da5aeb92b6422a4fce030e5c9339feb4d59030666a65523fc7f1c91f2c017145

Sharing

Copy URL Twitter E-mail

General

Target

da5aeb92b6422a4fce030e5c9339feb4d59030666a65523fc7f1c91f2c017145
Size

378KB
MD5

52d9cc5aab424c60b50d388d2e8b75f0
SHA1

8ade0eed66a2ccbdd82432abfb22c77e1a2e54c1
SHA256

da5aeb92b6422a4fce030e5c9339feb4d59030666a65523fc7f1c91f2c017145
SHA512

9b0d7815ce45956d29c030bd466a25da1342febc15ffa4a3925f3a3041ce56048e402927badde24ded9445a07307c4656778b184a03a9c94fa6a80d82470c534
SSDEEP

6144:5ouUG1GYyDMxvrHvdgWc1zQfDtZAD6V+5HEPFIAovDpXbjaq/cw/94DVDPZ:5ovmGYoyvrAQfAD6VOEPFFCprt/R9+VV

Score

N/A

Malware Config

Signatures

Files

da5aeb92b6422a4fce030e5c9339feb4d59030666a65523fc7f1c91f2c017145
.exe windows x86

4e2666088687c235c86fdf7d18dd6acb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
HeapReAlloc
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
IsBadWritePtr
SetUnhandledExceptionFilter
GetTimeZoneInformation
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadCodePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
HeapFree
TerminateProcess
ExitProcess
RtlUnwind
GetStartupInfoW
GetTickCount
GetFileTime
GetFileAttributesW
FileTimeToLocalFileTime
SetErrorMode
FileTimeToSystemTime
CreateFileW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GlobalFlags
InterlockedIncrement
lstrcmpiW
WritePrivateProfileStringW
InterlockedDecrement
GlobalFindAtomW
lstrlenA
GetModuleHandleA
LoadLibraryA
lstrcatW
GetVersionExA
GetLastError
SetLastError
MulDiv
FormatMessageW
lstrcpynW
LocalFree
GlobalFree
GlobalAddAtomW
lstrlenW
GetCurrentThread
GetCurrentThreadId
lstrcmpW
FreeLibrary
GlobalDeleteAtom
WideCharToMultiByte
GetModuleFileNameW
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
lstrcpyW
LoadLibraryW
GetLocaleInfoW
GlobalAlloc
GlobalLock
GlobalUnlock
FreeResource
MultiByteToWideChar
LoadResource
LockResource
SizeofResource
FindResourceW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExW
GetModuleHandleW
GetProcAddress
OpenProcess
VirtualAllocEx
WriteProcessMemory
ReadProcessMemory
VirtualFreeEx
GetCurrentProcessId
CloseHandle

user32

PostThreadMessageW
DestroyMenu
MessageBeep
GetNextDlgTabItem
GetNextDlgGroupItem
InvalidateRgn
InvalidateRect
CopyAcceleratorTableW
SetRect
IsRectEmpty
CharNextW
CharUpperW
GetSysColorBrush
EndPaint
BeginPaint
GetWindowDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
wsprintfW
GetDesktopWindow
ReleaseCapture
LoadCursorW
SetCapture
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
RegisterWindowMessageW
WinHelpW
GetCapture
CreateWindowExW
GetClassInfoExW
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SendDlgItemMessageW
SetFocus
IsChild
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
LoadIconW
MapWindowPoints
MessageBoxW
SetForegroundWindow
UpdateWindow
GetClientRect
GetMenu
GetSysColor
AdjustWindowRectEx
EqualRect
GetClassInfoW
RegisterClassW
UnregisterClassW
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetWindowLongW
SetWindowLongW
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
CopyRect
GetMenuItemID
GetMenuItemCount
GetSubMenu
SetWindowContextHelpId
MapDialogRect
RegisterClipboardFormatW
CreateDialogIndirectParamW
SetWindowPos
GetDlgItem
SetMenuItemBitmaps
GetFocus
GetParent
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapW
SetWindowsHookExW
CallNextHookEx
EndDialog
SendDlgItemMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
SetCursor
PostQuitMessage
EnableWindow
PostMessageW
PtInRect
GetDC
UpdateLayeredWindow
ReleaseDC
GetWindowThreadProcessId
SendMessageW
FindWindowW
FindWindowExW
GetWindow
ClientToScreen
OffsetRect
IsWindow
GetMessageW
TranslateMessage
DispatchMessageW
SetActiveWindow

gdi32

GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
GetMapMode
PtVisible
GetWindowExtEx
GetViewportExtEx
GetStockObject
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
DeleteDC
SetMapMode
RestoreDC
SaveDC
GetObjectW
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
CreateBitmap
CreateCompatibleDC
CreateDIBSection
SelectObject
DeleteObject
RectVisible

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegQueryValueExW
RegOpenKeyExW
RegDeleteKeyW
RegEnumKeyW
RegOpenKeyW
RegQueryValueW
RegCreateKeyExW
RegSetValueExW
RegCloseKey

comctl32

InitCommonControlsEx
ord17

shlwapi

PathFindFileNameW
PathStripToRootW
PathFindExtensionW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CoTaskMemFree
CLSIDFromProgID
CoInitialize
CoCreateInstance
CreateStreamOnHGlobal
CoTaskMemAlloc
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
CLSIDFromString
OleUninitialize

oleaut32

VariantCopy
SysAllocString
SafeArrayDestroy
SystemTimeToVariantTime
OleCreateFontIndirect
VariantInit
VariantChangeType
VariantClear
SysStringLen
SysAllocStringLen
SysFreeString

gdiplus

GdipDrawImageRectRect
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipFree
GdipAlloc
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipDeleteGraphics
GdipCloneImage
GdipDisposeImage

Sections

.text
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4e2666088687c235c86fdf7d18dd6acb

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

Sections

.text Size: 156KB - Virtual size: 155KB

.rdata Size: 44KB - Virtual size: 41KB

.data Size: 8KB - Virtual size: 23KB

.rsrc Size: 160KB - Virtual size: 160KB

.text
Size: 156KB - Virtual size: 155KB

.rdata
Size: 44KB - Virtual size: 41KB

.data
Size: 8KB - Virtual size: 23KB

.rsrc
Size: 160KB - Virtual size: 160KB