64f243d345534ea883c107f851fba9ad334e321571d3f7bf9f70bb9dd9c337b3

Sharing

Copy URL

Twitter E-mail

General

Target

64f243d345534ea883c107f851fba9ad334e321571d3f7bf9f70bb9dd9c337b3
Size

817KB
MD5

9284ab6eb2967ed660fa6092fe01a6c0
SHA1

3f026cb82c1702032146a785a0443a65d2245af0
SHA256

64f243d345534ea883c107f851fba9ad334e321571d3f7bf9f70bb9dd9c337b3
SHA512

64fd142f53c30681a7569d6f202699a19d276aa3701ea49b9955f21848ca1d49fe4d2bf687ffe0d9c22d1ebfc681cab1b1a80f289bc1b9ecf5bd4bdcfdd06240
SSDEEP

24576:WBNOCM/PIAkr+TT6Wfddi5Vr+HPo2KfJfM5zES77j:WqIQKv2

Score

N/A

Malware Config

Signatures

Files

64f243d345534ea883c107f851fba9ad334e321571d3f7bf9f70bb9dd9c337b3
.exe windows x86

d69f67e3b18b95a32946de0edac1ffe8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
CloseHandle
lstrcmpiA
CreateToolhelp32Snapshot
Process32Next
OpenProcess
GetCurrentThreadId
CreateMutexA
CopyFileA
ReleaseMutex
GetSystemInfo
WaitForSingleObject
LocalSize
LocalFree
LocalAlloc
GetProcessHeap
HeapAlloc
HeapFree
GetModuleFileNameA
CreateFileW
MultiByteToWideChar
GetTickCount
ExitThread
GetCurrentProcess
GetVersionExA
lstrcatA
MoveFileA
WriteFile
SetFilePointer
ReadFile
CreateFileA
LocalReAlloc
FindNextFileA
GetLogicalDriveStringsA
GetVolumeInformationA
GetDiskFreeSpaceExA
GetDriveTypeA
lstrlenA
GetFileAttributesA
CreateDirectoryA
GetLastError
DeleteFileA
OutputDebugStringA
lstrcpyA
Sleep
CancelIo
InterlockedExchange
ResetEvent
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
VirtualFree
DeleteCriticalSection
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetStdHandle
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
IsBadWritePtr
HeapCreate
HeapDestroy
GetEnvironmentVariableA
SetUnhandledExceptionFilter
GetACP
HeapSize
GetCommandLineA
GetStartupInfoA
HeapReAlloc
TerminateProcess
ExitProcess
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RaiseException
RtlUnwind
CreateThread
SetEvent
LoadLibraryA
GetProcAddress
CreateEventA
InterlockedIncrement
InterlockedDecrement
SetLastError
lstrcpynA
InitializeCriticalSection
TlsAlloc
GlobalFree
GlobalUnlock
GlobalHandle
GlobalLock
GlobalReAlloc
GlobalAlloc
TlsSetValue
TlsGetValue
GetVersion
GetModuleHandleA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
FreeLibrary
GetProcessVersion
lstrcmpA
GlobalFlags
GetCPInfo
GetOEMCP
FlushFileBuffers

user32

GetWindowTextA
ExitWindowsEx
GetForegroundWindow
GetAsyncKeyState
GetKeyState
LoadCursorA
DestroyCursor
BlockInput
SendMessageA
SystemParametersInfoA
keybd_event
MapVirtualKeyA
mouse_event
SetCapture
WindowFromPoint
SetCursorPos
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetClipboardData
GetSystemMetrics
SetRect
GetDC
GetDesktopWindow
ReleaseDC
GetCursorPos
GetCursorInfo
SetProcessWindowStation
OpenWindowStationA
GetProcessWindowStation
PostThreadMessageA
GetInputState
GetWindowThreadProcessId
IsWindowVisible
EnumWindows
CloseDesktop
SetThreadDesktop
OpenInputDesktop
GetUserObjectInformationA
GetThreadDesktop
OpenDesktopA
PostMessageA
CreateWindowExA
CloseWindow
IsWindow
ShowWindow
LoadStringA
EnableWindow
MessageBoxA
GetWindowLongA
IsWindowEnabled
GetLastActivePopup
GetParent
UnhookWindowsHookEx
SetWindowsHookExA
PeekMessageA
CallNextHookEx
GetNextDlgTabItem
GetFocus
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
GetWindowRect
GetWindowPlacement
IsIconic
wsprintfA
RegisterWindowMessageA
SetWindowPos
SetWindowLongA
GetWindow
SetForegroundWindow
GetMessagePos
GetMessageTime
DefWindowProcA
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
DestroyWindow
GetDlgCtrlID
GetDlgItem
GetMenuItemID
GetSubMenu
GetMenuItemCount
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
LoadIconA
SetWindowTextA
GetSysColorBrush
GetClassNameA
PtInRect
ClientToScreen
PostQuitMessage
DestroyMenu
TabbedTextOutA
DrawTextA
GrayStringA
CharNextA
GetMessageA
GetClientRect
TranslateMessage
DispatchMessageA

