b17506390458c445dd86daa37fe81a020aed876f5fd33b96dfe6344ec78e696d

Sharing

Copy URL Twitter E-mail

General

Target

b17506390458c445dd86daa37fe81a020aed876f5fd33b96dfe6344ec78e696d
Size

440KB
MD5

93dc966438c9f4cf552e42fd6b5ea1b0
SHA1

b7005950dde5341480f2d9e6a8552dc23a698120
SHA256

b17506390458c445dd86daa37fe81a020aed876f5fd33b96dfe6344ec78e696d
SHA512

773761410a258227e21d34c79744d9f3c6c8bfb69d0dedb0746c703438741084ecd5b082f55e2cca5c18e056c4ac48ac388c38d0e5400e2721dd0e37665f70f9
SSDEEP

12288:s9Oh46HWoTvMnLWojPdAfgl+EIh1bgBvL24SF7:s9OhtLMnLDO4bnvL2bZ

Score

N/A

Malware Config

Signatures

Files

b17506390458c445dd86daa37fe81a020aed876f5fd33b96dfe6344ec78e696d
.dll windows x86

cb72c252495e9bb005a16cf9200385ca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteW
SHGetSpecialFolderPathW
SHGetFileInfoA
ExtractIconA

ole32

CoTreatAsClass
CoTaskMemRealloc
CreateBindCtx
CreateStreamOnHGlobal
OleDuplicateData
CoTaskMemFree
ReadClassStg
ReadFmtUserTypeStg
ReleaseStgMedium
SetConvertStg
StringFromCLSID
StringFromGUID2
WriteClassStg
WriteFmtUserTypeStg
CoTaskMemAlloc
CoCreateInstance
CoDisconnectObject
OleRegGetUserType
CLSIDFromString

comdlg32

GetFileTitleA
ChooseFontW

oleaut32

SysStringByteLen
SysStringLen
SystemTimeToVariantTime
VarBstrFromCy
VarBstrFromDate
VarBstrFromDec
VarCyFromStr
VarDateFromStr
VarDecCmp
VarDecFromStr
VarI4FromStr
VarR8FromStr
VarUI4FromStr
VariantChangeType
VariantClear
VariantCopy
VariantInit
VariantTimeToSystemTime
SysFreeString
SafeArrayAccessData
SysAllocStringLen
SysAllocStringByteLen
SafeArrayUnlock
SafeArrayUnaccessData
SafeArrayRedim
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayLock
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetElement
SafeArrayGetDim
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayCreate
SafeArrayCopy
SafeArrayAllocDescriptor
SafeArrayAllocData
SysReAllocStringLen

kernel32

GetDriveTypeA
GetEnvironmentStringsA
GetEnvironmentStringsW
GetEnvironmentVariableA
GetEnvironmentVariableW
GetExitCodeProcess
GetFileAttributesA
GetFileAttributesExW
GetFileAttributesW
GetFileSize
GetFileTime
GetFileType
GetFullPathNameA
GetLastError
GetLocaleInfoA
GetLocaleInfoW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetNumberFormatW
GetOEMCP
GetPrivateProfileIntA
GetPrivateProfileStringA
GetProcAddress
GetProcessHeap
GetProcessPriorityBoost
GetShortPathNameA
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeExA
GetStringTypeExW
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
GetTempPathW
GetThreadLocale
GetTickCount
GetTimeFormatA
GetTimeZoneInformation
GetUserDefaultLCID
GetVersion
GetVersionExA
GetVersionExW
GetVolumeInformationA
GetVolumeInformationW
GlobalAddAtomA
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomA
GlobalFlags
GlobalFree
GlobalGetAtomNameA
GlobalHandle
GlobalLock
GlobalReAlloc
GlobalSize
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalFileTimeToFileTime
LocalFree
LocalReAlloc
LockFile
LockResource
MapViewOfFileEx
MoveFileA
MoveFileExA
MulDiv
MultiByteToWideChar
OpenMutexA
OpenProcess
QueryPerformanceCounter
RaiseException
ReadFile
ResumeThread
RtlUnwind
SetCurrentDirectoryA
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetFileAttributesA
SetFilePointer
SetFileTime
SetHandleCount
SetLastError
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
SuspendThread
SystemTimeToFileTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnlockFile
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
WritePrivateProfileStringA
lstrcmpA
lstrcmpW
lstrcmpiA
lstrcmpiW
lstrlenA
lstrlenW
GetDateFormatA
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetCurrentDirectoryW
GetCurrentDirectoryA
GetConsoleOutputCP
GetConsoleMode
GetConsoleCP
GetCommandLineW
GetCommandLineA
GetCPInfo
GetAtomNameA
GetACP
FreeResource
FreeLibrary
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FormatMessageA
FlushInstructionCache
FlushFileBuffers
FindVolumeClose
FindResourceW
FindResourceExW
FindResourceA
FindNextVolumeW
FindNextFileW
FindNextFileA
FindFirstVolumeW
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FatalAppExitA
ExitThread
ExitProcess
EnumSystemLocalesA
EnumResourceLanguagesA
EnterCriticalSection
DuplicateHandle
DeleteFileW
DeleteFileA
DeleteCriticalSection
CreateThread
CreateProcessW
CreateMutexA
CreateFileMappingW
CreateFileA
CreateEventA
CreateDirectoryW
CreateDirectoryA
CopyFileA
ConvertDefaultLocale
CompareStringW
CompareStringA
CloseHandle
FindFirstFileA

