292e87e8f4e8dd88ec026ad4ec4c4d998ae9b712b12d11be3eb70c14f4bd616b

Sharing

Copy URL

Twitter E-mail

General

Target

292e87e8f4e8dd88ec026ad4ec4c4d998ae9b712b12d11be3eb70c14f4bd616b
Size

798KB
MD5

5ac27b651904e95b0ba18e39665d6520
SHA1

ce8125f1f114ca6320a0369c3b08fdb87a328107
SHA256

292e87e8f4e8dd88ec026ad4ec4c4d998ae9b712b12d11be3eb70c14f4bd616b
SHA512

d9f61938c7d87da4032f223411e328ea6773d36958d1757f710c403998948b0c1c3d9e75c102c026dbb2a77824f440c57e745909c1d84652006bffa8b9347c58
SSDEEP

12288:q1/DCBmnuD6p8HG+veIi0w9pm6FQ3ODbqn46tHEUvUPX3ov0zxpzp/:q4BmuzHG+vIz6Ovqn4tUvUPvxpzl

Score

N/A

Malware Config

Signatures

Files

292e87e8f4e8dd88ec026ad4ec4c4d998ae9b712b12d11be3eb70c14f4bd616b
.exe windows x86

b0263a1452ba4056d8302346c57f7ef5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

PlaySoundW

wsock32

inet_addr
ntohs
getpeername
WSACleanup
htons
ioctlsocket
gethostname
gethostbyname

comctl32

ImageList_DragMove
ImageList_DragEnter
ImageList_BeginDrag
ImageList_LoadImageW
ImageList_Destroy
ImageList_EndDrag
ImageList_DragLeave
ord17
CreateToolbarEx
ImageList_GetImageCount

gdiplus

GdipCreateBitmapFromStream
GdiplusShutdown
GdipCloneImage
GdiplusStartup
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipCreateBitmapFromHBITMAP
GdipSaveImageToStream
GdipDisposeImage
GdipAlloc
GdipFree
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromStreamICM

kernel32

MapViewOfFile
OpenFileMappingW
GetProcAddress
InitializeCriticalSection
DeleteCriticalSection
ReleaseSemaphore
CreateSemaphoreW
TlsGetValue
GetSystemTime
TlsFree
TlsSetValue
SetThreadPriority
GetCurrentThreadId
DuplicateHandle
GetCurrentThread
GetCurrentProcess
TlsAlloc
ResumeThread
WideCharToMultiByte
GetACP
MultiByteToWideChar
TerminateThread
LocalFree
FormatMessageW
FileTimeToSystemTime
FileTimeToLocalFileTime
DeleteFileW
GetSystemDirectoryW
GetDriveTypeW
GetLogicalDriveStringsW
FindClose
FindFirstFileW
SetErrorMode
LoadLibraryA
GetModuleHandleA
FindNextFileW
ReadFile
SetFileTime
GetModuleHandleW
CreateDirectoryW
lstrcpyW
MulDiv
FindResourceW
InterlockedDecrement
GetComputerNameW
lstrlenW
OutputDebugStringW
CreateThread
LocalReAlloc
UnmapViewOfFile
HeapFree
HeapAlloc
GetProcessHeap
CreateProcessW
SetUnhandledExceptionFilter
GetModuleFileNameW
GetCurrentProcessId
VirtualQuery
LoadLibraryExW
lstrcmpiA
Module32FirstW
LoadLibraryExA
VirtualProtect
CreateToolhelp32Snapshot
Module32NextW
WriteProcessMemory
HeapCreate
HeapSize
SetLastError
GetStartupInfoA
GetCommandLineA
GetSystemTimeAsFileTime
ExitThread
ExitProcess
RaiseException
IsDebuggerPresent
UnhandledExceptionFilter
RtlUnwind
VirtualFree
FatalAppExitA
SizeofResource
LoadResource
FreeLibrary
LoadLibraryW
GetLastError
OpenProcess
VirtualAlloc
HeapReAlloc
GetStdHandle
GetCPInfo
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
SetConsoleCtrlHandler
InterlockedExchange
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
LocalAlloc
TerminateProcess
FreeResource
GetFileAttributesW
GetVersionExW
QueryPerformanceCounter
GetConsoleCP
GetConsoleMode
SetFilePointer
GetStringTypeA
GetStringTypeW
GlobalAlloc
GetModuleFileNameA
CreateFileA
GlobalFree
Beep
GlobalLock
GlobalSize
GetLocalTime
CreateFileW
GlobalUnlock
WriteFile
GetTickCount
Sleep
WaitForSingleObject
ResetEvent
SetEvent
CloseHandle
CreateEventW
LeaveCriticalSection
EnterCriticalSection
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
FlushFileBuffers
GetTimeZoneInformation
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
InterlockedIncrement
HeapDestroy

