9f51aff7962c970f9a1504e6ff53596f2ff3d66e6d4a7112d102d91652de9103

Sharing

Copy URL Twitter E-mail

General

Target

9f51aff7962c970f9a1504e6ff53596f2ff3d66e6d4a7112d102d91652de9103
Size

1.9MB
MD5

c113a6c370a65b3ddc28022e3188a1d2
SHA1

9b17eea91ca23218a8b8a93f09353b536f766422
SHA256

9f51aff7962c970f9a1504e6ff53596f2ff3d66e6d4a7112d102d91652de9103
SHA512

3ef294998794936164d684f5f048148b18637380c830d7c35414e7a261b2e98683b167c0940c5a125dfdbc1536eb70daced8cc6a7222b8f8afefa85ef738cc80
SSDEEP

49152:iP3+q1ucDxa3QGIJd7qpSQ22VZgQa7ZRFnyXX5wbviQl3:MxaqJdaSj25an8JUa

Score

N/A

Malware Config

Signatures

Files

9f51aff7962c970f9a1504e6ff53596f2ff3d66e6d4a7112d102d91652de9103
.exe windows x86

883d8a9f05c85e83d357da38fbfd099a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsW
PathRemoveFileSpecW

kernel32

SetEndOfFile
GetModuleHandleA
InterlockedExchange
GetLocaleInfoW
SetFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
HeapAlloc
ExitThread
GetCommandLineA
GetStartupInfoA
RtlUnwind
RaiseException
HeapReAlloc
HeapSize
ExitProcess
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapCreate
HeapDestroy
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
GlobalFlags
GetProcessHeap
WinExec
MoveFileExW
FreeResource
SetFilePointerEx
GetTickCount
WriteFile
ReadFile
CreateFileW
GetLastError
DeviceIoControl
CloseHandle
GetTimeFormatA
GetDateFormatA
GlobalAlloc
Sleep
GlobalFree
GetSystemTime
CreateThread
GetFileSizeEx
CreateDirectoryW
WideCharToMultiByte
GetFileAttributesW
GetLocalTime
DeleteFileW
FlushFileBuffers
FindResourceExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
LockResource
GetFileSize
FindFirstFileW
MoveFileW
FindClose
FindNextFileW
GetFileTime
CreateFileA
FreeLibrary
LoadLibraryW
VirtualFree
VirtualAlloc
GetDiskFreeSpaceExW
GetVolumeInformationW
CreateMutexW
SystemTimeToFileTime
InitializeCriticalSection
OpenProcess
InterlockedCompareExchange
DosDateTimeToFileTime
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
WriteConsoleW
LeaveCriticalSection
TerminateProcess
EnterCriticalSection
GetDiskFreeSpaceW
Process32FirstW
Process32NextW
CreateToolhelp32Snapshot
DeleteCriticalSection
SetFilePointer
FileTimeToSystemTime
LoadLibraryA
lstrcmpW
GetVersionExA
lstrlenA
lstrcmpA
InterlockedIncrement
GetCurrentThreadId
MulDiv
lstrlenW
GetCurrentProcessId
InterlockedDecrement
TlsFree
LocalReAlloc
TlsSetValue
GetPrivateProfileSectionNamesW
GetPrivateProfileStringW
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
SetLastError
GetModuleHandleW
GetProcAddress
GlobalUnlock
GlobalLock
LocalFree
FormatMessageW
GetCurrentDirectoryW
DuplicateHandle
CreatePipe
CreateEventW
GetModuleFileNameW
GetExitCodeProcess
WaitForSingleObject
GetCurrentProcess
CreateProcessW
PeekNamedPipe
GetPrivateProfileSectionW
WritePrivateProfileStringW

