4e2541407ba0bbc621b3f0151663eb902ac10aeef7ecc19216cff7edf4b2d34d

Sharing

Copy URL Twitter E-mail

General

Target

4e2541407ba0bbc621b3f0151663eb902ac10aeef7ecc19216cff7edf4b2d34d
Size

2.3MB
MD5

05a887ddb08cbb6cf66e86a01f9b7695
SHA1

f6a62dd38a92b40e1f75f6be5958c1a104f43b69
SHA256

4e2541407ba0bbc621b3f0151663eb902ac10aeef7ecc19216cff7edf4b2d34d
SHA512

1f2de7abaf9dae33b1cd3b65fbb49e6a229d320eafe1621dd86034dda56909aae8c02aa768c9d4eb040e8546dedbc4725baa79bbc9a59e3aa0c22065e9664bbd
SSDEEP

49152:cdQZCQAc4pWk1oRwlPQow8uYkOLovoootobo3oooXoomoooNoooM6ST:c7QcWk1ywa

Score

N/A

Malware Config

Signatures

Files

4e2541407ba0bbc621b3f0151663eb902ac10aeef7ecc19216cff7edf4b2d34d
.exe windows x86

d1236b43b906a8af19cabceb8dfe2e3d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

RpcStringFreeW
UuidToStringW
UuidCreate

kernel32

GetDiskFreeSpaceExW
GetPrivateProfileSectionW
WritePrivateProfileSectionW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
CompareFileTime
GetExitCodeProcess
GetSystemDirectoryW
GetSystemInfo
SystemTimeToFileTime
FindFirstChangeNotificationW
FindCloseChangeNotification
OpenEventW
OpenFileMappingW
MapViewOfFile
ReleaseMutex
MulDiv
GetCurrentProcess
GetCurrentProcessId
LeaveCriticalSection
DeleteCriticalSection
GlobalUnlock
CreateFileMappingW
GlobalLock
FindResourceExW
MapViewOfFileEx
CreateProcessW
CloseHandle
SetEnvironmentVariableA
CompareStringW
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CreateFileA
SetStdHandle
GetLocaleInfoW
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
QueryPerformanceCounter
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetExitCodeThread
FreeEnvironmentStringsA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetStartupInfoA
GetFileType
SetHandleCount
GetTimeZoneInformation
HeapCreate
GetModuleFileNameA
GetStdHandle
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetModuleHandleA
GetCPInfo
LCMapStringW
LCMapStringA
RtlUnwind
GetStartupInfoW
ResumeThread
ExitThread
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetThreadLocale
GetLocaleInfoA
GetACP
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
GetVersionExA
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
LocalAlloc
CreateFileW
FlushInstructionCache
GetEnvironmentStrings
ExpandEnvironmentStringsW
WaitForSingleObject
LoadLibraryExW
lstrlenW
lstrlenA
UnmapViewOfFile
GlobalAddAtomW
lstrcmpiW
GlobalAlloc
GetModuleHandleW
GetFileAttributesW
LocalFree
CreateDirectoryW
ReadFile
OutputDebugStringW
SetFileAttributesW
WideCharToMultiByte
InitializeCriticalSection
LoadLibraryW
GetLongPathNameW
FindClose
FindNextFileW
GetPrivateProfileStructW
WritePrivateProfileStructW
FindFirstFileW
ResetEvent
MoveFileW
GetTempFileNameW
GetTempPathW
SetEndOfFile
SetFilePointer
InterlockedExchange
InterlockedCompareExchange
GetSystemTimeAsFileTime
FileTimeToSystemTime
lstrcpynW
FileTimeToLocalFileTime
CopyFileW
TerminateProcess
DeleteFileW
GetWindowsDirectoryW
WriteFile
OpenProcess
GetPrivateProfileStringW
CreateMutexW
GetLocalTime
TerminateThread
CreateThread
GetFileAttributesExW
SetEvent
GetPrivateProfileIntW
OpenMutexW
EnterCriticalSection
GetLastError
lstrcmpW
InterlockedIncrement
FindResourceW
LoadResource
Sleep
InterlockedDecrement
SizeofResource
ExitProcess
WritePrivateProfileStringW
GetVersion
GetTickCount
GetFileSize
GlobalDeleteAtom
GlobalGetAtomNameW
GetVersionExW
GetModuleFileNameW
LockResource
MultiByteToWideChar
FreeResource
FreeLibrary
RaiseException
GetCurrentThreadId
CreateEventW
GetProcAddress
SetLastError