advapi32

RegDeleteValueA
AllocateAndInitializeSid
CheckTokenMembership
FreeSid
LookupPrivilegeValueW
OpenProcessToken
RegCloseKey
RegCreateKeyA
RegCreateKeyExA
RegCreateKeyExW
RegCreateKeyW
RegDeleteKeyA
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyA
RegEnumKeyExW
RegOpenKeyA
RegOpenKeyExA
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueA
RegQueryValueExA
RegQueryValueExW
RegSetValueA
RegSetValueExA
RegSetValueExW
AdjustTokenPrivileges

winmm

PlaySoundW

user32

GetSysColor
GetSysColorBrush
GetSystemMetrics
GetTopWindow
GetWindow
GetWindowDC
GetWindowLongA
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetWindowTextA
GetWindowTextLengthA
GetWindowTextW
GetWindowThreadProcessId
GrayStringA
InflateRect
InsertMenuA
IntersectRect
InvalidateRect
IsChild
IsDialogMessageA
IsDlgButtonChecked
IsIconic
IsWindow
IsWindowEnabled
IsWindowVisible
KillTimer
LoadBitmapA
LoadCursorA
LoadCursorW
LoadIconA
LoadIconW
LoadImageW
MapWindowPoints
MessageBoxA
MessageBoxW
ModifyMenuA
MoveWindow
OffsetRect
PeekMessageA
PeekMessageW
PostMessageA
PostMessageW
PostQuitMessage
PostThreadMessageW
PtInRect
RegisterClassA
RegisterClassExW
RegisterClassW
RegisterWindowMessageA
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropA
ScreenToClient
ScrollWindow
ScrollWindowEx
SendDlgItemMessageA
SendMessageA
SendMessageW
SetActiveWindow
SetCapture
SetCursor
SetDlgItemInt
SetDlgItemTextA
SetDlgItemTextW
SetFocus
SetForegroundWindow
SetMenuItemBitmaps
SetPropA
SetRect
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowLongA
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowTextA
SetWindowTextW
SetWindowsHookExA
GetSubMenu
ShowScrollBar
ShowWindow
SystemParametersInfoA
SystemParametersInfoW
TabbedTextOutA
TrackPopupMenu
TrackPopupMenuEx
TranslateMessage
UnhookWindowsHookEx
UnregisterClassA
UpdateWindow
ValidateRect
WinHelpA
GetMessageA
GetMenuStringA
GetMenuState
GetMenuItemInfoA
GetMenuItemID
GetMenuItemCount
GetMenuCheckMarkDimensions
GetMenu
GetLastActivePopup
GetKeyState
GetForegroundWindow
GetFocus
GetDlgItemTextA
GetDlgItemInt
GetDlgItem
GetDlgCtrlID
GetDialogBaseUnits
GetDesktopWindow
GetDC
GetCursorPos
GetClientRect
GetClassNameA
GetClassLongA
GetClassInfoExW
GetClassInfoExA
GetClassInfoA
GetActiveWindow
FindWindowW
FillRect
ExitWindowsEx
EqualRect
EndPaint
EndDialog
EndDeferWindowPos
EnableWindow
EnableMenuItem
DrawTextW
DrawTextExA
DrawTextA
DrawFocusRect
DrawEdge
DispatchMessageW
DispatchMessageA
DialogBoxParamW
DestroyWindow
DestroyMenu
DestroyIcon
DeleteMenu
DeferWindowPos
DefWindowProcW
DefWindowProcA
DefDlgProcW
CreateWindowExW
CreateWindowExA
CreateDialogParamW
CreateDialogIndirectParamA
CopyRect
ClientToScreen
CheckRadioButton
CheckMenuItem
CheckDlgButton
CharUpperW
CharUpperA
CharNextW
CharLowerW
CharLowerA
CallWindowProcW
CallWindowProcA
CallNextHookEx
GetScrollRange
GetScrollPos
GetScrollInfo
GetPropA
GetParent
GetNextDlgTabItem
GetMessageW
GetMessageTime
ShowOwnedPopups
GetMessagePos
BeginPaint
BeginDeferWindowPos
AppendMenuA
AdjustWindowRectEx
GetCapture

