602f03d60ee40fe5d702494f8aa2d75d2cac25bcc51b5c588bfdcb7c61811de1

Sharing

Copy URL Twitter E-mail

General

Target

602f03d60ee40fe5d702494f8aa2d75d2cac25bcc51b5c588bfdcb7c61811de1
Size

466KB
MD5

a3a1ca5511f4c76e7ed2fbb39f4f28f3
SHA1

a1d293c1dc53ec301c78e8bdb8777347902cc437
SHA256

602f03d60ee40fe5d702494f8aa2d75d2cac25bcc51b5c588bfdcb7c61811de1
SHA512

ca15b4ff8b77b8d77dfc05b41ae14fb6fe496f8fc53f85f98b802df92f055e2ae37c3e24d7215d5e5db70ab87302f9df926466b1f136bc37fb408cf0cbc1776c
SSDEEP

12288:bZWNWQkBAfTpJ0gdpQumJohj9NLMTdRSjivZ4Ts33guC4kIFPaGR:bZWN5kgpAAHNoSGB4TA3gYxFPaGR

Score

N/A

Malware Config

Signatures

Files

602f03d60ee40fe5d702494f8aa2d75d2cac25bcc51b5c588bfdcb7c61811de1
.exe windows x86

7df99a804bedf845c6d82de061545846

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceExW
LeaveCriticalSection
EnterCriticalSection
FreeLibrary
GetProcAddress
LoadLibraryA
Sleep
GetCurrentProcessId
GetCurrentThreadId
SetUnhandledExceptionFilter
CreateProcessA
RaiseException
FlushInstructionCache
GetVersion
SetLastError
InitializeCriticalSection
FindResourceW
GlobalAlloc
InterlockedIncrement
GetFileAttributesA
FlushFileBuffers
FindResourceA
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
lstrlenW
lstrcmpiA
IsDBCSLeadByte
LoadLibraryExA
InterlockedPopEntrySList
VirtualAlloc
VirtualFree
InterlockedPushEntrySList
HeapSize
HeapReAlloc
HeapDestroy
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
HeapSetInformation
InterlockedCompareExchange
DecodePointer
EncodePointer
LoadResource
LockResource
SizeofResource
InterlockedExchange
LocalAlloc
LocalFree
InterlockedDecrement
GetEnvironmentVariableA
GetModuleHandleA
GetModuleFileNameA
ResumeThread
CreateDirectoryA
CopyFileA
DeleteFileA
FindFirstFileA
FindNextFileA
FindClose
GetCurrentDirectoryA
GetTempPathA
GetTempFileNameA
GetShortPathNameA
UnmapViewOfFile
GetLocalTime
SystemTimeToFileTime
GetCurrentProcess
DuplicateHandle
CreateFileMappingA
MapViewOfFile
GetFileType
GetFileInformationByHandle
SetFilePointer
FileTimeToDosDateTime
FileTimeToSystemTime
GetLastError
HeapAlloc
WriteFile
GetFileSize
WaitForSingleObject
GetProcessHeap
HeapFree
MultiByteToWideChar
WideCharToMultiByte
lstrcpyA
CreateFileA
ReadFile
CloseHandle
lstrlenA
lstrcatA
GlobalLock
lstrcpynA

user32

IsWindow
UnregisterClassA
wsprintfA
SetWindowPos
GetActiveWindow
CharNextA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
LoadImageA
CopyImage
LoadStringA
ReleaseCapture
EndPaint
BeginPaint
SetCapture
GetKeyState
SetWindowRgn
IsWindowEnabled
ClientToScreen
MoveWindow
OffsetRect
DrawIconEx
DrawFrameControl
GetDlgCtrlID
IsWindowVisible
EqualRect
ShowWindow
GetDlgItem
CopyRect
DrawTextA
SetCursor
InflateRect
SetRect
PtInRect
CallWindowProcA
CreateWindowExA
RegisterClassExA
DefWindowProcA
DestroyWindow
PostQuitMessage
LoadIconA
LoadCursorA
GetClassInfoExA
GetParent
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
GetWindowRect
KillTimer
SetTimer
InvalidateRect
GetWindowTextA
SendMessageA
GetWindowLongA
SetWindowLongA
GetClientRect
GetWindow
GetDesktopWindow
GetDC
ReleaseDC
SetFocus