user32

SetClipboardData
CloseClipboard
GetWindowThreadProcessId
FlashWindow
BringWindowToTop
SetScrollPos
EnableScrollBar
ShowScrollBar
GetForegroundWindow
DefWindowProcW
MapWindowPoints
UnregisterClassA
DestroyIcon
FindWindowW
GetWindowTextLengthW
DrawIconEx
EnableWindow
LoadIconW
GetActiveWindow
ReleaseCapture
InflateRect
CharNextW
RedrawWindow
ScreenToClient
SetCursor
EmptyClipboard
OpenClipboard
ExitWindowsEx
IsRectEmpty
GetWindowTextW
GetCursorPos
ShowWindow
GetClassNameW
GetClientRect
PostMessageW
PtInRect
GetWindowRect
KillTimer
IsWindowEnabled
GetKeyState
DrawFrameControl
SystemParametersInfoW
PeekMessageW
RegisterWindowMessageW
GetDlgItem
GetMessageW
IsWindow
FillRect
SetActiveWindow
TranslateMessage
CreateWindowExW
SendMessageW
LoadCursorW
GetDesktopWindow
EndPaint
DispatchMessageW
CallWindowProcW
GetDC
SetWindowPos
LoadImageW
InvalidateRgn
SetCapture
DestroyAcceleratorTable
GetWindowDC
FindWindowExW
GetSystemMetrics
GetWindowLongW
RegisterClassExW
DestroyWindow
GetSysColor
EqualRect
PostThreadMessageW
SetWindowRgn
MessageBoxW
BeginPaint
ReleaseDC
GetClassInfoExW
CreatePopupMenu
DrawTextW
SetTimer
SetWindowTextW
MonitorFromWindow
GetMonitorInfoW
SendMessageTimeoutW
MonitorFromPoint
GetDlgCtrlID
OffsetRect
LoadBitmapW
DestroyMenu
IsWindowVisible
GetParent
InvalidateRect
ClientToScreen
IsChild
SetFocus
GetFocus
FrameRect
SetForegroundWindow
GetWindow
IsIconic
wsprintfW
CreateAcceleratorTableW
CopyRect
AppendMenuW
SetRect
SetWindowLongW
TrackPopupMenu
MoveWindow

gdi32

GetPixel
CreateFontW
SelectClipRgn
CombineRgn
CreateRectRgnIndirect
LineTo
MoveToEx
SelectObject
BitBlt
CreatePen
SaveDC
DeleteObject
GetTextMetricsW
CreateSolidBrush
SetWindowOrgEx
CreateCompatibleBitmap
CreateRectRgn
GetTextColor
Rectangle
CreateDIBSection
CreateCompatibleDC
CreateBitmap
GetTextExtentPoint32W
GetBkMode
StretchBlt
DeleteDC
GetObjectW
GetStockObject
ExtTextOutW
SetBkColor
GetDeviceCaps
TextOutW
OffsetRgn
SetTextColor
SetRectRgn
SetBkMode
RoundRect
RestoreDC
CreateFontIndirectW
GetClipRgn
RectInRegion