gdi32

GetDeviceCaps
CreateBitmap
SetTextColor
SetBkColor
GetObjectA
GetClipBox
SaveDC
CreateCompatibleBitmap
GetDIBits
BitBlt
DeleteDC
DeleteObject
CreateCompatibleDC
CreateDIBSection
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
GetStockObject
RestoreDC
SelectObject

advapi32

RegQueryValueExA
RegCreateKeyExA
RegCloseKey
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
CloseServiceHandle
ControlService
QueryServiceStatus
OpenServiceA
OpenSCManagerA
RegQueryValueA
RegOpenKeyExA
CloseEventLog
GetTokenInformation
LookupAccountSidA
GetUserNameA
RegOpenKeyA
RegSaveKeyA
RegRestoreKeyA
RegEnumValueA
RegQueryInfoKeyA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegEnumKeyExA
AllocateAndInitializeSid
GetLengthSid
InitializeAcl
AddAccessAllowedAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegSetKeySecurity
FreeSid
OpenEventLogA
ClearEventLogA

shell32

SHGetFileInfoA
SHCreateDirectoryExA

ole32

CoCreateInstance
CoTaskMemFree
CoInitialize

oleaut32

SysFreeString

winmm

waveOutUnprepareHeader
waveOutReset
waveInClose
waveInUnprepareHeader
waveInReset
waveInStop
waveOutWrite
waveOutClose
waveInAddBuffer
waveInPrepareHeader
waveInOpen
waveInGetNumDevs
waveOutPrepareHeader
waveOutOpen
waveOutGetNumDevs
waveInStart

ws2_32

connect
gethostbyname
socket
recv
select
setsockopt
send
inet_ntoa
inet_addr
ntohs
getsockname
bind
getpeername
accept
listen
sendto
recvfrom
__WSAFDIsSet
htonl
WSASocketA
WSAGetLastError
gethostname
WSAIoctl
WSACleanup
WSAStartup
htons
closesocket

comctl32

ord17

netapi32

NetUserAdd
NetLocalGroupAddMembers

wininet

InternetOpenA
InternetCloseHandle
InternetReadFile
InternetOpenUrlA

avicap32

capGetDriverDescriptionA
capCreateCaptureWindowA

psapi

EnumProcessModules
GetModuleFileNameExA

wtsapi32

WTSQuerySessionInformationA
WTSFreeMemory

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

Sections

.text
Size: 605KB - Virtual size: 604KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rodata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 516KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d69f67e3b18b95a32946de0edac1ffe8

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

winmm

ws2_32

comctl32

netapi32

wininet

avicap32

psapi

wtsapi32

winspool.drv

Sections

.text Size: 605KB - Virtual size: 604KB

.rodata Size: 11KB - Virtual size: 10KB

.rdata Size: 54KB - Virtual size: 54KB

.data Size: 37KB - Virtual size: 516KB

.rsrc Size: 108KB - Virtual size: 112KB

.text
Size: 605KB - Virtual size: 604KB

.rodata
Size: 11KB - Virtual size: 10KB

.rdata
Size: 54KB - Virtual size: 54KB

.data
Size: 37KB - Virtual size: 516KB

.rsrc
Size: 108KB - Virtual size: 112KB