6c99b7ea7039464bbf685a5d1a7ea4b3c4d7a61fc3932040df20f71dc65a3d3d

Sharing

Copy URL Twitter E-mail

General

Target

6c99b7ea7039464bbf685a5d1a7ea4b3c4d7a61fc3932040df20f71dc65a3d3d
Size

2.7MB
MD5

ae0a33c303aec7ecbf807aa66f263064
SHA1

e6e6fea52ba69418645a10a3a2d881b61414fa1f
SHA256

6c99b7ea7039464bbf685a5d1a7ea4b3c4d7a61fc3932040df20f71dc65a3d3d
SHA512

fe9fe9cfd4720e4bcc2e23573dbe0d9fa5c4b7f651fc702f576a65cd430e0a53d119cd95657e3c67a8d60c0931f7fe528aa83ab75351f368628478667d2b2716
SSDEEP

49152:AX3i3gFQqa9WV39kZd6BuiV+WkLcHSWXaQlcYQ9n0OXHDPFhGnJweionpxwkwK1+:AX3YiQqa9WV36ZEuiV+WucygSYQ9HXHM

Score

N/A

Malware Config

Signatures

Files

6c99b7ea7039464bbf685a5d1a7ea4b3c4d7a61fc3932040df20f71dc65a3d3d
.exe windows x86

7c50d9ff4e3195480953e2e531267dbb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointerEx
GetStringTypeW
GetConsoleCP
OutputDebugStringW
ReadConsoleW
GetDriveTypeW
WriteConsoleW
SetEnvironmentVariableA
GetConsoleMode
GetTimeZoneInformation
GetOEMCP
GetACP
IsValidCodePage
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStartupInfoW
GetStdHandle
GetFileType
SetStdHandle
HeapQueryInformation
VirtualQuery
VirtualAlloc
GetSystemInfo
GetModuleHandleExW
ExitProcess
ExitThread
CreateThread
IsProcessorFeaturePresent
IsDebuggerPresent
GetSystemTimeAsFileTime
RtlUnwind
GetCommandLineW
FindResourceExW
VirtualProtect
SearchPathW
GetProfileIntW
GetTempPathW
VerifyVersionInfoW
VerSetConditionMask
GetTickCount
GetCurrentDirectoryW
SetErrorMode
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
LocalReAlloc
LocalAlloc
GlobalHandle
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GlobalFlags
ReplaceFileW
GetTempFileNameW
GetDiskFreeSpaceW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
CompareStringA
GetCurrentThread
GlobalGetAtomNameW
FindNextFileW
SystemTimeToFileTime
FileTimeToSystemTime
SetFileTime
LocalFileTimeToFileTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesW
FileTimeToLocalFileTime
GetThreadLocale
GetStringTypeExW
MoveFileW
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetShortPathNameW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
GetCurrentProcessId
ResumeThread
SuspendThread
SetThreadPriority
CreateEventW
WaitForSingleObject
SetEvent
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
LoadLibraryA
GetProcAddress
GetModuleHandleA
OutputDebugStringA
lstrcmpA
CopyFileW
FormatMessageW
MulDiv
LocalFree
SetLastError
InitializeCriticalSectionAndSpinCount
RaiseException
HeapSize
HeapReAlloc
DecodePointer
InterlockedDecrement
InterlockedIncrement
SetPriorityClass
CreateMutexW
GetLastError
GetCurrentProcess
CreateFileW
CreateDirectoryW
GetModuleHandleW
GetModuleFileNameW
CloseHandle
WriteFile
DeleteFileW
TerminateThread
QueryPerformanceFrequency
QueryPerformanceCounter
GlobalFree
GlobalSize
GlobalReAlloc
GlobalAlloc
GlobalUnlock
GlobalLock
Sleep
GetProcessHeap
HeapFree
HeapAlloc
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
WideCharToMultiByte
GetWindowsDirectoryW
LoadLibraryW
lstrcatW
lstrcpyW
WinExec
FreeLibrary
MultiByteToWideChar
GetCPInfo
GetVersionExW
FindResourceW
lstrlenW
lstrcmpiW
SizeofResource
LoadResource
GetVersion
LockResource
LCMapStringW
FreeResource

