da798414767a61fa4b93eca006dd84de8470b0e38b55f5b5f956825b85c84f90

Sharing

Copy URL

Twitter E-mail

General

Target

da798414767a61fa4b93eca006dd84de8470b0e38b55f5b5f956825b85c84f90
Size

2.4MB
MD5

6e852f2af8d805b26481613553030570
SHA1

51ca06a5a5ad42b83e22bf234c41201e3b6d329d
SHA256

da798414767a61fa4b93eca006dd84de8470b0e38b55f5b5f956825b85c84f90
SHA512

1731e68f47f9b2e34c64c2476f1b1a60299c3bbfd5e2e0904fb52ece1d3e49781cd6d53a1322d55081fcd620b75f03b47d5550b5fa78fe33583ef5c3d80b6624
SSDEEP

49152:NtLvvnPSTiA2Yn0fOjmAw9/5WVICEJkrKSj+w6eUf:NtLXnqGA2Y4OjmAwnWVInJcKSj+te

Score

N/A

Malware Config

Signatures

Files

da798414767a61fa4b93eca006dd84de8470b0e38b55f5b5f956825b85c84f90
.exe windows x86

4955ff4cc80aa2c50eef5f4e757f8b3a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAGetLastError
WSACleanup
WSAStartup
socket
htons
setsockopt
send
recv
listen
closesocket
bind
accept
shutdown

wininet

HttpSendRequestA
InternetCrackUrlA
InternetOpenA
InternetCloseHandle
InternetConnectA
InternetReadFile
InternetQueryOptionA
InternetSetOptionA
HttpOpenRequestA
HttpAddRequestHeadersA
HttpQueryInfoA

advapi32

RegEnumKeyExA
RegCreateKeyExA
StartServiceA
StartServiceCtrlDispatcherA
SetServiceStatus
RegisterServiceCtrlHandlerA
QueryServiceStatus
OpenServiceA
OpenSCManagerA
DeleteService
CreateServiceA
ControlService
CloseServiceHandle
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyA
RegCloseKey
OpenProcessToken
OpenThreadToken
AdjustTokenPrivileges
LookupPrivilegeValueA
CryptAcquireContextA
CryptReleaseContext
CryptDeriveKey
CryptDestroyKey
CryptEncrypt
CryptDecrypt
CryptCreateHash
CryptHashData
CryptDestroyHash
DeregisterEventSource
RegisterEventSourceA
ReportEventA
IsValidSid
GetLengthSid
CopySid
LookupAccountNameA
GetUserNameA

kernel32

GetUserDefaultUILanguage
GetACP
lstrcpyA
FindResourceExW
GetWindowsDirectoryA
VerSetConditionMask
VerifyVersionInfoA
GetTempPathA
GetTickCount
GetProfileIntA
SearchPathA
GetTempFileNameA
UnhandledExceptionFilter
IsProcessorFeaturePresent
WaitForSingleObjectEx
CreateEventW
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesA
FileTimeToLocalFileTime
GlobalFindAtomA
FindResourceA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
FreeResource
GetSystemDirectoryW
EncodePointer
GlobalFlags
FreeLibrary
GetVolumeInformationA
lstrcmpiA
DuplicateHandle
WriteFile
SetFilePointer
SetEndOfFile
ReadFile
GetFullPathNameA
FlushFileBuffers
FindFirstFileA
FindClose
GlobalAddAtomA
ResumeThread
SetThreadPriority
FileTimeToSystemTime
GlobalGetAtomNameA
GetCPInfo
GetFileAttributesExA
lstrcmpA
CompareStringA
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
OutputDebugStringW
RtlUnwind
FindFirstFileExW
FindNextFileW
GetFileType
GetModuleHandleExW
WriteConsoleW
SetStdHandle
TlsAlloc
LoadLibraryW
GetSystemInfo
VirtualAlloc
VirtualQuery
ExitThread
FreeLibraryAndExitThread
GetModuleHandleW
CopyFileA
MulDiv
GetOEMCP
GlobalUnlock
GlobalLock
GlobalSize
SetLastError
InitializeCriticalSectionAndSpinCount
RaiseException
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
DecodePointer
CreateThread
AllocConsole
SetConsoleCtrlHandler
GetModuleHandleA
FormatMessageA
GetStdHandle
Sleep
LocalFree
GlobalFree
GlobalAlloc
GetLocaleInfoA
GetVersionExA
FindResourceW
CreateProcessA
CreateEventA
GetNativeSystemInfo
SizeofResource
LoadResource
WaitForSingleObject
SetEvent
TerminateThread
GetExitCodeProcess
LockResource
CreateFileW
DeleteFileA
GetFileSize
UnlockFile
LockFile
CreateFileA
LoadLibraryA
CloseHandle
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetLastError
GetCurrentThreadId
GetCurrentThread
SetUnhandledExceptionFilter
TerminateProcess
GetCurrentProcessId
GetCurrentProcess
VirtualProtect
GetProcAddress
WideCharToMultiByte
MultiByteToWideChar
GetModuleFileNameW
DeviceIoControl
OutputDebugStringA
GetModuleFileNameA
GetLocalTime
GetCommandLineA
GetCommandLineW
QueryPerformanceFrequency
ExitProcess
SetFilePointerEx
GetConsoleMode
ReadConsoleW
GetConsoleCP
CreateDirectoryW
GetStringTypeW
GetTimeZoneInformation
CompareStringW
LCMapStringW
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
GetCurrentDirectoryA
GetFileAttributesExW
HeapQueryInformation

