ed689973c96c1f654d14fc96a76875c2de95c63e15f67e1cd51baab215f3179d

Sharing

Copy URL Twitter E-mail

General

Target

ed689973c96c1f654d14fc96a76875c2de95c63e15f67e1cd51baab215f3179d
Size

989KB
MD5

92102b7a949b7dd106e51f370831fe6a
SHA1

1a12f099d07a5fe199d434a2fdc9ff3d1ae28979
SHA256

ed689973c96c1f654d14fc96a76875c2de95c63e15f67e1cd51baab215f3179d
SHA512

fee6f73af45c01e830e9344b3c112a41586df11f2062053563b7db2b832a3240c4a6391a563f0647f087cf502fdac8de305eb78b0c587c0f7219195161df3368
SSDEEP

24576:jlS/6pz2JIA2JkDgijfcP0Udh4sVgK23t:eNiA2x3P0Udh4sVg5t

Score

N/A

Malware Config

Signatures

Files

ed689973c96c1f654d14fc96a76875c2de95c63e15f67e1cd51baab215f3179d
.exe windows x86

04c41d70ec095ee049b25a78ede4ee1f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExpandEnvironmentStringsW
GetCurrentThread
SetEnvironmentVariableA
CompareStringW
CompareStringA
CreateFileA
GetLocaleInfoW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
QueryPerformanceCounter
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetTimeZoneInformation
GetModuleFileNameA
GetConsoleMode
GetConsoleCP
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
HeapCreate
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetCPInfo
RtlUnwind
GetStartupInfoW
VirtualQuery
GetSystemInfo
VirtualProtect
GetModuleHandleA
ResumeThread
ExitThread
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetThreadLocale
GetLocaleInfoA
GetACP
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
FindClose
FindNextFileW
FindFirstFileW
GetUserDefaultLangID
GetFileAttributesExW
OpenProcess
GetCurrentDirectoryW
GetTempPathW
GetSystemWindowsDirectoryW
GetLongPathNameW
GetSystemDirectoryW
GetEnvironmentVariableW
SetErrorMode
CreateThread
FileTimeToLocalFileTime
WaitNamedPipeW
SetThreadPriority
SystemTimeToFileTime
GetSystemTime
GetPrivateProfileIntW
FileTimeToSystemTime
lstrcmpiW
CreateMutexW
InterlockedDecrement
GlobalUnlock
InterlockedIncrement
GlobalAlloc
GlobalLock
LoadLibraryExW
OpenMutexW
ExitProcess
CreateEventW
CopyFileW
TerminateThread
SetEndOfFile
GetSystemTimeAsFileTime
GetPrivateProfileStringW
OpenEventW
SetFilePointer
WriteFile
InterlockedCompareExchange
Sleep
GetCurrentProcessId
SetEvent
GetFileSize
GetVersion
ReadFile
WaitForSingleObject
ResetEvent
FreeResource
lstrlenW
DeleteCriticalSection
RaiseException
InitializeCriticalSection
lstrlenA
GetCurrentThreadId
WideCharToMultiByte
MultiByteToWideChar
FlushInstructionCache
GetTickCount
GetCurrentProcess
CreateProcessW
CloseHandle
LocalFree
GetFileAttributesW
WritePrivateProfileStringW
SetFileAttributesW
GetModuleHandleW
GetLastError
GetVersionExW
LeaveCriticalSection
FindResourceExW
DeleteFileW
EnterCriticalSection
FindResourceW
GetModuleFileNameW
GetProcAddress
SizeofResource
LoadResource
LoadLibraryW
LockResource
FreeLibrary
SetLastError
CreateFileW
InterlockedExchange
CreateDirectoryW
GetOEMCP

user32

GetClientRect
InvalidateRect
BeginPaint
GetWindow
LoadImageW
InflateRect
RegisterWindowMessageW
GetSysColor
GetSystemMetrics
EndMenu
SetMenuItemInfoW
LoadMenuW
GetSubMenu
ExitWindowsEx
LoadIconW
WindowFromPoint
PostMessageW
DestroyIcon
SendMessageW
DestroyWindow
SetWindowRgn
KillTimer
GetDesktopWindow
SetRect
ReleaseDC
PeekMessageW
ShowWindow
GetMessageW
SetTimer
OffsetRect
TranslateMessage
ReleaseCapture
PostThreadMessageW
DispatchMessageW
SetWindowLongW
SetCapture
GetDlgItem
MoveWindow
IsWindow
SetWindowTextW
GetDC
RegisterClassExW
MonitorFromWindow
GetMonitorInfoW
UnregisterClassA
TrackPopupMenu
SetForegroundWindow
GetAncestor
GetWindowThreadProcessId
FrameRect
GetForegroundWindow
GetCursorPos
CopyRect
GetWindowLongW
GetWindowRect
SendMessageTimeoutW
LoadBitmapW
CharNextW
FindWindowW
SetActiveWindow
EnableWindow
SetFocus
MapWindowPoints
DrawFrameControl
EndPaint
GetParent
EqualRect
ClientToScreen
GetDlgCtrlID
SystemParametersInfoW
CreateWindowExW
IsWindowVisible
DrawTextW
LoadCursorW
SetWindowPos
GetKeyState
wsprintfW
SetCursor
CallWindowProcW
DrawIconEx
PtInRect
GetActiveWindow
DefWindowProcW
IsWindowEnabled
GetClassInfoExW