user32

CharUpperW
SetRectEmpty
GetWindowThreadProcessId
TranslateMessage
GetMessageW
IsDialogMessageW
SetWindowTextW
IsWindowEnabled
CheckDlgButton
MoveWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
SetWindowsHookExW
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
EqualRect
MapWindowPoints
MessageBoxW
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
ValidateRect
GetForegroundWindow
SetActiveWindow
TrackPopupMenu
SetMenu
GetMenu
SetFocus
GetDlgCtrlID
GetDlgItem
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
PeekMessageW
DispatchMessageW
RegisterWindowMessageW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
MapVirtualKeyW
GetKeyNameTextW
IntersectRect
EndPaint
BeginPaint
ToUnicodeEx
UnhookWindowsHookEx
DestroyMenu
IsZoomed
UnregisterClassW
SetClassLongW
GetKeyState
GetWindow
GetPropW
SetForegroundWindow
UpdateWindow
IsIconic
ShowWindow
GetCursorPos
LoadMenuW
LoadIconW
SetPropW
CopyIcon
LoadCursorW
SetWindowLongW
ScreenToClient
MessageBeep
KillTimer
SetTimer
IsWindow
GetMessagePos
PtInRect
RedrawWindow
ReleaseCapture
SetCapture
GetCapture
GetIconInfo
CreateIconIndirect
LoadImageW
DestroyCursor
GetParent
GetWindowLongW
OffsetRect
InflateRect
FrameRect
DrawFocusRect
WindowFromPoint
ClientToScreen
SetCursor
GetWindowRect
GetClientRect
InvalidateRect
DrawStateW
GetActiveWindow
GetNextDlgTabItem
IsMenu
PostMessageW
SendMessageW
SystemParametersInfoW
DrawIconEx
DestroyIcon
LoadBitmapW
GetDesktopWindow
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
DrawEdge
EnableWindow
GetSystemMetrics
PostThreadMessageW
GetComboBoxInfo
CopyRect
SetRect
FillRect
GetSysColorBrush
GetSysColor
ReleaseDC
GetDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
GetMenuItemInfoW
DeleteMenu
RemoveMenu
ModifyMenuW
SendDlgItemMessageA
CreateDialogIndirectParamW
EndDialog
GetWindowRgn
SubtractRect
GetUpdateRect
IsClipboardFormatAvailable
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
CreatePopupMenu
CreateMenu
GetMenuState
CharUpperBuffW
BringWindowToTop
GetDoubleClickTime
DestroyAcceleratorTable
CreateAcceleratorTableW
GetMenuStringW
GetKeyboardState
TrackMouseEvent
MonitorFromPoint
UpdateLayeredWindow
DrawFrameControl
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
RegisterClipboardFormatW
GetMenuDefaultItem
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
GetAsyncKeyState
LockWindowUpdate
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableW
CharNextW
SetWindowRgn
DrawIcon
UnionRect
SetParent
IsRectEmpty
GetSystemMenu
CopyImage
RealChildWindowFromPoint
WaitMessage
MapDialogRect
SetWindowContextHelpId
ShowOwnedPopups
PostQuitMessage
SetCursorPos
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
GetWindowDC
LoadAcceleratorsW
SetMenuDefaultItem