gdi32

CreateBitmap
CreateCompatibleDC
DeleteDC
SelectObject
GetObjectA
DeleteObject
CreateDIBSection
BitBlt
CreateCompatibleBitmap
CreateRectRgnIndirect
Rectangle
CreateFontIndirectA
GetStockObject
SetBkColor
CreateSolidBrush
SetBkMode
SetTextColor
ExtTextOutA
RectInRegion
SelectClipRgn
RoundRect
CreatePen
CreateRectRgn
GetClipRgn
MoveToEx
LineTo
SaveDC
RestoreDC
TextOutA
GetTextExtentPoint32A
GetPixel
SetRectRgn
OffsetRgn
CombineRgn
StretchBlt

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegQueryInfoKeyW
RegQueryInfoKeyA
RegEnumKeyExA

shell32

ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetSpecialFolderPathA

ole32

CoTaskMemAlloc
CreateStreamOnHGlobal
CoInitializeEx
CoInitializeSecurity
CoUninitialize
CoTaskMemRealloc
CoTaskMemFree
CoCreateInstance

oleaut32

VariantClear
SysAllocString
SysFreeString
VariantInit
VariantCopy
VariantChangeType
SafeArrayGetElement
VarUI4FromStr
OleLoadPicture
SafeArrayDestroy
SafeArrayGetLBound
SafeArrayGetUBound

shlwapi

SHGetValueA
PathRemoveFileSpecA
StrToIntA
PathAddBackslashA
PathFindFileNameA
PathAppendA
PathFileExistsA

msvcp100

?_Xlength_error@std@@YAXPBD@Z
??1_Container_base12@std@@QAE@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?_BADOFF@std@@3_JB
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?_Ios_base_dtor@ios_base@std@@CAXPAV12@@Z
??_7ios_base@std@@6B@
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?_Xout_of_range@std@@YAXPBD@Z

msvcr100

sprintf_s
_purecall
_mbsnbcpy
_mbscmp
_mbsstr
_mbschr
_vscprintf
fwrite
_resetstkoflw
_recalloc
calloc
memmove_s
memcpy_s
free
malloc
atof
toupper
vsprintf_s
_vsnprintf_s
_beginthreadex
fgets
fopen
fseek
ftell
fread
fclose
fprintf
sscanf
memchr
strchr
_tzset
_stricmp
_mktime32
_snprintf
atoi
strncmp
strncpy
atol
??_V@YAXPAX@Z
strnlen
_mbsrchr
_mbsnbcpy_s
strpbrk
ferror
isspace
tolower
isalpha
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
?terminate@@YAXXZ
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
_ismbblead
exit
_acmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_commode
_fmode
__set_app_type
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_invoke_watson
_controlfp_s
isalnum
__CxxFrameHandler3
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??3@YAXPAX@Z
memcpy
memmove
memset
??2@YAPAXI@Z
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
sprintf

wininet

HttpSendRequestExA
HttpEndRequestA
HttpOpenRequestA
HttpAddRequestHeadersA
HttpSendRequestA
InternetOpenA
InternetConnectA
InternetAttemptConnect
InternetWriteFile
InternetReadFile
InternetCloseHandle
InternetSetCookieA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

gdiplus

GdipSetImageAttributesColorKeys
GdipCreateFromHDC
GdipDisposeImageAttributes
GdipDrawImageRectRectI
GdipCreateImageAttributes
GdipLoadImageFromStream
GdipCloneImage
GdiplusShutdown
GdiplusStartup
GdipDrawImageRectI
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree

comctl32

_TrackMouseEvent

Sections

.text
Size: 297KB - Virtual size: 296KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7df99a804bedf845c6d82de061545846

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

msvcp100

msvcr100

wininet

version

gdiplus

comctl32

Sections

.text Size: 297KB - Virtual size: 296KB

.rdata Size: 63KB - Virtual size: 63KB

.data Size: 4KB - Virtual size: 25KB

.rsrc Size: 100KB - Virtual size: 100KB

.text
Size: 297KB - Virtual size: 296KB

.rdata
Size: 63KB - Virtual size: 63KB

.data
Size: 4KB - Virtual size: 25KB

.rsrc
Size: 100KB - Virtual size: 100KB