4f136e1ffb98b635407b95154fcf4a1b5b9ae57fdc265ab1f6d2d9c245b288a8

Sharing

Copy URL Twitter E-mail

General

Target

4f136e1ffb98b635407b95154fcf4a1b5b9ae57fdc265ab1f6d2d9c245b288a8
Size

668KB
MD5

8493079d9832f92d364abe949c0f7e20
SHA1

4c9e0cf68f2c3155e400c330a03dc322f781d758
SHA256

4f136e1ffb98b635407b95154fcf4a1b5b9ae57fdc265ab1f6d2d9c245b288a8
SHA512

3878a0837111142ee0622ef26a8c01bbd17deaeba5cf4c3749efb038941dd917c3c916bc8b1720d848276d0d2049c793a66efdb2f99f98284ae5370fca44f044
SSDEEP

12288:GoJry5oLXJDRQYZ3Y4kV3pxoJSa7JKS0Ua7bV1xy5fTD3SsPdI:JJry5sRBhRSXswMTLSoe

Score

N/A

Malware Config

Signatures

Files

4f136e1ffb98b635407b95154fcf4a1b5b9ae57fdc265ab1f6d2d9c245b288a8
.exe windows x86

0717ddb0d15d9fd217d519065837b0b2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

python24

PyString_AsString
PyObject_GetAttrString
_Py_NoneStruct
PyObject_Str
PyErr_Fetch
PyArg_ParseTuple
_Py_ZeroStruct
Py_InitModule4
Py_Finalize
PyObject_CallObject
PyTuple_SetItem
PyTuple_New
PyCallable_Check
PyList_Insert
PyString_FromString
PyType_IsSubtype
PyList_Type
PyDict_GetItemString
PyModule_GetDict
PyImport_ImportModule
Py_Initialize
_Py_TrueStruct
PyInt_AsLong

kernel32

EnumResourceLanguagesA
ConvertDefaultLocale
lstrcmpA
GetCurrentThread
RaiseException
GlobalFlags
InterlockedIncrement
GlobalReAlloc
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetCPInfo
GetOEMCP
SystemTimeToFileTime
SetErrorMode
LocalFileTimeToFileTime
SetFileTime
GetFileAttributesA
GetFileTime
FindNextFileA
GetPrivateProfileIntA
WritePrivateProfileStringA
LocalUnlock
LocalLock
GetTempFileNameA
GetDiskFreeSpaceA
InterlockedDecrement
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
ExitProcess
CreateDirectoryA
GetDriveTypeA
ExitThread
CreateThread
GetStartupInfoA
GetCommandLineA
TerminateProcess
HeapReAlloc
HeapSize
SetStdHandle
GetFileType
FatalAppExitA
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
SetCurrentDirectoryA
UnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetConsoleCtrlHandler
GetLocaleInfoW
SetEnvironmentVariableA
WaitForMultipleObjects
ReleaseMutex
CreateMutexA
ReleaseSemaphore
CreateSemaphoreA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateEventA
SuspendThread
SetThreadPriority
GetModuleFileNameA
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
lstrcpyA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
MoveFileA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcatA
lstrcmpW
GetModuleHandleA
GetProcAddress
SetLastError
CopyFileA
MulDiv
GlobalSize
GlobalAlloc
FormatMessageA
lstrcpynA
LocalFree
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
ResumeThread
OpenProcess
GetExitCodeThread
DeleteFileA
CreateFileA
ReadFile
GetPrivateProfileStringA
ResetEvent
FindResourceA
LoadResource
LockResource
SizeofResource
SetEvent
GetCurrentDirectoryA
CreateProcessA
WaitForSingleObject
GetExitCodeProcess
CloseHandle
SetFileAttributesA
GetStringTypeExW
GetStringTypeExA
GetEnvironmentVariableW
GetEnvironmentVariableA
CompareStringW
CompareStringA
lstrlenA
lstrcmpiW
lstrlenW
lstrcmpiA
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
HeapAlloc
Sleep

