57a8142f6a031fce1a47231f6c1dadfded03c241ff3f5d8e9799803c2aae88ac

Sharing

Copy URL

Twitter E-mail

General

Target

57a8142f6a031fce1a47231f6c1dadfded03c241ff3f5d8e9799803c2aae88ac
Size

2.6MB
MD5

2dfe231d78aad286b09137bf732f43cd
SHA1

57d3960ba648d1aea261cb6bcbf483ed06a03537
SHA256

57a8142f6a031fce1a47231f6c1dadfded03c241ff3f5d8e9799803c2aae88ac
SHA512

a3f3db1c8faad5fa75703baa84b5da9f90144f219b73b3a8fbb111e61250d34471ccd28756884ac95716897e2263db009dc0687209bf8a335ecb21b28d5a306c
SSDEEP

49152:YXnlSIWbw3btJm3rVgZsjIaWuhO5m0bUttMZ3kIkXVeyh:YXo9bw3BJxsDO5mG6O1LkXFh

Score

N/A

Malware Config

Signatures

Files

57a8142f6a031fce1a47231f6c1dadfded03c241ff3f5d8e9799803c2aae88ac
.exe windows x86

1dd3956fa169a7500a1fdbb7411f7e5a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetCurrentThreadId
SetErrorMode
lstrcmpiW
LoadLibraryExW
GetModuleFileNameW
GetModuleHandleW
MultiByteToWideChar
WideCharToMultiByte
GetShortPathNameW
LoadLibraryW
DeleteFileW
InterlockedIncrement
FindResourceExW
FindResourceW
SizeofResource
LoadResource
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetLastError
RaiseException
CopyFileW
MoveFileW
lstrcmpW
GetCommandLineW
GetTickCount
SetLastError
lstrcpynW
OpenProcess
GetCurrentProcess
GetCurrentProcessId
TerminateProcess
GetExitCodeProcess
WaitForSingleObject
WriteFile
MoveFileExW
FindNextFileW
FindFirstFileW
GetFileAttributesW
SetFileAttributesW
CreateFileW
GetFullPathNameW
RemoveDirectoryW
GetTempFileNameW
lstrlenW
CloseHandle
FindClose
GetSystemWindowsDirectoryW
GetProcessHeap
HeapSize
QueryDepthSList
ReleaseSemaphore
VirtualProtect
FreeLibrary
UnregisterWait
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SignalObjectAndWait
CreateTimerQueue
WriteConsoleW
ReadConsoleW
SetStdHandle
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeZoneInformation
GetConsoleMode
GetConsoleCP
GetFileType
FreeLibraryAndExitThread
ExitThread
InterlockedFlushSList
RtlUnwind
CreateFileA
lstrcmpiA
lstrcmpA
DeviceIoControl
DosDateTimeToFileTime
LocalFileTimeToFileTime
CreateDirectoryW
GetSystemDirectoryW
GetThreadTimes
InterlockedDecrement
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
LockResource
SetFilePointer
UnregisterWaitEx
RegisterWaitForSingleObject
OutputDebugStringA
GetModuleHandleExW
GetModuleHandleExA
GetModuleHandleA
IsDebuggerPresent
OutputDebugStringW
EncodePointer
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
FlushInstructionCache
IsProcessorFeaturePresent
VirtualAlloc
VirtualFree
LoadLibraryExA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetStringTypeW
FormatMessageW
DuplicateHandle
WaitForSingleObjectEx
Sleep
SwitchToThread
GetCurrentThread
GetNativeSystemInfo
TryEnterCriticalSection
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
QueryPerformanceFrequency
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
LocalFree
ReleaseMutex
CreateMutexW
GetPrivateProfileIntW
WritePrivateProfileStringW
GetVersionExW
GetFileSizeEx
ReadFile
GetACP
FreeResource
ExitProcess
GlobalAlloc
GlobalLock
GlobalUnlock
GetFileSize
MulDiv
IsBadReadPtr
GlobalFree
SetEvent
ResetEvent
GetVersion
InterlockedExchange
InterlockedCompareExchange
ResumeThread
GetLocalTime
SetEndOfFile
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
GetTempPathW
CreateThread
SetThreadPriority
CreateIoCompletionPort
GetQueuedCompletionStatus
PostQueuedCompletionStatus
WaitForMultipleObjects
GetStdHandle
FlushFileBuffers
SetFilePointerEx
SetFileTime
DecodePointer

user32

MapWindowPoints
PtInRect
LoadIconW
SystemParametersInfoW
CallWindowProcW
RegisterClassExW
GetClassInfoExW
CreateWindowExW
SetTimer
GetWindowLongW
SetWindowLongW
LoadCursorW
GetDC
ReleaseDC
GetIconInfo
MoveWindow
SetWindowPos
GetCursorPos
GetWindowRect
GetClientRect
SetForegroundWindow
ScreenToClient
SwitchToThisWindow
wvsprintfW
SetCursor
InflateRect
OffsetRect
GetMessageW
TranslateMessage
DispatchMessageW
SendMessageW
IsChild
UpdateLayeredWindow
GetFocus
GetKeyState
SetCapture
ReleaseCapture
UpdateWindow
BeginPaint
EndPaint
GetUpdateRect
InvalidateRect
IsRectEmpty
GetParent
GetClassNameW
GetWindow
RegisterClassW
EnableWindow
GetMenu
SetPropW
GetPropW
AdjustWindowRectEx
CopyRect
IntersectRect
IsIconic
SetWindowRgn
MonitorFromWindow
GetMonitorInfoW
FindWindowExW
CharPrevW
DrawTextW
SetRect
DrawIconEx
CreateCaret
HideCaret
ShowCaret
SetCaretPos
GetCaretPos
ClientToScreen
GetSysColor
RemovePropW
GetWindowDC
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
CreateAcceleratorTableW
InvalidateRgn
FillRect
PeekMessageW
WaitMessage
CallMsgFilterW
GetQueueStatus
MsgWaitForMultipleObjectsEx
SetFocus
IsZoomed
IsWindowVisible
ShowWindow
IsWindow
PostQuitMessage
RegisterWindowMessageW
MessageBoxW
LoadImageW
DestroyIcon
PostMessageW
KillTimer
CharNextW
DestroyWindow
DefWindowProcW
UnregisterClassW
wsprintfW

