6f99a58e52b35959ad29d9425590f5d9aea6c79b677c03f4a6088bc64e64e0a8

Sharing

Copy URL Twitter E-mail

General

Target

6f99a58e52b35959ad29d9425590f5d9aea6c79b677c03f4a6088bc64e64e0a8
Size

413KB
MD5

a27cb9d5654504f0ec0efa46c448bab0
SHA1

d798c3db3a7a9315157e921b8baea02e94e7b59f
SHA256

6f99a58e52b35959ad29d9425590f5d9aea6c79b677c03f4a6088bc64e64e0a8
SHA512

640424bcc1474eaf1ef156c773e5d03f02d89a0829da24b2aa36ccdf960404fdadc8bba411cfb0242a1349b9f250a680f007956e3b34a7662f0b60d46f5a4733
SSDEEP

6144:gLqFyLh70G0xFJ9X1KU1bMfczMfMVNLreKW2jjdyVXThvkV+iHKw:cqFyLh70GMFJ9xdMfWVNLTWAyXT8+CKw

Score

N/A

Malware Config

Signatures

Files

6f99a58e52b35959ad29d9425590f5d9aea6c79b677c03f4a6088bc64e64e0a8
.exe windows x86

42b932923865d089a4203b07f26d7ad3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
CheckMenuItem
RegisterWindowMessageW
SendDlgItemMessageA
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetMessageTime
GetMessagePos
MapWindowPoints
UpdateWindow
GetMenu
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
CallWindowProcW
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetTopWindow
GetClientRect
GetWindowRect
SetRect
CopyAcceleratorTableW
PtInRect
CharNextW
SetFocus
MoveWindow
GetDlgCtrlID
IsDialogMessageW
SendDlgItemMessageW
GetDlgItem
CharUpperW
SetWindowsHookExW
CallNextHookEx
GetActiveWindow
GetKeyState
GetWindowTextW
UnhookWindowsHookEx
IntersectRect
CopyRect
GetSysColor
InvalidateRgn
MessageBoxW
GetSystemMetrics
DrawStateW
InvalidateRect
SystemParametersInfoW
EndPaint
DrawTextW
BeginPaint
DestroyMenu
EndDialog
CreateDialogIndirectParamW
UnregisterClassA
ShowWindow
ValidateRect
DefWindowProcW
DestroyWindow
GetMessageW
SetWindowLongW
GrayStringW
DrawTextExW
TabbedTextOutW
PostQuitMessage
GetWindow
SetWindowContextHelpId
SendMessageW
GetLastActivePopup
IsWindowEnabled
EnableWindow
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
BringWindowToTop
LoadCursorW
RegisterClassExW
CreateWindowExW
GetNextDlgGroupItem
MessageBeep
UnregisterClassW
RegisterClipboardFormatW
PostThreadMessageW
GetDC
ReleaseDC
MapDialogRect
LoadIconW
LoadStringW
GetWindowDC
GetDesktopWindow
GetForegroundWindow
DispatchMessageW
TranslateMessage
LoadBitmapW
GetSysColorBrush
GetNextDlgTabItem
GetAsyncKeyState
DrawFocusRect
EqualRect
NotifyWinEvent
DestroyCursor
SetRectEmpty
RedrawWindow
GetParent
IsWindowVisible
SetWindowPos
SetParent
ClientToScreen
AppendMenuW
CreatePopupMenu
KillTimer
GetFocus
SetCapture
ReleaseCapture
SetCursor
ScreenToClient
GetCursorPos
ExitWindowsEx
OffsetRect
EnumChildWindows
FindWindowW
SetWindowTextW
GetWindowLongW
GetClassNameW
EnableMenuItem
GetSystemMenu
SetTimer
SetForegroundWindow
SetActiveWindow
GetWindowThreadProcessId
PostMessageW
IsWindow
IsRectEmpty
GetPriorityClipboardFormat
CreateMenu
PeekMessageW
DdeAbandonTransaction
WinHelpW
SetClassLongW
ShowWindowAsync
IsChild
DdeEnableCallback

