01852635c67e9072196b1a97998f271ed3394d4fd2206b9441c626876ead1948

Sharing

Copy URL

Twitter E-mail

General

Target

01852635c67e9072196b1a97998f271ed3394d4fd2206b9441c626876ead1948
Size

730KB
MD5

9283b66561bd7cf16425dedfdd1c1d41
SHA1

7468e16f77882fc59e9b0ecb9752ea7fee7c61b7
SHA256

01852635c67e9072196b1a97998f271ed3394d4fd2206b9441c626876ead1948
SHA512

4d370d757739f24b868730919e4ef4c7c26cd1c35e249036435bca75e08cbd4fca811fac29131ec1552b589f0a82dea4002f711494746e0638588ec2ec6308f1
SSDEEP

6144:BvdiiKiZ/QAKVfiROzkViZwc0W/1vNuMqTp/CelAaWjSZ/nnnKCXP7l:p7wVfiRuqPW/dgMqIHdjSFnnKCXJ

Score

N/A

Malware Config

Signatures

Files

01852635c67e9072196b1a97998f271ed3394d4fd2206b9441c626876ead1948
.exe windows x86

54ded26847b44fc578cc7795ea8e3108

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

__WSAFDIsSet
recv
send
socket
connect
closesocket
bind
select
accept
htons
sendto
recvfrom
ntohs
WSAGetLastError
ioctlsocket
WSACleanup
inet_addr
gethostbyname
WSAStartup
gethostname
listen

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

winmm

waveOutSetVolume
timeGetTime
mciSendStringA

comctl32

ImageList_Remove
ImageList_Destroy
ImageList_EndDrag
ImageList_DragLeave
ImageList_DragMove
ImageList_DragEnter
ImageList_BeginDrag
ImageList_SetDragCursorImage
ImageList_ReplaceIcon
ImageList_Create
InitCommonControlsEx

mpr

WNetUseConnectionA
WNetGetConnectionA
WNetAddConnection2A
WNetCancelConnection2A

kernel32

GetCurrentThreadId
UnmapViewOfFile
OpenProcess
CreateFileMappingA
MapViewOfFile
WriteProcessMemory
ReadProcessMemory
TerminateProcess
WaitForSingleObject
SetFileTime
GetFileAttributesA
FindFirstFileA
FindClose
MultiByteToWideChar
DeleteFileA
FindNextFileA
MoveFileA
CopyFileA
GetLastError
CreateDirectoryA
RemoveDirectoryA
SetSystemPowerState
QueryPerformanceFrequency
FindResourceA
LoadResource
LockResource
SizeofResource
EnumResourceNamesA
GetLocalTime
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
lstrcmpiA
FormatMessageA
GetExitCodeProcess
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileSectionA
GetPrivateProfileSectionNamesA
SetFilePointer
FileTimeToLocalFileTime
FileTimeToSystemTime
SystemTimeToFileTime
QueryPerformanceCounter
GetDriveTypeA
SetErrorMode
GetDiskFreeSpaceA
GetVolumeInformationA
SetVolumeLabelA
DeviceIoControl
SetFileAttributesA
GetShortPathNameA
WritePrivateProfileSectionA
GetEnvironmentVariableA
SetEnvironmentVariableA
GlobalMemoryStatus
Beep
GetComputerNameA
GetWindowsDirectoryA
GetSystemDirectoryA
GetTempPathA
GetCurrentProcessId
CreatePipe
DuplicateHandle
GetStdHandle
WriteFile
GetFileType
PeekNamedPipe
SetLastError
GetTempFileNameA
HeapFree
HeapAlloc
EnterCriticalSection
LeaveCriticalSection
GetStartupInfoA
GetCommandLineA
DeleteCriticalSection
HeapReAlloc
HeapSize
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
LCMapStringA
LCMapStringW
GetACP
GetOEMCP
GetSystemInfo
GetCurrentProcess
GetModuleHandleA
GetVersionExA
GlobalFree
GlobalUnlock
ReadFile
GlobalLock
GlobalAlloc
GetFileSize
CreateFileA
FreeLibrary
GetProcAddress
LoadLibraryA
CloseHandle
CreateProcessA
Sleep
GetModuleFileNameA
GetFullPathNameA
GetCPInfo
UnhandledExceptionFilter
SetHandleCount
SetCurrentDirectoryA
GetCurrentDirectoryA
GetSystemTimeAsFileTime
ExitProcess
GetTimeZoneInformation
ExitThread
CreateThread
SetStdHandle
FlushFileBuffers
FreeEnvironmentStringsA
GetEnvironmentStrings
ResumeThread
FreeEnvironmentStringsW
GetEnvironmentStringsW
InitializeCriticalSection
RtlUnwind
InterlockedExchange
VirtualQuery
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
VirtualProtect
GetTickCount
RaiseException
SetEndOfFile
CompareStringA
CompareStringW
SetUnhandledExceptionFilter
IsBadReadPtr
LocalFileTimeToFileTime
IsBadCodePtr