gdi32

ScaleViewportExtEx
SaveDC
RestoreDC
RectVisible
PtVisible
PolylineTo
Polygon
PolyDraw
PolyBezierTo
PlayMetaFileRecord
PlayMetaFile
PatBlt
OffsetWindowOrgEx
OffsetViewportOrgEx
OffsetClipRgn
MoveToEx
ModifyWorldTransform
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetTextMetricsA
GetTextExtentPoint32A
GetStockObject
GetPixel
GetObjectW
GetObjectType
GetObjectA
SetWindowOrgEx
GetDeviceCaps
GetDCOrgEx
GetCurrentPositionEx
GetClipRgn
GetClipBox
ExtTextOutA
ExtSelectClipRgn
ExtCreatePen
ExcludeClipRect
Escape
ScaleWindowExtEx
DeleteObject
DeleteDC
DPtoLP
CreateSolidBrush
CreateRectRgnIndirect
CreateRectRgn
CreatePen
CreatePatternBrush
CreateHatchBrush
CreateFontIndirectW
CreateFontIndirectA
CreateDIBitmap
CreateDIBSection
CreateDIBPatternBrushPt
CreateDCA
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
CopyMetaFileA
CombineRgn
BitBlt
ArcTo
SetViewportOrgEx
SetWindowExtEx
SetWorldTransform
StartDocA
StretchBlt
TextOutA
SetBkMode
SetColorAdjustment
SetDIBColorTable
SetGraphicsMode
SetMapMode
SetMapperFlags
SetPolyFillMode
SetROP2
SetRectRgn
SetViewportExtEx
SetStretchBltMode
SelectClipPath
SelectClipRgn
SelectObject
SelectPalette
SetArcDirection
EnumMetaFile
SetBkColor
SetTextAlign
SetTextCharacterExtra
SetTextColor
SetTextJustification
GetMapMode

shlwapi

PathStripToRootA
PathRemoveFileSpecW
PathRemoveExtensionA
PathIsUNCA
PathFindFileNameA
PathFindExtensionA
PathCombineW
PathCanonicalizeW
UrlUnescapeA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

comctl32

ord17
ImageList_LoadImageW
ImageList_GetIconSize
ImageList_Draw
ImageList_Destroy
_TrackMouseEvent

wininet

FtpGetFileA
InternetWriteFile
InternetSetStatusCallbackA
InternetSetOptionExA
InternetSetFilePointer
InternetSetCookieA
InternetReadFile
InternetQueryOptionA
InternetQueryDataAvailable
InternetOpenUrlA
InternetOpenA
InternetGetLastResponseInfoA
InternetGetCookieA
InternetFindNextFileA
InternetErrorDlg
InternetCrackUrlA
InternetConnectA
InternetCloseHandle
InternetCanonicalizeUrlA
HttpSendRequestExA
HttpSendRequestA
HttpQueryInfoA
HttpOpenRequestA
HttpEndRequestA
HttpAddRequestHeadersA
GopherOpenFileA
GopherGetAttributeA
GopherFindFirstFileA
GopherCreateLocatorA
FtpCommandA
FtpCreateDirectoryA
FtpDeleteFileA
FtpFindFirstFileA
FtpGetCurrentDirectoryA
FtpOpenFileA
FtpPutFileA
FtpRemoveDirectoryA
FtpRenameFileA
FtpSetCurrentDirectoryA

Exports

Exports

AsString
GetFuncName
StrictErrors
set_packing
set_read_fn
vInit

Sections

.text
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 272KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cb72c252495e9bb005a16cf9200385ca

Headers

File Characteristics

Imports

shell32

ole32

comdlg32

oleaut32

kernel32

advapi32

winmm

user32

gdi32

shlwapi

winspool.drv

comctl32

wininet

Exports

Exports

Sections

.text Size: 72KB - Virtual size: 72KB

.rdata Size: 272KB - Virtual size: 272KB

.data Size: 70KB - Virtual size: 71KB

.rsrc Size: 19KB - Virtual size: 19KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 72KB - Virtual size: 72KB

.rdata
Size: 272KB - Virtual size: 272KB

.data
Size: 70KB - Virtual size: 71KB

.rsrc
Size: 19KB - Virtual size: 19KB

.reloc
Size: 4KB - Virtual size: 4KB