gdi32

TextOutW
ExtTextOutW
CreateBitmap
GetStockObject
SetBkColor
SetTextColor
PtInRegion
CreatePolygonRgn
CreateDCA
GetDIBits
RealizePalette
SelectPalette
GetMapMode
DPtoLP
CreateDCW
CreateFontW
CreateICW
GetBitmapBits
ExtCreatePen
CopyMetaFileW
CreatePatternBrush
CreateRectRgn
ExcludeClipRect
GetClipBox
GetObjectType
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
GetObjectW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
CreateRectRgnIndirect
SetRectRgn
GetBkColor
GetCharWidthW
StretchDIBits
GetTextMetricsW
CreateEllipticRgn
LPtoDP
GetTextColor
GetRgnBox
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
StretchBlt
SetDIBColorTable
Polygon
Polyline
EnumFontFamiliesExW
OffsetRgn
CreateRoundRectRgn
RoundRect
FrameRgn
SetPixelV
ExtFloodFill
SetPaletteEntries
FillRgn
GetBoundsRect
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceW
CreateDIBSection
SetPixel
SelectObject
Rectangle
RectVisible
PtVisible
PatBlt
GetTextExtentPoint32W
GetPixel
GetDeviceCaps
GetBkMode
Escape
Ellipse
DeleteObject
DeleteDC
CreateSolidBrush
CreatePen
CreateHatchBrush
CreateFontIndirectW
CreateCompatibleDC
CreateCompatibleBitmap
MoveToEx
BitBlt

msimg32

AlphaBlend
TransparentBlt

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

GetFileSecurityW
RegOpenKeyExW
RegQueryValueExW
RegQueryValueW
RegSetValueW
RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyExW
RegEnumValueW
SetFileSecurityW
RegCloseKey
RegEnumKeyW
RegSetValueExW
RegDeleteValueW

shell32

SHGetSpecialFolderLocation
ShellExecuteW
SHGetSpecialFolderPathA
Shell_NotifyIconW
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFileInfoW
SHAppBarMessage
SHGetDesktopFolder
ShellExecuteExW
ExtractIconW
DragFinish
DragQueryFileW

comctl32

ImageList_ReplaceIcon
ImageList_Draw
ImageList_AddMasked
ImageList_GetIcon
ImageList_GetImageCount
_TrackMouseEvent

shlwapi

PathStripToRootW
PathFindExtensionW
PathFindFileNameW
PathRemoveFileSpecW
PathIsUNCW
StrFormatKBSizeW

uxtheme

GetWindowTheme
GetThemeSysColor
OpenThemeData
CloseThemeData
GetCurrentThemeName
GetThemeColor
DrawThemeText
DrawThemeParentBackground
DrawThemeBackground
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
IsAppThemed

ole32

RevokeDragDrop
CoTaskMemAlloc
StringFromCLSID
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
IsAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
OleDuplicateData
ReleaseStgMedium
CoUninitialize
CoInitializeEx
CoCreateInstance
CoCreateGuid
CoInitialize
CLSIDFromString
CLSIDFromProgID
CoDisconnectObject
CoGetClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CreateStreamOnHGlobal
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
OleTranslateAccelerator
DoDragDrop
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CoTaskMemFree

oleaut32

LoadTypeLi
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
SysAllocString
VariantCopy
VarBstrFromDate
OleCreateFontIndirect
VariantChangeType
VariantClear
SysAllocStringLen
VariantInit
SysFreeString

oledlg

OleUIBusyW

ws2_32

connect
ioctlsocket
htons
recv
select
send
setsockopt
socket
WSAStartup
WSACleanup
inet_ntoa
gethostbyname
gethostname
WSASetLastError
closesocket

gdiplus

GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI

winmm

PlaySoundW

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 393KB - Virtual size: 392KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 6.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 613KB - Virtual size: 612KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7c50d9ff4e3195480953e2e531267dbb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

ws2_32

gdiplus

winmm

oleacc

imm32

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 393KB - Virtual size: 392KB

.data Size: 33KB - Virtual size: 6.5MB

.rsrc Size: 613KB - Virtual size: 612KB

.reloc Size: 140KB - Virtual size: 140KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 393KB - Virtual size: 392KB

.data
Size: 33KB - Virtual size: 6.5MB

.rsrc
Size: 613KB - Virtual size: 612KB

.reloc
Size: 140KB - Virtual size: 140KB