user32

CharLowerBuffA
IsClipboardFormatAvailable
OpenClipboard
GetClipboardData
CloseClipboard
CountClipboardFormats
EmptyClipboard
SetClipboardData
GetCursor
RegisterHotKey
SetActiveWindow
IsWindowEnabled
GetMenuStringA
GetSubMenu
GetCaretPos
IsZoomed
FlashWindow
EndDialog
SendDlgItemMessageA
GetDlgItem
IsWindow
GetMenu
CopyRect
EndPaint
BeginPaint
InsertMenuItemA
CopyImage
SetMenuDefaultItem
SetMenu
CreateMenu
DeleteMenu
DestroyMenu
DrawMenuBar
SetMenuItemInfoA
GetDesktopWindow
SetWindowPos
GetMessageA
RedrawWindow
wsprintfA
CharNextA
IsMenu
GetWindowTextA
GetDlgCtrlID
EnumChildWindows
GetActiveWindow
LockWindowUpdate
EnableWindow
LoadStringA
IsCharAlphaA
SetClassLongA
AdjustWindowRectEx
SetRect
SystemParametersInfoA
GetSystemMetrics
ReleaseDC
GetDC
GetSysColor
SetCursor
GetFocus
GetForegroundWindow
MessageBeep
PtInRect
CheckMenuRadioItem
GetMenuItemID
GetMenuItemCount
GetMenuItemInfoA
PostMessageA
SetWindowTextA
ReleaseCapture
SetCapture
ClientToScreen
GetParent
GetWindowLongA
GetKeyState
SendMessageA
WindowFromPoint
DispatchMessageA
TranslateMessage
PeekMessageA
UnregisterHotKey
CreateIconFromResourceEx
mouse_event
ExitWindowsEx
EnumWindows
EnumThreadWindows
SendMessageTimeoutA
SetWindowLongA
CharUpperA
GetClientRect
TrackPopupMenuEx
GetCursorPos
DefDlgProcA
IsDialogMessageA
GetClassNameA
InvalidateRect
ScreenToClient
GetWindowRect
DefWindowProcA
MoveWindow
SetFocus
PostQuitMessage
KillTimer
CreatePopupMenu
RegisterWindowMessageA
SetTimer
ShowWindow
CreateWindowExA
RegisterClassExA
LoadIconA
LoadCursorA
CreateIcon
SetForegroundWindow
IsIconic
FindWindowA
GetAsyncKeyState
SetKeyboardState
GetKeyboardState
keybd_event
AttachThreadInput
GetWindowThreadProcessId
VkKeyScanA
GetKeyboardLayoutNameA
MapVirtualKeyA
MessageBoxA
LoadImageA
IsCharAlphaNumericA
GetSysColorBrush
DestroyIcon
IsCharLowerA
IsCharUpperA
CharUpperBuffA
DestroyWindow
DialogBoxParamA
IsWindowVisible

gdi32

PolyBezierTo
ExtCreatePen
StrokeAndFillPath
StrokePath
EndPath
SetPixel
CloseFigure
LineTo
GetTextExtentPoint32A
CreateDIBSection
BitBlt
GetDIBits
CreateDCA
GetTextFaceA
AngleArc
MoveToEx
Ellipse
PolyDraw
BeginPath
Rectangle
SetViewportOrgEx
GetObjectA
DeleteDC
CreateCompatibleDC
SelectObject
CreateFontA
GetDeviceCaps
GetStockObject
SetBkMode
SetTextColor
GetPixel
CreateSolidBrush
DeleteObject
SetBkColor

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

RegEnumValueA
RegDeleteValueA
RegDeleteKeyA
RegSetValueExA
RegCreateKeyExA
GetUserNameA
RegConnectRegistryA
RegEnumKeyExA
CloseServiceHandle
UnlockServiceDatabase
LockServiceDatabase
OpenSCManagerA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegQueryValueExA
RegOpenKeyExA

shell32

SHFileOperationA
SHGetPathFromIDListA
SHGetDesktopFolder
SHGetMalloc
Shell_NotifyIconA
ExtractIconExA
ExtractIconA
DragFinish
DragQueryFileA
DragQueryPoint
SHBrowseForFolderA

ole32

CreateStreamOnHGlobal
OleSetMenuDescriptor
MkParseDisplayName
OleSetContainedObject
CoInitialize
CoUninitialize
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
IIDFromString
StringFromIID
CLSIDFromString
OleInitialize
OleUninitialize
CreateBindCtx
CLSIDFromProgID
CoInitializeSecurity
CoCreateInstanceEx
CoSetProxyBlanket
StringFromCLSID

oleaut32

LoadRegTypeLi
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayAllocData
SafeArrayAllocDescriptorEx
SysAllocString
SafeArrayUnaccessData
SafeArrayAccessData
VarR4FromDec
VariantTimeToSystemTime
VariantClear
VariantCopy
VariantInit
OleLoadPicture
GetActiveObject

Sections

.text
Size: 313KB - Virtual size: 312KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

XOR
Size: 279KB - Virtual size: 280KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

54ded26847b44fc578cc7795ea8e3108

Headers

DLL Characteristics

File Characteristics

Imports

wsock32

version

winmm

comctl32

mpr

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 313KB - Virtual size: 312KB

.rdata Size: 36KB - Virtual size: 36KB

.data Size: 9KB - Virtual size: 85KB

.rsrc Size: 87KB - Virtual size: 86KB

XOR Size: 279KB - Virtual size: 280KB

.text
Size: 313KB - Virtual size: 312KB

.rdata
Size: 36KB - Virtual size: 36KB

.data
Size: 9KB - Virtual size: 85KB

.rsrc
Size: 87KB - Virtual size: 86KB

XOR
Size: 279KB - Virtual size: 280KB