29cb626a112f451e2d592d8cc93bdda35a297ad3528034a673976e5bcd04edfb

Sharing

Copy URL Twitter E-mail

General

Target

29cb626a112f451e2d592d8cc93bdda35a297ad3528034a673976e5bcd04edfb
Size

5.0MB
MD5

1a584b3120227ce4da888981c53d7874
SHA1

14e3820a2953f31bda0ca143c9b1f54c57ee1eae
SHA256

29cb626a112f451e2d592d8cc93bdda35a297ad3528034a673976e5bcd04edfb
SHA512

471f84e10e71997a2341bc9e427a74e29d6c74a9766b6c5b9e3fa45d6c1fef0b3c4e2596578f7a1f3b235fb137763d24c119f631eee6b7ed2fd66cc744a69e89
SSDEEP

49152:pZnEdfHyD8kdIVhaUA2froQJlIxLbrosohVxbmmFlSOBGwEZtIDztrK486Z:TEdfrk8BA2ToQJaf0soh3btB8PI/F86

Score

N/A

Malware Config

Signatures

Files

29cb626a112f451e2d592d8cc93bdda35a297ad3528034a673976e5bcd04edfb
.exe windows x86

f15a3b32d6acdce72bf062eef128e166

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
GetFileAttributesA
CreateDirectoryA
LocalFileTimeToFileTime
lstrcpyA
lstrlenA
FreeLibrary
GlobalAlloc
lstrcmpA
GlobalLock
InterlockedExchange
CompareStringA
GetLocaleInfoA
GetModuleFileNameA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThreadId
GetCurrentThread
GlobalDeleteAtom
GlobalAddAtomA
GetCurrentProcessId
FreeResource
GlobalFree
GlobalUnlock
MulDiv
GetCurrentDirectoryA
LocalFree
FormatMessageA
InterlockedDecrement
GetVersionExA
lstrcmpW
GlobalFindAtomA
GlobalGetAtomNameA
WritePrivateProfileStringA
GlobalFlags
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
InterlockedIncrement
GetThreadLocale
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
GetVolumeInformationA
GetFullPathNameA
FileTimeToSystemTime
GetModuleHandleW
GetCPInfo
GetOEMCP
FileTimeToLocalFileTime
GetFileSizeEx
GetFileTime
RtlUnwind
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
GetCommandLineA
ExitProcess
HeapReAlloc
VirtualProtect
VirtualAlloc
VirtualQuery
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
GetACP
IsValidCodePage
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
SetStdHandle
LCMapStringA
LCMapStringW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
CompareStringW
SetEnvironmentVariableA
SystemTimeToFileTime
ReadFile
SetFilePointer
Sleep
FreeConsole
lstrcatA
DeleteFileA
WriteFile
FlushViewOfFile
FindFirstFileA
FindClose
CreateFileA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetSystemInfo
LoadResource
LockResource
SizeofResource
FindResourceA
WideCharToMultiByte
GetModuleHandleA
LoadLibraryA
GetProcAddress
GetLastError
SetLastError
TerminateThread
WaitForSingleObject
CloseHandle
GetTickCount
MultiByteToWideChar
CreateThread

user32

IsChild
WinHelpA
SendDlgItemMessageA
LoadIconA
RegisterWindowMessageA
IsDialogMessageA
SetWindowTextA
MoveWindow
ShowWindow
DestroyMenu
LoadCursorA
GetSysColorBrush
CharUpperA
CharNextA
CopyAcceleratorTableA
IsRectEmpty
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatA
PostThreadMessageA
TrackPopupMenu
SetMenu
SetForegroundWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetClassLongA
GetMenuItemID
GetMenuItemCount
WindowFromPoint
EndPaint
BeginPaint
GetWindowDC
GetDC
ScreenToClient
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
MessageBoxA
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetFocus
ModifyMenuA
GetMenuState
LoadBitmapA
SendMessageA
AppendMenuA
GetSystemMenu
EnableMenuItem
CheckMenuItem
PostQuitMessage
GetClassNameA
SetPropA
SetCapture
UpdateWindow
InvalidateRect
ReleaseCapture
GetSubMenu
ClientToScreen
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
LoadMenuA
PostMessageA
FlashWindow
EnableWindow
DrawIcon
OffsetRect
FillRect
GetSysColor
CopyRect
PtInRect
GetClientRect
GetCapture
GetActiveWindow
SetWindowLongA
GetWindowLongA
GetParent
SetRect
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
wsprintfA
GetTopWindow
GetMessageTime
GetMessagePos
UnhookWindowsHookEx
MapWindowPoints
ReleaseDC

gdi32

GetMapMode
GetBkColor
GetTextColor
GetRgnBox
CreateRectRgnIndirect
ExtSelectClipRgn
GetDeviceCaps
SaveDC
RestoreDC
SetBkColor
SetBkMode
SetTextColor
SetMapMode
GetClipBox
LineTo
MoveToEx
DeleteObject
GetViewportExtEx
GetWindowExtEx
GetObjectA
SelectObject
BitBlt
CreateCompatibleDC
CreateSolidBrush
CreateCompatibleBitmap
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreatePen
GetStockObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
CreateBitmap

shell32

ShellExecuteA

ole32

CoCreateInstance
CoUninitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoInitializeEx
CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
OleInitialize
CoRevokeClassObject
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard

shlwapi

PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathFindFileNameA
PathRemoveFileSpecW

oledlg

ord8

wininet

InternetOpenA
InternetOpenUrlA
InternetCloseHandle

oleacc

LresultFromObject
CreateStdAccessibleObject

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

comdlg32

GetFileTitleA

advapi32

RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

oleaut32

SysAllocStringLen
SysStringLen
SysAllocStringByteLen
VariantClear
VariantChangeType
VariantInit
OleCreateFontIndirect
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
SysAllocString
SysFreeString
VariantCopy

Sections

.text
Size: 339KB - Virtual size: 339KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f15a3b32d6acdce72bf062eef128e166

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

shlwapi

oledlg

wininet

oleacc

winspool.drv

comdlg32

advapi32

oleaut32

Sections

.text Size: 339KB - Virtual size: 339KB

.rdata Size: 76KB - Virtual size: 76KB

.data Size: 3.1MB - Virtual size: 3.1MB

.rsrc Size: 1.6MB - Virtual size: 1.6MB

.text
Size: 339KB - Virtual size: 339KB

.rdata
Size: 76KB - Virtual size: 76KB

.data
Size: 3.1MB - Virtual size: 3.1MB

.rsrc
Size: 1.6MB - Virtual size: 1.6MB