e4f06c4c6b27d0a449fbb58602b1443178f700031562d1b32b4530bf1d6b3f85

Sharing

Copy URL Twitter E-mail

General

Target

e4f06c4c6b27d0a449fbb58602b1443178f700031562d1b32b4530bf1d6b3f85
Size

688KB
MD5

83d27673443e14049537b6f0cd9e0aac
SHA1

540b4fcdff138369e8241fd37d61252440aa7053
SHA256

e4f06c4c6b27d0a449fbb58602b1443178f700031562d1b32b4530bf1d6b3f85
SHA512

39cec82352bf8ed9099312e89e7ccdb3145f6e71026646ab96c1f8547221bb40fb57bddb85b3c47a11072cd5a83f07d09b2fde6bcf75ce44aa959beb0fdda320
SSDEEP

12288:W8zHxaaR0yar01F4c3HwFVP80OgkXnNUIoqbgLwUaHfm:W8bbBai3SOgkXnNUI7bcum

Score

N/A

Malware Config

Signatures

Files

e4f06c4c6b27d0a449fbb58602b1443178f700031562d1b32b4530bf1d6b3f85
.exe windows x86

1075214dba79dae1d7c73eaf101466c6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CertEnumCertificatesInStore
CertCloseStore
CryptDecodeObject
CertFindRDNAttr
CertRDNValueToStrA
CertGetCertificateContextProperty
CertOpenSystemStoreA
CertFindCertificateInStore
CertFreeCertificateContext

aegise5

@AcGetLogErrorA@20
@AcContextAttachEvent@8
@AcContextGetAttachedEvent@4
@AcAdapterSet8021xValues@20
@AcContextConfigWpa@8
@AcContextConfigResumption@8
@AcContextConfigWpaEx@24
@AcAdapterAuthenticateStop@4
@AcContextConfigTTLSCredentialsA@40
@AcContextConfigTLSCredentialsA@28
@AcContextConfigPeapCredentialsA@40
@AcContextConfigMd5CredentialsA@12
@AcContextConfigLeapCredentialsA@12
@AcContextConfigWpaPskAscii@8
@AcContextConfigWpaPskBinary@12
@AcStatusFormatA@12
@AcContextCopyHandle@4
@AcAdapterCfgSpecial@12
@AcContextRelease@4
@AcAdapterGetMacAddress@8
@AcStatusNumber@4
@AcIterateAdaptersNext@4
@AcContextType@4
@AcIterateAdapters@4
@AcStatusRelatedContext@4
@AcAdapterGetNameA@12
@AcGlobalContextQuery@8
@AcAdapterAuthenticate@8
@AcCredentialsNumber@4
@AcAdapterQuery@8
@AcAdapterGetStatistics@8
@AcGlobalOpenContextA@4

shlwapi

SHDeleteKeyA

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiClassGuidsFromNameA
SetupDiOpenDevRegKey

iphlpapi

GetAdaptersInfo

kernel32

HeapAlloc
GetStartupInfoA
GetCommandLineA
ExitProcess
RaiseException
CreateThread
ExitThread
GetTimeZoneInformation
GetACP
TerminateProcess
HeapReAlloc
HeapSize
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetProfileStringA
GetLastError
WideCharToMultiByte
GetSystemDirectoryA
GlobalFree
GlobalUnlock
GlobalHandle
GlobalLock
GlobalAlloc
GetModuleFileNameA
Sleep
GetDateFormatA
FileTimeToSystemTime
CloseHandle
CreateEventA
GetProcAddress
GetModuleHandleA
GetCurrentProcess
CreateFileA
GetVersionExA
WinExec
DeviceIoControl
SetLastError
SetEvent
GetSystemDefaultLangID
CreateMutexA
ReleaseMutex
ResetEvent
LockResource
LoadResource
FindResourceA
VirtualProtect
lstrcpyA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
lstrcmpiA
GlobalGetAtomNameA
GetCurrentThreadId
lstrcatA
GetVersion
FreeLibrary
LoadLibraryA
InterlockedIncrement
InterlockedDecrement
lstrlenA
MultiByteToWideChar
LocalFree
FormatMessageA
WaitForSingleObject
ResumeThread
SetThreadPriority
SuspendThread
DuplicateHandle
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
FindClose
FindFirstFileA
GetVolumeInformationA
lstrcpynA
GetFullPathNameA
GetThreadLocale
FileTimeToLocalFileTime
GetFileAttributesA
GetFileSize
GetFileTime
MulDiv
lstrcmpA
GetCurrentThread
SizeofResource
FindResourceExA
GetProcessVersion
GlobalFlags
HeapFree
LocalAlloc
InitializeCriticalSection
TlsAlloc
DeleteCriticalSection
TlsFree
LeaveCriticalSection
GlobalReAlloc
EnterCriticalSection
TlsSetValue
LocalReAlloc
TlsGetValue
GetCPInfo
GetOEMCP
SetErrorMode
WritePrivateProfileStringA
GetTickCount
RtlUnwind