user32

LoadCursorA
SetCapture
WindowFromPoint
ReleaseCapture
GetWindowThreadProcessId
WaitMessage
DeleteMenu
DestroyIcon
TranslateAcceleratorA
SetMenu
BringWindowToTop
SetRectEmpty
CreatePopupMenu
InsertMenuItemA
LoadAcceleratorsA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
IsClipboardFormatAvailable
MessageBeep
SetRect
GetTabbedTextExtentA
IsRectEmpty
UnionRect
SetTimer
KillTimer
GetDCEx
LockWindowUpdate
SetParent
ValidateRect
InflateRect
EndPaint
BeginPaint
ReleaseDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
wsprintfA
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
ScrollWindowEx
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
SetFocus
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetSysColorBrush
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
GetKeyState
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
UpdateWindow
GetMenu
GetSysColor
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetClassInfoA
RegisterClassA
UnregisterClassA
SetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
CopyRect
PtInRect
GetWindow
GetMenuState
GetMenuStringA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
PostQuitMessage
GetSystemMetrics
LoadIconA
InvalidateRect
GetWindowDC
GetWindowRect
IsIconic
GetSystemMenu
GetDialogBaseUnits
DestroyMenu
GetMenuItemInfoA
MapVirtualKeyA
GetKeyNameTextA
SendMessageA
AppendMenuA
DrawIcon
LoadBitmapA
MessageBoxA
PostMessageA
GetDC
GetClientRect
EnableWindow
CharUpperW
CharUpperA
CharLowerW
ShowOwnedPopups
SetCursor
MsgWaitForMultipleObjects
GetMessageA
TranslateMessage
BeginDeferWindowPos
GetCursorPos
CharLowerA
ScreenToClient

gdi32

SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
DeleteDC
CreateDIBPatternBrushPt
CreatePatternBrush
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
CreateFontIndirectA
CreateRectRgnIndirect
PtVisible
Escape
CombineRgn
GetMapMode
PatBlt
DPtoLP
GetTextExtentPoint32A
GetTextMetricsA
CreateCompatibleBitmap
GetCharWidthA
StretchDIBits
CreateFontA
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
GetBkColor
StartDocA
GetPixel
GetWindowExtEx
GetViewportExtEx
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
DeleteObject
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
ExtTextOutA
TextOutA
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
CreateDCA
CopyMetaFileA
GetDeviceCaps
BitBlt
CreateCompatibleDC
SetRectRgn
GetStockObject
SetTextAlign
RectVisible

comdlg32

PrintDlgA
PageSetupDlgA
GetFileTitleA
FindTextA
ReplaceTextA
GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

winspool.drv

GetJobA
OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

SetFileSecurityA
RegSetValueA
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
GetFileSecurityA
RegCloseKey
RegCreateKeyA

shell32

SHGetFileInfoA
DragFinish
DragQueryFileA
ExtractIconA

comctl32

ord17
ord13
ImageList_Read
ImageList_Write
ord14
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA
ImageList_Merge
ImageList_Draw
ImageList_GetImageInfo

shlwapi

UrlUnescapeA
PathFindExtensionA
PathRemoveExtensionA
PathStripToRootA
PathIsUNCA
PathFindFileNameA

ole32

CoTaskMemFree
WriteFmtUserTypeStg
CLSIDFromString
StringFromGUID2
CoCreateInstance
CoDisconnectObject
OleDuplicateData
ReleaseStgMedium
CoTaskMemAlloc
CreateBindCtx
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
SetConvertStg

oleaut32

SafeArrayRedim
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysStringByteLen
SysAllocStringByteLen
SysStringLen
SysFreeString
SysAllocStringLen
VariantInit
VariantChangeType
VariantCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocString
SysReAllocStringLen
VarDateFromStr
VarBstrFromDec
VarDecFromStr
VarCyFromStr
VarBstrFromCy
VarBstrFromDate
VariantClear

wininet

InternetErrorDlg
FtpGetFileA
FtpPutFileA
FtpGetCurrentDirectoryA
FtpSetCurrentDirectoryA
FtpRemoveDirectoryA
FtpCreateDirectoryA
FtpRenameFileA
FtpDeleteFileA
InternetQueryDataAvailable
InternetGetCookieA
InternetSetCookieA
InternetSetOptionExA
InternetQueryOptionA
InternetCanonicalizeUrlA
InternetCrackUrlA
HttpQueryInfoA
InternetFindNextFileA
InternetCloseHandle
InternetGetLastResponseInfoA
GopherFindFirstFileA
InternetOpenA
InternetSetStatusCallback
InternetSetFilePointer
InternetWriteFile
InternetReadFile
HttpSendRequestA
HttpEndRequestA
HttpSendRequestExA
GopherGetAttributeA
FtpOpenFileA
HttpOpenRequestA
InternetOpenUrlA
GopherOpenFileA
InternetConnectA
FtpFindFirstFileA
GopherCreateLocatorA
FtpCommandA
HttpAddRequestHeadersA

Sections

.text
Size: 388KB - Virtual size: 386KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0717ddb0d15d9fd217d519065837b0b2

Headers

File Characteristics

Imports

python24

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

wininet

Sections

.text Size: 388KB - Virtual size: 386KB

.rdata Size: 100KB - Virtual size: 99KB

.data Size: 16KB - Virtual size: 28KB

.rsrc Size: 160KB - Virtual size: 157KB

.text
Size: 388KB - Virtual size: 386KB

.rdata
Size: 100KB - Virtual size: 99KB

.data
Size: 16KB - Virtual size: 28KB

.rsrc
Size: 160KB - Virtual size: 157KB