user32

LockWindowUpdate
SetRect
CopyAcceleratorTableA
DestroyAcceleratorTable
CreateAcceleratorTableA
LoadAcceleratorsW
ToAsciiEx
GetKeyboardState
MapVirtualKeyExA
IsCharLowerA
GetKeyboardLayout
WaitMessage
PostThreadMessageA
GetComboBoxInfo
ReuseDDElParam
UnpackDDElParam
InsertMenuItemA
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
MonitorFromPoint
UpdateLayeredWindow
UnionRect
DrawIcon
FrameRect
CopyIcon
SetCursorPos
BringWindowToTop
GetSystemMenu
LoadMenuW
IsZoomed
DrawFrameControl
DrawEdge
DrawStateA
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
SetParent
SetWindowRgn
SetClassLongA
EnumDisplayMonitors
SetLayeredWindowAttributes
GetKeyNameTextA
MapVirtualKeyA
GetMenuDefaultItem
CreatePopupMenu
NotifyWinEvent
LoadCursorW
InvertRect
HideCaret
EnableScrollBar
MessageBeep
GetIconInfo
DrawIconEx
LoadImageA
IsRectEmpty
DrawFocusRect
WindowFromPoint
ReleaseCapture
SetCapture
GetNextDlgGroupItem
LoadImageW
TrackMouseEvent
IntersectRect
InvalidateRect
KillTimer
SetTimer
DeleteMenu
SetCursor
ShowOwnedPopups
MapDialogRect
GetAsyncKeyState
SetMenuDefaultItem
EndDialog
CreateDialogIndirectParamA
OffsetRect
SetRectEmpty
CopyImage
SystemParametersInfoA
InflateRect
GetMenuItemInfoA
DestroyMenu
FillRect
GetWindowDC
TabbedTextOutA
DrawTextExA
DrawTextA
PostQuitMessage
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconW
LoadIconA
GetTopWindow
GetClassLongA
EqualRect
CopyRect
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetClientRect
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
ScrollWindow
RedrawWindow
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
GetClassInfoExA
GetClassInfoA
CallWindowProcA
PostMessageA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageA
SetWindowLongA
GetDoubleClickTime
ModifyMenuA
DestroyCursor
GetWindowRgn
CreateMenu
SubtractRect
TranslateMDISysAccel
SendDlgItemMessageA
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
GetUpdateRect
IsClipboardFormatAvailable
CharUpperBuffA
GetNextDlgTabItem
CheckDlgButton
GetDlgItem
SetWindowPos
MoveWindow
ShowWindow
IsWindow
GetScrollPos
SetScrollPos
SetFocus
RealChildWindowFromPoint
GetWindow
GetClassNameA
GetDesktopWindow
PtInRect
ClientToScreen
GetWindowRect
SetWindowTextA
GetFocus
GetDlgCtrlID
CharUpperA
DestroyIcon
CallNextHookEx
RegisterClipboardFormatA
SetWindowsHookExA
GetCursorPos
ValidateRect
GetKeyState
GetActiveWindow
IsWindowVisible
PeekMessageA
DispatchMessageA
TranslateMessage
GetMessageA
GetWindowTextLengthA
GetWindowTextA
LoadCursorA
GetSysColorBrush
GetSysColor
ReleaseDC
GetDC
GetSystemMetrics
GetLastActivePopup
GetWindowThreadProcessId
GetParent
GetWindowLongA
MessageBoxA
IsWindowEnabled
EnableWindow
SendMessageA
UnhookWindowsHookEx
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringA
DestroyWindow
CreateWindowExA
RegisterClassA
DefWindowProcA
GrayStringA

gdi32

ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutA
TextOutA
MoveToEx
ScaleWindowExtEx
CombineRgn
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
EnumFontFamiliesExA
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
CreateFontIndirectA
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
GetRgnBox
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceA
SetROP2
SetPolyFillMode
Ellipse
GetTextExtentPoint32A
GetTextMetricsA
SetTextAlign
GetLayout
SetLayout
SetMapMode
SetBkMode
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
BitBlt
GetObjectA
SetTextColor
SetBkColor
CreateBitmap
DeleteObject
GetDeviceCaps
CreateDCA
CopyMetaFileA

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

shell32

SHGetFileInfoA
ShellExecuteA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragQueryFileA
DragFinish
SHAppBarMessage
SHBrowseForFolderA

comctl32

ord17

shlwapi

PathIsUNCA
PathFindFileNameA
PathFindExtensionA
PathRemoveFileSpecW
StrFormatKBSizeA
PathStripToRootA

uxtheme

DrawThemeParentBackground
GetThemePartSize
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
IsAppThemed
GetWindowTheme
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
CloseThemeData
OpenThemeData
DrawThemeText

ole32

CoDisconnectObject
CoCreateInstance
CoUninitialize
CoInitialize
CoInitializeEx
CreateStreamOnHGlobal
DoDragDrop
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator

oleaut32

VarBstrFromDate
VariantInit
SysAllocString
VariantChangeType
VariantCopy
VariantClear
VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocStringLen
SysStringLen
LoadTypeLi
SysAllocStringByteLen
SysFreeString

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 408KB - Virtual size: 408KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 138KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4955ff4cc80aa2c50eef5f4e757f8b3a

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

wininet

advapi32

kernel32

user32

gdi32

msimg32

winspool.drv

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 408KB - Virtual size: 408KB

.data Size: 24KB - Virtual size: 63KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 138KB - Virtual size: 138KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 408KB - Virtual size: 408KB

.data
Size: 24KB - Virtual size: 63KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 138KB - Virtual size: 138KB