3d37e5ff7ef6be4ea9b17522b8c08c7e2738020fcbfbd2323098bbc156112d12

Sharing

Copy URL

Twitter E-mail

General

Target

3d37e5ff7ef6be4ea9b17522b8c08c7e2738020fcbfbd2323098bbc156112d12
Size

413KB
MD5

82f2ff647e90354582712859a9e291a0
SHA1

b37a272adb118edf9a00978ad67aaf55bd488de8
SHA256

3d37e5ff7ef6be4ea9b17522b8c08c7e2738020fcbfbd2323098bbc156112d12
SHA512

28f64b9ef4f5fb3e089ea178faac8c4f064ecb5826abfa2d215d6361ca6142684209d477bbf5728093d6baf996852ce1dcd639280a78151c4ecf2b60b4f0ae10
SSDEEP

6144:/978k8lRRaE2vv0iwZgLkxB543T+cbJ5JIJAbW0we3/FffIRR:/lAHG0rZg414CIJ5MZ0wsFffUR

Score

N/A

Malware Config

Signatures

Files

3d37e5ff7ef6be4ea9b17522b8c08c7e2738020fcbfbd2323098bbc156112d12
.exe windows x86

aa5795f627534a10c671ed5e2d715a46

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

TraceMessage
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
TraceEvent
RegisterTraceGuidsW
UnregisterTraceGuids
RegSetValueExW
RegQueryValueExW
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW

kernel32

GetTickCount
GetModuleHandleA
SetUnhandledExceptionFilter
GetStartupInfoA
InterlockedCompareExchange
InterlockedExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
DeleteCriticalSection
InitializeCriticalSection
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
OutputDebugStringA
SetLastError
lstrlenA
MultiByteToWideChar
CreateMutexW
ReleaseMutex
GetVersionExW
Sleep
GetSystemDefaultUILanguage
CreateFileW
WriteFile
CloseHandle
EnterCriticalSection
LeaveCriticalSection
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
lstrlenW
HeapSetInformation
RegisterApplicationRestart
DeleteFileW
GetProcAddress
WideCharToMultiByte
FreeLibrary
ExpandEnvironmentStringsW
LoadLibraryW
GetTempPathW
GlobalDeleteAtom
GlobalAddAtomW
RaiseException
GetLastError
QueryPerformanceCounter

gdi32

CreateSolidBrush
CreatePen
CreateCompatibleBitmap
Rectangle
SelectObject
GetStockObject
CombineRgn
CreateRectRgn
CreateRectRgnIndirect
GetDeviceCaps
DeleteObject
SetBkMode
SetTextColor
SelectClipRgn
GetClipRgn
GetLayout
FillRgn
OffsetRgn
CreatePolygonRgn
GetObjectW
DeleteDC
CreateCompatibleDC
PatBlt
BitBlt
SetLayout
CreateDIBSection

user32

MapWindowPoints
UnregisterClassA
SetFocus
LoadMenuW
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetWindowRect
RegisterHotKey
CreateWindowExW
LoadStringW
GetForegroundWindow
SetWindowTextW
AdjustWindowRect
GetWindowTextW
GetWindowRgnBox
OffsetRect
SetClassLongW
LoadCursorW
UnionRect
IntersectRect
SetRect
LogicalToPhysicalPoint
GetWindowLongW
GetSystemMetrics
SetPropW
EnumDisplayMonitors
SetScrollInfo
PtInRect
IsIconic
IsWindowVisible
InvalidateRect
SetCapture
ReleaseCapture
DefWindowProcW
EndPaint
BeginPaint
GetWindow
ShowWindow
RegisterClassW
CloseClipboard
OpenClipboard
EmptyClipboard
SetClipboardData
GetClassNameW
GetParent
PostQuitMessage
UnregisterHotKey
IsZoomed
CallWindowProcW
SetCursor
GetIconInfo
DrawIconEx
CheckMenuRadioItem
LoadIconW
LoadImageW
AdjustWindowRectEx
SystemParametersInfoW
SetWindowLongW
DestroyMenu
TranslateAcceleratorW
DestroyWindow
DialogBoxParamW
GetClientRect
EndDialog
CheckDlgButton
FillRect
GetSubMenu
GetMonitorInfoW
MonitorFromWindow
CopyRect
TrackPopupMenuEx
GetProcessDefaultLayout
GetPropW
GetScrollInfo
GetWindowDC
GetDesktopWindow
SetWindowPos
ReleaseDC
PostMessageW
InflateRect
DrawTextW
DrawFocusRect
IsDlgButtonChecked
GetDlgItem
SendMessageW
LoadAcceleratorsW
GetMessageW
TranslateMessage
DispatchMessageW
GetDC
FindWindowW
OpenIcon
SetForegroundWindow
MessageBoxW
GetSysColor