gdi32

TextOutW
DeleteObject
ExtTextOutW
CreatePen
SetBkColor
CreateCompatibleDC
RestoreDC
DeleteDC
RoundRect
GetObjectW
GetStockObject
CreateDIBSection
BitBlt
GetClipRgn
SaveDC
CreateBitmap
CombineRgn
SelectClipRgn
StretchBlt
CreateRectRgn
SetBkMode
RectInRegion
CreateCompatibleBitmap
GetTextExtentPoint32W
SetRectRgn
OffsetRgn
CreateRectRgnIndirect
SetTextColor
LineTo
SelectObject
MoveToEx
Rectangle
CreateSolidBrush
SetWindowOrgEx
CreateFontIndirectW

advapi32

GetTokenInformation
ControlService
StartServiceW
CloseServiceHandle
OpenServiceW
OpenSCManagerW
RegEnumKeyExW
RegDeleteValueW
RegQueryInfoKeyW
AdjustTokenPrivileges
RegDeleteKeyW
LookupPrivilegeValueW
OpenProcessToken
RegSetValueExW
RegCreateKeyExW
GetLengthSid
GetSidLengthRequired
RegQueryValueExW
InitializeSid
RegCloseKey
GetNamedSecurityInfoW
SetNamedSecurityInfoW
InitializeAcl
RegOpenKeyExW
GetAclInformation
AddAce
GetAce
GetSidSubAuthority
IsValidSid
CopySid
OpenThreadToken
ImpersonateSelf
SetThreadToken
RevertToSelf

shell32

Shell_NotifyIconW
ShellExecuteW
SHAppBarMessage
SHGetSpecialFolderPathW
SHGetFileInfoW

ole32

CoTaskMemRealloc
CreateStreamOnHGlobal
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
CoInitialize
CoCreateGuid
CoCreateInstance

oleaut32

VarUI4FromStr
SysFreeString
SysAllocStringLen

shlwapi

PathFindFileNameW
PathStripToRootW
StrCmpNW
StrCpyNW
StrCmpNIW
StrRChrW
PathIsDirectoryW
PathAppendW
PathRemoveFileSpecW
PathFileExistsW
StrToIntA
StrToIntW
SHSetValueW
StrStrIA
SHGetValueW
StrChrW

comctl32

InitCommonControlsEx
_TrackMouseEvent
ImageList_Destroy
ImageList_GetIconSize
ImageList_Draw
ImageList_AddMasked
ImageList_Create

msimg32

GradientFill

gdiplus

GdiplusShutdown
GdiplusStartup
GdipCreateFromHDC
GdipDeleteGraphics
GdipGetImageWidth
GdipCloneImage
GdipGetImageHeight
GdipLoadImageFromStream
GdipDrawImageRectI
GdipDrawImageRectRectI
GdipAlloc
GdipFree
GdipDisposeImage

userenv

UnloadUserProfile

wininet

HttpSendRequestW
HttpOpenRequestW
InternetConnectW
InternetSetOptionW
InternetOpenW
InternetCrackUrlW
InternetCloseHandle

iphlpapi

GetAdaptersInfo

psapi

EnumProcesses
GetModuleFileNameExW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

mpr

WNetGetResourceInformationW

Sections

.text
Size: 664KB - Virtual size: 662KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

04c41d70ec095ee049b25a78ede4ee1f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msimg32

gdiplus

userenv

wininet

iphlpapi

psapi

version

mpr

Sections

.text Size: 664KB - Virtual size: 662KB

.rdata Size: 104KB - Virtual size: 102KB

.data Size: 16KB - Virtual size: 28KB

.rsrc Size: 196KB - Virtual size: 196KB

.text
Size: 664KB - Virtual size: 662KB

.rdata
Size: 104KB - Virtual size: 102KB

.data
Size: 16KB - Virtual size: 28KB

.rsrc
Size: 196KB - Virtual size: 196KB