
SysAllocString
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
SystemTimeToVariantTime
LoadRegTypeLi
OleCreateFontIndirect
SysStringLen
VariantChangeType
VariantCopy
VariantInit
OleLoadPicturePath
SafeArrayRedim
SafeArrayDestroy
SafeArrayCreate
VariantCopyInd
SafeArrayLock
SafeArrayUnlock
SafeArrayGetLBound
SafeArrayGetUBound
VariantClear
VarBstrCmp
SysStringByteLen
SysAllocStringByteLen
SysAllocStringLen
VarUI4FromStr

shlwapi

PathAppendW
PathFindExtensionW
PathFindFileNameW
SHDeleteEmptyKeyW
SHDeleteKeyW

comctl32

ImageList_Create
ImageList_AddMasked
InitCommonControlsEx

msimg32

AlphaBlend

gdi32

SelectObject
CreateFontIndirectW
GetDeviceCaps
DeleteDC
GetTextMetricsW
CreateSolidBrush
CreateCompatibleDC
CreateBitmap
RealizePalette
SelectPalette
CreateDIBSection
IntersectClipRect
SelectClipRgn
SetViewportExtEx
CreatePolygonRgn
DeleteObject
GetObjectW
GetStockObject
BitBlt
SetWindowExtEx
SetMapMode
SetTextColor
SetBkMode
CreatePen
CreateCompatibleBitmap
SetBkColor
RectInRegion
GetTextExtentPoint32W
SetViewportOrgEx
Polygon

urlmon

URLDownloadToFileW

setupapi

SetupInitDefaultQueueCallback
SetupIterateCabinetW
SetupTermDefaultQueueCallback
SetupDefaultQueueCallbackW

msacm32

acmStreamOpen
acmStreamPrepareHeader
acmDriverEnum
acmDriverDetailsA
acmStreamConvert
acmStreamUnprepareHeader
acmStreamClose
acmDriverClose
acmDriverOpen

crypt32

CryptProtectData
CryptDecodeObject
CryptFindOIDInfo
CryptUnprotectData

sensapi

IsNetworkAlive

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

wininet

InternetCrackUrlW
DeleteUrlCacheEntryW
InternetQueryOptionW
HttpOpenRequestW
HttpSendRequestW
InternetCloseHandle
InternetConnectW
InternetOpenW
InternetGetCookieW

winmm

waveInGetDevCapsA
timeSetEvent
timeKillEvent
waveInStop
mixerGetNumDevs
waveInOpen
mixerGetDevCapsA
waveOutGetPosition
waveOutGetDevCapsA
waveInReset
waveInUnprepareHeader
waveInClose
mixerGetControlDetailsA
mixerClose
mixerOpen
mixerGetLineInfoA
mixerGetLineControlsA
waveOutUnprepareHeader
waveOutWrite
waveOutPrepareHeader
waveOutClose
waveOutReset
waveOutOpen
waveOutGetNumDevs
waveInGetDevCapsW
waveInGetNumDevs
waveOutGetDevCapsW
mixerSetControlDetails
mixerGetLineControlsW
mixerGetLineInfoW
mixerGetID
waveOutMessage
mixerGetControlDetailsW
waveInMessage
waveOutSetVolume
waveOutGetVolume
timeGetTime
waveInStart
waveInAddBuffer
waveInPrepareHeader
waveInGetPosition

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
AccessibleChildren
LresultFromObject
WindowFromAccessibleObject

comdlg32

ChooseFontW
GetOpenFileNameW

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 280KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nfoz
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7789bb2f8e365ab921963cfb11f2bcde

Headers

File Characteristics

Imports

kernel32

user32

advapi32

secur32

ws2_32

riched20

ole32

shell32

oleaut32

shlwapi

comctl32

msimg32

gdi32

urlmon

setupapi

msacm32

crypt32

sensapi

version

wininet

winmm

oleacc

comdlg32

iphlpapi

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 280KB - Virtual size: 277KB

.data Size: 40KB - Virtual size: 99KB

.rsrc Size: 1.7MB - Virtual size: 1.7MB

.nfoz Size: 36KB - Virtual size: 33KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 280KB - Virtual size: 277KB

.data
Size: 40KB - Virtual size: 99KB

.rsrc
Size: 1.7MB - Virtual size: 1.7MB

.nfoz
Size: 36KB - Virtual size: 33KB