user32

SetCapture
IsRectEmpty
KillTimer
SetTimer
SetRect
ReleaseCapture
SetCursor
InvalidateRect
EndPaint
BeginPaint
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
DestroyMenu
SetWindowTextW
RegisterWindowMessageW
LoadIconW
WinHelpW
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
IsWindow
SetFocus
GetForegroundWindow
GetDlgItem
GetTopWindow
GetMessageTime
GetMessagePos
SetMenu
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
GetDlgCtrlID
CallWindowProcW
CopyRect
GetMenu
SystemParametersInfoA
GetWindowPlacement
GetWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetSysColor
GetSysColorBrush
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
CreateAcceleratorTableW
InvalidateRgn
CharPrevW
SetCaretPos
ShowCaret
HideCaret
CreateCaret
DrawIconEx
wvsprintfW
GetUpdateRect
UpdateLayeredWindow
CharNextW
LoadImageW
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
EnableWindow
UnhookWindowsHookEx
DestroyWindow
LoadCursorW
RegisterClassExW
GetWindowRgn
CreateWindowExW
DefWindowProcW
GetDC
InflateRect
OffsetRect
ReleaseDC
SetWindowRgn
GetWindowRect
IsIconic
SetForegroundWindow
GetParent
IntersectRect
GetWindowLongW
MonitorFromWindow
SetWindowLongW
MapWindowPoints
GetMonitorInfoW
MoveWindow
PostMessageW
GetWindowTextLengthW
PtInRect
GetWindowTextW
SetWindowPos
ClientToScreen
ScreenToClient
PostQuitMessage
IsZoomed
GetClientRect
CharUpperW
RegisterDeviceNotificationW
SendMessageW
GetSystemMetrics
CharLowerA
FindWindowW
ShowWindow
MessageBoxW
CharLowerW
wsprintfW

gdi32

CreateFontIndirectW
ExtTextOutW
GetTextExtentPoint32W
SaveDC
RestoreDC
SetBkMode
SetMapMode
LineTo
MoveToEx
SelectClipRgn
PtVisible
RectVisible
TextOutW
Escape
SetViewportOrgEx
SetViewportExtEx
GetObjectW
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
GetStockObject
CreatePen
CreateSolidBrush
CreateRectRgnIndirect
CombineRgn
GetTextMetricsW
GetCharABCWidthsW
RoundRect
SetBkColor
SetTextColor
ScaleViewportExtEx
GetClipBox
GetDeviceCaps
CreateDIBSection
PtInRegion
CreateRectRgn
CreateBitmap
DeleteObject
CreateRoundRectRgn
BitBlt
DeleteDC
SelectObject
SetStretchBltMode
CreateCompatibleBitmap
OffsetViewportOrgEx
CreateCompatibleDC
CreatePenIndirect
StretchBlt
GetObjectA
Rectangle

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

RegCloseKey
RegOpenKeyA
RegCreateKeyA
RegQueryValueExA
RegSetValueExA

shell32

SHGetPathFromIDListW
ShellExecuteW
SHBrowseForFolderW
SHFileOperationW
SHGetSpecialFolderPathW
ord165

ole32

OleRun
OleLockRunning
CLSIDFromProgID
CoUninitialize
OleInitialize
OleUninitialize
CoInitialize
OleSetContainedObject
CLSIDFromString
CoCreateInstance

oleaut32

VariantInit
SysAllocString
SysFreeString
SysStringLen
VariantClear
VariantChangeType
VariantCopy
SysAllocStringLen

ws2_32

getservbyname
gethostbyaddr
gethostbyname
send
htonl
gethostname
connect
WSAStartup
inet_addr
socket
htons
WSACleanup
recv
closesocket

iphlpapi

GetAdaptersInfo

gdiplus

GdipDeleteStringFormat
GdipCreateStringFormat
GdipAlloc
GdipFree
GdipDeleteBrush
GdipDeleteGraphics
GdipDeleteFont
GdipCreateLineBrushI
GdipSetStringFormatAlign
GdipCloneBrush
GdipCreateFromHDC
GdipSetTextRenderingHint
GdipDrawString
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdiplusStartup
GdiplusShutdown
GdipSetStringFormatLineAlign

oleacc

LresultFromObject
CreateStdAccessibleObject

winmm

timeSetEvent
timeKillEvent
timeEndPeriod

comctl32

ord17
_TrackMouseEvent

Sections

.text
Size: 875KB - Virtual size: 874KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 814KB - Virtual size: 814KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

883d8a9f05c85e83d357da38fbfd099a

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

ws2_32

iphlpapi

gdiplus

oleacc

winmm

comctl32

Sections

.text Size: 875KB - Virtual size: 874KB

.rdata Size: 146KB - Virtual size: 146KB

.data Size: 17KB - Virtual size: 37KB

.rsrc Size: 814KB - Virtual size: 814KB

.reloc Size: 74KB - Virtual size: 74KB

.text
Size: 875KB - Virtual size: 874KB

.rdata
Size: 146KB - Virtual size: 146KB

.data
Size: 17KB - Virtual size: 37KB

.rsrc
Size: 814KB - Virtual size: 814KB

.reloc
Size: 74KB - Virtual size: 74KB