shell32

ShellExecuteW
SHGetDesktopFolder
ShellExecuteExW
SHGetMalloc

advapi32

LookupPrivilegeValueW
QueryServiceStatus
OpenSCManagerW
RegDeleteValueW
RegDeleteKeyW
OpenThreadToken
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
ObjectCloseAuditAlarmA
RevertToSelf
RegQueryValueW
AdjustTokenPrivileges
RegEnumKeyExA
RegEnumKeyExW
RegQueryInfoKeyW
RegEnumValueW
RegEnumKeyW
FreeSid

gdi32

SetBitmapBits
GetBitmapBits
GetTextColor
SetTextColor
CreateRectRgn
EnumFontFamiliesW
DPtoLP
GetBkColor
LPtoDP
GetMapMode
GetCurrentObject
DeleteObject
SetDIBits
GetDIBits
CreateCompatibleBitmap
DeleteDC
Rectangle
GetDeviceCaps
GetStockObject
CreateFontIndirectW
GetTextMetricsW
GetTextExtentPoint32W
Ellipse
ExtTextOutW
BitBlt
SelectObject
CreateCompatibleDC
CreateSolidBrush
GetObjectW
GetPixel
CreateBitmap
Escape
GetClipBox
GetViewportExtEx
GetWindowExtEx
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
ExtSelectClipRgn
SetBkMode
SetMapMode
MoveToEx
TextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
GetRgnBox
SetBkColor
CreatePen
GetTextExtentExPointW
CreateDIBSection

comctl32

ImageList_DrawIndirect
GetMUILanguage
CreateStatusWindowW
CreatePropertySheetPageA
ImageList_SetDragCursorImage
ImageList_SetIconSize
InitMUILanguage
ImageList_LoadImageW
ImageList_EndDrag
PropertySheetW

shlwapi

PathIsRootW
PathIsUNCW
PathAppendW
PathFindFileNameW
PathFileExistsW
PathStripToRootW
PathFindExtensionW
PathAddBackslashW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