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

QueryServiceLockStatusW
CreateServiceW
QueryServiceConfigW
ChangeServiceConfig2W
ChangeServiceConfigW
UnlockServiceDatabase
LockServiceDatabase
GetSidLengthRequired
AddAce
InitializeSid
GetAclInformation
GetSidSubAuthority
CopySid
RegSetValueExW
GetAce
RegNotifyChangeKeyValue
QueryServiceStatus
AdjustTokenPrivileges
LookupPrivilegeValueW
CloseServiceHandle
ControlService
OpenServiceW
OpenSCManagerW
InitializeAcl
OpenProcessToken
SetNamedSecurityInfoW
GetNamedSecurityInfoW
RegCloseKey
RegEnumKeyExW
RegDeleteValueW
RegQueryInfoKeyW
RegOpenKeyExW
GetTokenInformation
RegDeleteKeyW
IsValidSid
RegQueryValueExW
GetLengthSid
RegCreateKeyExW

shell32

SHGetDesktopFolder
SHGetPathFromIDListW
SHFileOperationW
SHBrowseForFolderW
SHChangeNotify
SHGetFileInfoW
ShellExecuteExW
ShellExecuteW
SHGetSpecialFolderPathW
SHGetFolderPathW
SHGetSpecialFolderLocation

ole32

CreateStreamOnHGlobal
CoTaskMemRealloc
OleLockRunning
OleInitialize
CoCreateInstance
CoGetClassObject
CoCreateGuid
CoInitialize
OleUninitialize
StringFromGUID2
CLSIDFromString
CoUninitialize
CLSIDFromProgID
CoInitializeEx
CoTaskMemAlloc
CoTaskMemFree

oleaut32

VariantInit
SysAllocString
LoadRegTypeLi
VariantClear
DispCallFunc
SysAllocStringLen
SystemTimeToVariantTime
SysStringByteLen
LoadTypeLi
OleCreateFontIndirect
SysFreeString
VarUI4FromStr
SysStringLen
VarBstrCmp

shlwapi

PathRemoveFileSpecW
PathFindFileNameW
StrToInt64ExW
StrFormatByteSizeW
StrStrW
SHDeleteKeyW
StrDupW
StrCpyNW
StrCmpNIW
StrRChrW
StrChrW
StrCmpNW
PathIsUNCW
PathIsRelativeW
PathIsDirectoryW
PathStripToRootW
PathAddBackslashW
StrStrIA
SHSetValueW
SHGetValueW
StrStrIW
PathAppendW
StrToIntW
StrToIntA
PathFileExistsW

comctl32

ImageList_GetIconSize
_TrackMouseEvent
ImageList_Draw
ImageList_AddMasked
ImageList_Create
ImageList_Destroy
ImageList_SetBkColor

gdiplus

GdiplusStartup
GdipCreateTexture2I
GdipDrawImagePointRectI
GdipLoadImageFromFileICM
GdipLoadImageFromFile
GdipDrawLineI
GdipDeletePen
GdipCreatePen1
GdipTranslateTextureTransform
GdipLoadImageFromStream
GdipDrawImageRectI
GdipFillRectangleI
GdipCreateSolidFill
GdipFree
GdiplusShutdown
GdipDeleteGraphics
GdipGetImageWidth
GdipCloneBrush
GdipCreateFromHDC
GdipGetImageHeight
GdipAlloc
GdipCloneImage
GdipDeleteBrush
GdipDrawImageRectRectI
GdipDisposeImage

iphlpapi

GetAdaptersInfo

wininet

InternetWriteFile
InternetReadFile
HttpQueryInfoW
HttpEndRequestW
HttpSendRequestExW
InternetCloseHandle
HttpOpenRequestW
InternetConnectW
InternetSetOptionW
InternetOpenW
InternetCrackUrlW
HttpSendRequestW
HttpAddRequestHeadersW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

mpr

WNetGetResourceInformationW

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 44KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1004KB - Virtual size: 1004KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d1236b43b906a8af19cabceb8dfe2e3d

Headers

File Characteristics

Imports

rpcrt4

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

gdiplus

iphlpapi

wininet

version

mpr

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 168KB - Virtual size: 167KB

.data Size: 44KB - Virtual size: 52KB

.rsrc Size: 1004KB - Virtual size: 1004KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 168KB - Virtual size: 167KB

.data
Size: 44KB - Virtual size: 52KB

.rsrc
Size: 1004KB - Virtual size: 1004KB