gdi32

SaveDC
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontIndirectW
CreatePen
DeleteDC
GetStockObject
GetTextExtentPoint32W
Rectangle
RestoreDC
SetDIBitsToDevice
SelectObject
GetTextMetricsW
GetObjectW
CreateDCW
GetDeviceCaps
SetWindowOrgEx
CreateRoundRectRgn
CombineRgn
CreateRectRgnIndirect
GetCharABCWidthsW
GetClipBox
LineTo
RoundRect
SelectClipRgn
ExtSelectClipRgn
SetBkColor
SetBkMode
StretchBlt
SetStretchBltMode
ExtTextOutW
GetDIBits
DeleteObject
SetTextColor
CreateDIBSection
MoveToEx
TextOutW
CreateSolidBrush

advapi32

RegOpenKeyExW
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
RegCreateKeyW
RegQueryValueExW
GetTokenInformation

shell32

SHChangeNotify
SHCreateDirectoryExW
ShellExecuteW
Shell_NotifyIconW
ord165
SHFileOperationW
ShellExecuteExW
SHGetSpecialFolderPathW

ole32

OleLockRunning
CLSIDFromProgID
CoCreateGuid
CreateStreamOnHGlobal
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoInitialize
CoUninitialize
CLSIDFromString
CoCreateInstance

oleaut32

SafeArrayPutElement
VariantInit
SysFreeString
VarUI4FromStr
VariantClear
SysAllocString
SysAllocStringLen
SafeArrayCreate

shlwapi

StrStrIW
StrStrIA
StrCmpNIW
PathFileExistsW
PathIsDirectoryW
PathRemoveFileSpecW
SHDeleteKeyW
PathCombineW
PathFindFileNameW
SHGetValueW
SHSetValueW
AssocQueryStringW
StrCpyW
StrTrimA
StrCmpIW
SHSetValueA
SHGetValueA
PathAppendW

comctl32

_TrackMouseEvent
InitCommonControlsEx
ord17

gdiplus

GdipImageSelectActiveFrame
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipGraphicsClear
GdipDrawImageRectI
GdipCreatePath
GdipDeletePath
GdipClosePathFigure
GdipAddPathArcI
GdipCreateTexture
GdipSaveImageToFile
GdipGetImageGraphicsContext
GdipCreateBitmapFromStream
GdipCreateBitmapFromFile
GdipCreateBitmapFromScan0
GdipCreateHBITMAPFromBitmap
GdipCloneBitmapAreaI
GdipImageGetFrameCount
GdipBitmapUnlockBits
GdiplusStartup
GdiplusShutdown
GdipAlloc
GdipFree
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipLoadImageFromStream
GdipSetInterpolationMode
GdipFillPath
GdipDrawImagePointsI
GdipDrawImageRectRectI
GdipGetImageEncodersSize
GdipGetImageEncoders
ord1
GdipCreatePen1
GdipDeletePen
GdipDrawPath
GdipDrawEllipseI
GdipLoadImageFromStreamICM
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipGetImageHeight
GdipGetImageWidth
GdipFillEllipseI
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipDisposeImage
GdipCloneImage
GdipBitmapLockBits

psapi

EnumProcesses
EnumProcessModules
GetModuleFileNameExW

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

wininet

InternetGetConnectedState
InternetSetCookieW
InternetGetCookieExW
InternetCrackUrlW

iphlpapi

GetAdaptersInfo

crypt32

CertGetNameStringW

wintrust

WinVerifyTrust
WTHelperProvDataFromStateData

winmm

timeGetTime
timeBeginPeriod
timeEndPeriod

msimg32

GradientFill
AlphaBlend

urlmon

URLDownloadToFileW
URLDownloadToCacheFileW

imm32

ImmSetCompositionWindow
ImmReleaseContext
ImmGetContext

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 287KB - Virtual size: 287KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1dd3956fa169a7500a1fdbb7411f7e5a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

gdiplus

psapi

version

wininet

iphlpapi

crypt32

wintrust

winmm

msimg32

urlmon

imm32

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 287KB - Virtual size: 287KB

.data Size: 28KB - Virtual size: 42KB

.rsrc Size: 2.1MB - Virtual size: 2.1MB

.reloc Size: 69KB - Virtual size: 69KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 287KB - Virtual size: 287KB

.data
Size: 28KB - Virtual size: 42KB

.rsrc
Size: 2.1MB - Virtual size: 2.1MB

.reloc
Size: 69KB - Virtual size: 69KB