kernel32

OutputDebugStringA
GetSystemDirectoryW
GetModuleHandleW
GlobalDeleteAtom
LoadLibraryA
GlobalAddAtomW
GetUserDefaultLCID
LoadLibraryExW
GetModuleFileNameW
GetTimeZoneInformation
GetLocaleInfoW
GetPrivateProfileStringW
lstrcmpA
GetModuleHandleA
DuplicateHandle
OpenProcess
VirtualAlloc
GetCurrentThreadId
ExpandEnvironmentStringsW
GetVersionExW
FreeResource
LocalFree
GetVersion
SetErrorMode
FindFirstFileA
WritePrivateProfileSectionW
GetPrivateProfileSectionW
GetWindowsDirectoryW
MoveFileExW
FindResourceExW
GetProcAddress
GetCompressedFileSizeA
LoadLibraryW
DeleteCriticalSection
LeaveCriticalSection
lstrcmpW
EnterCriticalSection
FileTimeToLocalFileTime
GetSystemTimeAsFileTime
GetSystemInfo
SetFileTime
CloseHandle
GetFileTime
FlushFileBuffers
GetShortPathNameW
GetTempFileNameW
GetTempPathW
MoveFileW
DeleteFileW
GetFileSize
SetFilePointer
SetEndOfFile
WriteFile
FindNextFileA
SetEnvironmentVariableA
ReadConsoleW
WriteConsoleW
SetStdHandle
OutputDebugStringW
GetConsoleMode
GetConsoleCP
EnumSystemLocalesW
IsValidLocale
QueryInformationJobObject
GetPrivateProfileStringA
GetDiskFreeSpaceW
GetMailslotInfo
IsBadStringPtrA
SetCriticalSectionSpinCount
GetAtomNameW
ReadConsoleOutputCharacterA
GetConsoleWindow
SetThreadContext
SetFileApisToOEM
EnumCalendarInfoW
SearchPathA
GlobalFix
GetProfileIntW
ReplaceFileA
HeapQueryInformation
GetCurrentActCtx
CommConfigDialogA
AttachConsole
CreateActCtxW
CreateThread
SetCurrentDirectoryW
GetSystemDefaultLangID
ReleaseMutex
SetFilePointerEx
EndUpdateResourceW
UpdateResourceW
BeginUpdateResourceW
CreateFileW
CopyFileW
GetDiskFreeSpaceExW
GetCurrentDirectoryW
GetEnvironmentVariableW
GetSystemDefaultLCID
CreateEventW
GetDriveTypeW
GetExitCodeThread
CompareStringA
EnumResourceLanguagesW
ConvertDefaultLocale
FormatMessageA
GetLogicalDriveStringsW
DeleteFileA
MoveFileA
CreateProcessA
GetFileAttributesA
CreatePipe
GetDriveTypeA
GetCurrentDirectoryA
CreateFileA
SetEnvironmentVariableW
GetConsoleOutputCP
WriteConsoleA
EnumSystemLocalesA
GetStringTypeA
GetDateFormatA
GetTimeFormatA
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
SetHandleCount
GetCommandLineA
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
LCMapStringA
IsDebuggerPresent
GetLocaleInfoA
GetVersionExA
CommConfigDialogW
GetFullPathNameA
IsWow64Process
SetFileApisToANSI
GetConsoleProcessList
ReadConsoleInputA
OpenJobObjectW
SetFileAttributesW
AddVectoredExceptionHandler
EnumDateFormatsW
BackupRead
EndUpdateResourceA
GetLargestConsoleWindowSize
CreateJobObjectA
ReadConsoleInputW
ExitThread
InterlockedIncrement
InterlockedDecrement
FreeLibrary
LCMapStringW
GetTimeFormatW
GetStringTypeW
GetCPInfo
GetOEMCP
IsValidCodePage
TerminateProcess
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
UnhandledExceptionFilter
LocalAlloc
DeviceIoControl
GetSystemDefaultUILanguage
GetProfileSectionW
WaitForSingleObject
WriteConsoleInputW
GetDateFormatW
HeapReAlloc
RaiseException
ExitProcess
RtlUnwind
IsProcessorFeaturePresent
GetACP
GetModuleHandleExW
HeapSize
VirtualProtect
VirtualQuery
GetStdHandle
GetProcessHeap
FormatMessageW
HeapAlloc
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
MulDiv
GetFileType
GetStartupInfoW
QueryPerformanceCounter
GetEnvironmentStringsW
HeapFree
GetCommandLineW
GetFileAttributesExW
GetUserDefaultUILanguage
CompareStringW
GlobalFlags
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetThreadLocale
UnlockFile
LockFile
GetVolumeInformationW
GlobalFindAtomW
SwitchToThread
GetTickCount
GetCurrentProcessId
GetPrivateProfileIntW
WritePrivateProfileStringW
SizeofResource
LockResource
LoadResource
FindResourceW
GetExitCodeProcess
GetCurrentProcess
CreateMutexW
TerminateThread
Sleep
MultiByteToWideChar
WideCharToMultiByte
SetLastError
GetFileAttributesW
GetFullPathNameW
lstrlenW
lstrcpynW
GetLastError
lstrlenA
InitializeCriticalSection
GetCurrentThread
DosDateTimeToFileTime
LocalFileTimeToFileTime
FileTimeToSystemTime
FindFirstFileW
FindNextFileW
FindClose
RemoveDirectoryW
CreateDirectoryW
SetEvent
ResetEvent
WaitForMultipleObjects
ReadFile
FreeEnvironmentStringsW

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 270KB - Virtual size: 270KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

42b932923865d089a4203b07f26d7ad3

Headers

DLL Characteristics

File Characteristics

Imports

user32

shell32

advapi32

gdi32

comctl32

shlwapi

winspool.drv

kernel32

Sections

.text Size: 88KB - Virtual size: 88KB

.rdata Size: 28KB - Virtual size: 28KB

.data Size: 25KB - Virtual size: 206KB

.rsrc Size: 270KB - Virtual size: 270KB

.text
Size: 88KB - Virtual size: 88KB

.rdata
Size: 28KB - Virtual size: 28KB

.data
Size: 25KB - Virtual size: 206KB

.rsrc
Size: 270KB - Virtual size: 270KB