msvcrt

memcpy
??3@YAXPAX@Z
??_V@YAXPAX@Z
__CxxFrameHandler3
free
_vsnwprintf
memset
??_U@YAPAXI@Z
_CxxThrowException
??2@YAPAXI@Z
_ftol2_sse
memcpy_s
malloc
_controlfp
_onexit
_lock
__dllonexit
_unlock
_except_handler4_common
??1type_info@@UAE@XZ
_errno
realloc
?terminate@@YAXXZ
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_amsg_exit
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
strstr
vswprintf_s
_vscwprintf
_resetstkoflw
memmove_s
wcscspn
wcsspn
_wcsicmp

ntdll

WinSqmIncrementDWORD
WinSqmIsOptedIn
EtwTraceMessage

gdiplus

GdipSaveImageToStream
GdipCreateFontFromLogfontW
GdipCreateFontFromDC
GdipMeasureString
GdipDrawString
GdipFillRectangle
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipCreateLineBrushFromRect
GdipDeleteFont
GdipDeleteStringFormat
GdipCreateStringFormat
GdipCloneImage
GdipGetImageEncodersSize
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipSaveImageToFile
GdipDisposeImage
GdipFillEllipseI
GdipSetSmoothingMode
GdiplusShutdown
GdiplusStartup
GdipCloneBrush
GdipFillRectangleI
GdipCreateFromHDC
GdipCreateSolidFill
GdipDeleteGraphics
GdipDeleteBrush
GdipAlloc
GdipFree
GdipGetImageEncoders

comctl32

InitCommonControlsEx
ImageList_Add
ImageList_Create
ImageList_Destroy
ord380
ord345

shlwapi

PathFindExtensionW
UrlCreateFromPathW
StrStrA
PathIsURLW
ord487
StrChrW
PathFindFileNameW
SHRegGetUSValueW
ord158
PathRemoveExtensionW

shell32

SHCreateItemInKnownFolder
ord75
ShellAboutW

ole32

CoCreateGuid
CoTaskMemFree
CoInitialize
CoUninitialize
CreateStreamOnHGlobal
CoCreateInstance
StringFromCLSID

oleaut32

SysAllocStringLen
VarBstrCat
SysStringLen
SafeArrayGetUBound
SafeArrayGetElement
SysAllocString
VariantClear
VariantInit
SysFreeString
SafeArrayPutElement

uxtheme

GetThemeSysColor
GetThemeSysFont

oleacc

AccessibleObjectFromWindow

slc

SLGetWindowsInformationDWORD

msdrm

DRMIsWindowProtected

Sections

.text
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 246KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

aa5795f627534a10c671ed5e2d715a46

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

gdi32

user32

msvcrt

ntdll

gdiplus

comctl32

shlwapi

shell32

ole32

oleaut32

uxtheme

oleacc

slc

msdrm

Sections

.text Size: 130KB - Virtual size: 130KB

.data Size: 3KB - Virtual size: 9KB

.rsrc Size: 246KB - Virtual size: 246KB

.reloc Size: 33KB - Virtual size: 34KB

.text
Size: 130KB - Virtual size: 130KB

.data
Size: 3KB - Virtual size: 9KB

.rsrc
Size: 246KB - Virtual size: 246KB

.reloc
Size: 33KB - Virtual size: 34KB