user32

GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
MoveWindow
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
MapWindowPoints
GetSysColor
PeekMessageA
DispatchMessageA
AdjustWindowRectEx
GetClientRect
CopyRect
IsWindowVisible
GetTopWindow
MessageBoxA
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetMenuItemID
TrackPopupMenu
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
SetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
GetWindow
SetWindowLongA
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
DestroyWindow
MapDialogRect
SetWindowPos
ShowWindow
IsChild
PostThreadMessageA
UnregisterClassA
ScreenToClient
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
GetCapture
GetActiveWindow
SetActiveWindow
GetAsyncKeyState
GetWindowLongA
SetFocus
GetDlgItem
IsWindowEnabled
MessageBeep
IsCharAlphaA
GetSystemMetrics
FindWindowA
LoadIconA
SetForegroundWindow
GetWindowRect
LoadMenuA
GetSubMenu
GetCursorPos
GetFocus
IsCharAlphaNumericA
UpdateWindow
LoadBitmapA
PostMessageA
KillTimer
SetTimer
wsprintfA
IsWindow
RegisterClipboardFormatA
InvalidateRect
GetClassLongA
SendMessageA
EnableWindow
DefDlgProcA
IsWindowUnicode
GetNextDlgGroupItem
SetRect
CopyAcceleratorTableA
UnhookWindowsHookEx
CharNextA
GetParent
InflateRect
GetDesktopWindow
PtInRect
GetClassNameA
GetSysColorBrush
LoadCursorA
SetWindowContextHelpId
SetCursor
PostQuitMessage
DestroyMenu
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
CharUpperA
GetMessageA
TranslateMessage
ValidateRect
GetDC
ReleaseDC
LoadStringA
wvsprintfA
GetPropA

gdi32

BitBlt
CreateCompatibleDC
GetTextExtentPointA
LPtoDP
GetBkColor
GetTextColor
DPtoLP
GetMapMode
EnumFontFamiliesExA
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateSolidBrush
GetWindowExtEx
GetViewportExtEx
GetDeviceCaps
DeleteObject
IntersectClipRect
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
PatBlt
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetTextExtentPoint32A
CreateDIBitmap

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegCloseKey
RegSetValueExA
CloseServiceHandle
ChangeServiceConfigA
StartServiceA
QueryServiceStatus
OpenServiceA
OpenSCManagerA
ControlService
FreeSid
EqualSid
GetTokenInformation
OpenProcessToken
AllocateAndInitializeSid
RegCreateKeyExA
RegEnumValueA
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA
RegDeleteValueA

shell32

Shell_NotifyIconA
ShellExecuteA

comctl32

ImageList_Create
ImageList_ReplaceIcon
PropertySheetA
DestroyPropertySheetPage
ord17
ImageList_Destroy
CreatePropertySheetPageA

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoTaskMemFree
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoInitializeEx
CoInitializeSecurity
CoCreateInstance
CoUninitialize
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoTaskMemAlloc

olepro32

ord253

oleaut32

VariantClear
SysFreeString
SysAllocStringLen
VariantTimeToSystemTime
VariantCopy
VariantChangeType
SysAllocString
SysAllocStringByteLen
SysStringLen

Sections

.text
Size: 420KB - Virtual size: 418KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1075214dba79dae1d7c73eaf101466c6

Headers

File Characteristics

Imports

crypt32

aegise5

shlwapi

version

setupapi

iphlpapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 420KB - Virtual size: 418KB

.rdata Size: 68KB - Virtual size: 65KB

.data Size: 128KB - Virtual size: 146KB

.rsrc Size: 68KB - Virtual size: 67KB

.text
Size: 420KB - Virtual size: 418KB

.rdata
Size: 68KB - Virtual size: 65KB

.data
Size: 128KB - Virtual size: 146KB

.rsrc
Size: 68KB - Virtual size: 67KB