user32

GetMenuItemCount
RedrawWindow
CreateWindowExA
SetWindowRgn
GetKeyState
GetAsyncKeyState
GetWindowTextLengthW
CopyRect
CreateAcceleratorTableW
TranslateAcceleratorW
DestroyAcceleratorTable
ToUnicode
GetKeyboardState
ToUnicodeEx
GetKeyboardLayout
VkKeyScanW
keybd_event
ToAscii
PostThreadMessageW
CallNextHookEx
GetWindowThreadProcessId
SetWindowsHookExW
PeekMessageW
LoadImageW
ReleaseCapture
ChildWindowFromPoint
ClientToScreen
GetDesktopWindow
SetCapture
DestroyIcon
PeekMessageA
FillRect
CallWindowProcW
LoadKeyboardLayoutW
IsDialogMessageW
PostQuitMessage
GetMessageW
TranslateMessage
DispatchMessageW
GetMenuStringW
MapWindowPoints
SetClassLongW
GetDlgCtrlID
GetDlgItemInt
SetDlgItemInt
EnableWindow
BringWindowToTop
RegisterClassExW
EnumChildWindows
GetDlgItem
GetWindowTextW
LoadMenuW
GetSubMenu
TrackPopupMenu
DestroyMenu
MoveWindow
GetDlgItemTextW
DialogBoxParamW
EndDialog
SetDlgItemTextW
GetCursorPos
SetCursorPos
EmptyClipboard
SetClipboardData
GetClipboardOwner
OpenClipboard
GetClipboardData
CloseClipboard
LoadIconW
GetSysColorBrush
CreateWindowExW
SetWindowLongW
ModifyMenuW
SetMenuDefaultItem
PtInRect
LoadBitmapW
IntersectRect
AppendMenuW
DrawMenuBar
GetForegroundWindow
GetWindow
GetFocus
LoadCursorW
SetCursor
WindowFromPoint
ScreenToClient
WindowFromDC
CreateDialogParamW
GetSystemMetrics
InvalidateRgn
SetTimer
SetFocus
DestroyWindow
ChangeClipboardChain
KillTimer
SystemParametersInfoW
AdjustWindowRectEx
GetWindowPlacement
SetWindowPlacement
SetForegroundWindow
CheckMenuItem
ShowWindow
GetWindowLongW
GetClientRect
GetMenuState
GetWindowRect
SetWindowPos
ShowScrollBar
IsIconic
ScrollWindowEx
UpdateWindow
PostMessageW
SetWindowTextW
GetKeyboardLayoutNameW
MessageBoxW
SetScrollInfo
BeginPaint
EndPaint
DefWindowProcW
SetRect
DrawTextW
InvalidateRect
SetClipboardViewer
GetSystemMenu
EnableMenuItem
SendMessageW
ReleaseDC
GetDC
RegisterClassW

gdi32

GetDIBits
CombineRgn
GetStockObject
SetPixelV
CreatePen
LineTo
DeleteDC
CreateSolidBrush
SetBkMode
GetClipBox
CreatePolygonRgn
CreateFontA
CreateFontW
MoveToEx
GetObjectW
CreateCompatibleDC
CreateRectRgnIndirect
GetDeviceCaps
CreatePalette
UpdateColors
SetTextColor
SelectPalette
RealizePalette
SelectObject
SetBkColor
SetStretchBltMode
CreateDCW
ExtTextOutW
SetBrushOrgEx
StretchBlt
BitBlt
DeleteObject
CreateCompatibleBitmap
CreateRectRgn

comdlg32

GetSaveFileNameW

advapi32

LookupPrivilegeValueW
OpenThreadToken
OpenProcessToken
RegEnumKeyW
RegOpenKeyW
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCloseKey
RegQueryValueExW
AdjustTokenPrivileges

shell32

SHGetSpecialFolderLocation
SHFileOperationW
SHGetSpecialFolderPathW
SHGetFileInfoW

ole32

CoUninitialize
CoTaskMemFree
CoInitialize
CreateStreamOnHGlobal
GetHGlobalFromStream

oleaut32

SysFreeString
SysAllocString
GetErrorInfo
VariantChangeType
VariantClear
VariantInit
SetErrorInfo
CreateErrorInfo

udpx

UDPX_Initialize
UDPX_Release

iphlpapi

GetAdaptersInfo

winhttp

WinHttpQueryDataAvailable
WinHttpSetTimeouts
WinHttpAddRequestHeaders
WinHttpReadData
WinHttpCrackUrl
WinHttpGetProxyForUrl
WinHttpOpenRequest
WinHttpOpen
WinHttpReceiveResponse
WinHttpQueryHeaders
WinHttpCloseHandle
WinHttpConnect
WinHttpWriteData
WinHttpSendRequest
WinHttpGetIEProxyConfigForCurrentUser
WinHttpSetOption

imm32

ImmReleaseContext
ImmAssociateContext
ImmGetContext

netapi32

Netbios

imagehlp

ImageDirectoryEntryToData

Sections

.text
Size: 622KB - Virtual size: 622KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Y_F�u�
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b0263a1452ba4056d8302346c57f7ef5

Headers

DLL Characteristics

File Characteristics

Imports

winmm

wsock32

comctl32

gdiplus

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

udpx

iphlpapi

winhttp

imm32

netapi32

imagehlp

Sections

.text Size: 622KB - Virtual size: 622KB

.rdata Size: 84KB - Virtual size: 84KB

.data Size: 14KB - Virtual size: 24KB

.rsrc Size: 59KB - Virtual size: 59KB

Y_F�u� Size: 16KB - Virtual size: 20KB

.text
Size: 622KB - Virtual size: 622KB

.rdata
Size: 84KB - Virtual size: 84KB

.data
Size: 14KB - Virtual size: 24KB

.rsrc
Size: 59KB - Virtual size: 59KB

Y_F�u�
Size: 16KB - Virtual size: 20KB