920442a1adc03ef869d672817d6f32e424421bc6e74eb81ac8632caa376d9a0f

Sharing

Copy URL

Twitter E-mail

General

Target

920442a1adc03ef869d672817d6f32e424421bc6e74eb81ac8632caa376d9a0f
Size

624KB
MD5

01520c64a8eeeb33eeee12df2e444363
SHA1

d69871467ca5d829299337af8eb511b889abd01d
SHA256

920442a1adc03ef869d672817d6f32e424421bc6e74eb81ac8632caa376d9a0f
SHA512

31f66445c24e742665172aee9d65e6828c1e9f9cf3222db27169738d0ff77f4f8bac4dfe3a660e53b1455cf53f03b8192cb1244f28776cf76b9c9249b46b0f8c
SSDEEP

12288:5gBlfzLMhnEdXR9WebghyNQi9lptf399cKsYuMvqIlAWWmXLXqs76ve7I+L:5g/tzg0NQi9lXf3/AW3R76v9

Score

N/A

Malware Config

Signatures

Files

920442a1adc03ef869d672817d6f32e424421bc6e74eb81ac8632caa376d9a0f
.exe windows x86

6c551123893cdbfa73f6f369c9829cec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedExchange
GetStartupInfoA
GlobalHandle
GlobalFree
FileTimeToSystemTime
GetAtomNameA
InitAtomTable
AddAtomA
GetLocalTime
_lopen
GetProfileStringA
GetCurrentThread
GetCurrentProcess
CreateProcessA
WaitForSingleObject
GetExitCodeProcess
RaiseException
GetWindowsDirectoryA
GetVolumeInformationA
LocalFree
GetVersionExA
GetLastError
LocalAlloc
SetThreadPriority
GetSystemTime
SystemTimeToFileTime
CompareFileTime
GetSystemTimeAsFileTime
GetTickCount
IsBadWritePtr
IsBadReadPtr
_lclose
_lread
GlobalLock
GlobalUnlock
GetFileAttributesA
GetPrivateProfileIntA
GetFileSize
GlobalAlloc
WritePrivateProfileStringA
MulDiv
DeleteFileA
MoveFileA
EnumResourceLanguagesA
WriteFile
CreateFileA
SetFilePointer
ReadFile
InterlockedDecrement
InterlockedIncrement
CreateThread
CloseHandle
Sleep
lstrcmpiA
lstrcpynA
lstrcmpA
lstrlenA
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
GetModuleFileNameA
GetProcessHeap
HeapAlloc
HeapReAlloc
HeapFree
lstrcpyA
GetPrivateProfileStringA
GetTimeFormatA

user32

GetCursorPos
ClientToScreen
GetForegroundWindow
IntersectRect
SetWindowRgn
EndPaint
BeginPaint
ScreenToClient
ReleaseDC
GetDC
LoadStringA
EnableMenuItem
GetAsyncKeyState
DeleteMenu
UpdateWindow
MoveWindow
SetCursor
KillTimer
SetTimer
DefWindowProcA
CreateWindowExA
SetWindowLongA
GetClassInfoExA
RegisterClassExA
SetRect
GetWindowLongA
GetWindowRect
GetParent
SendMessageA
CallWindowProcA
InvalidateRect
AppendMenuA
GetMenuItemCount
GetMenuState
GetCapture
SetFocus
PtInRect
DestroyWindow
SetParent
OffsetRect
LockWindowUpdate
SetWindowTextA
LoadIconA
DestroyIcon
RemoveMenu
ModifyMenuA
GetClassNameA
EnumChildWindows
PostQuitMessage
GetMenuStringA
CheckMenuItem
CheckMenuRadioItem
GetWindowPlacement
SetForegroundWindow
DispatchMessageA
TranslateMessage
GetNextDlgTabItem
GetFocus
GetMessageA
PeekMessageA
GetKeyState
TranslateAcceleratorA
IsIconic
IsDialogMessageA
SetDlgItemTextA
CreateDialogParamA
wsprintfW
DrawFocusRect
GetSysColor
FindWindowA
MapWindowPoints
GetDlgItemTextA
MessageBeep
OpenClipboard
GetClipboardData
CloseClipboard
GetWindowTextLengthA
DialogBoxParamA
EndDialog
InvertRect
SendDlgItemMessageA
CheckDlgButton
GetActiveWindow
MessageBoxA
IsWindow
SetPropA
RemovePropA
GetDialogBaseUnits
GetTopWindow
LoadCursorA
SetWindowPos
GetDlgItem
EnableWindow
GetClientRect
IsZoomed
PostMessageA
WaitForInputIdle
GetDesktopWindow
IsWindowVisible
SystemParametersInfoA
FindWindowExA
ShowWindow
GetDlgCtrlID
GetSysColorBrush
SetCapture
ReleaseCapture
LoadImageA
GetSubMenu
wsprintfA
LoadMenuA
CreateDialogIndirectParamA
RegisterWindowMessageA
GetPropA
GetSystemMetrics
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
GetWindowTextA
GetWindow
IsDlgButtonChecked

gdi32

GetStockObject
ExcludeClipRect
CreateFontIndirectA
SetBkMode
ExtTextOutA
GetTextExtentPoint32A
SetBkColor
CombineRgn
SetTextColor
GetPixel
CreateSolidBrush
ExtCreateRegion
OffsetRgn
GetObjectA
PtInRegion
CreateCompatibleDC
CreateDIBSection
DeleteDC
SelectObject
BitBlt
DeleteObject
CreateRectRgn
GetDeviceCaps

shell32

ExtractIconExA
FindExecutableA
ShellExecuteA
ShellExecuteExA

ole32

CreateStreamOnHGlobal
StgCreateDocfile
CoUninitialize
CoInitialize
CoCreateGuid

oleaut32

OleLoadPicture

newui

?Create@CShortcutBar@@QAE_NPAUHWND__@@I_NPAUHBITMAP__@@PAUtagRECT@@23@Z
?Create@CCommandBarXP@@QAEHKPAUHWND__@@I_N@Z
?OnSysCommand@CCommandBarXP@@QAEHIJ@Z
?OnMenuChar@CCommandBarXP@@QAEJI@Z
?g_Colors@@3UCOLORS@@A
?ShowToolBar@CCommandBarXP@@QAEHPAUHWND__@@H@Z
?SetMenu@CCommandBarXP@@QAEHPAUHMENU__@@@Z
?LV_InsertItem@CShortcutBar@@IAEHHPBDH@Z
??1CCommandBarXP@@UAE@XZ
??0CCommandBarXP@@QAE@XZ
??_7CShortcutBar@@6B@
?AddToolBar@CCommandBarXP@@QAEHPAUHWND__@@HI@Z
?EnableButton@CToolbarWindow32@@QAEHHH@Z
?LoadImageList@CToolbarWindow32@@QAEHPAUHINSTANCE__@@PBDIK@Z
?SetBorderXP@@YGXPAUHWND__@@@Z
??_7CToolbarWindow32@@6B@
?RegisterClassA@CShortcutBar@@IAEXXZ

mexplorer

?ExplorerFT_ForwardDeviceChange@@YGXPAUHWND__@@IK@Z
?ExplorerFT_UnInitializeComm@@YGXXZ
?ExplorerFT_InitializeCommEx@@YG?AW4MEXPLORER_ERROR@@PAUMEXPLORER_INIT@@W4MEXPLORER_METHOD@@K@Z
?ExplorerFT_IsConnected@@YGHXZ

bvrpctln

_HTML_SetTagText@16
_HTML_RemoveTag@12
_HTML_SetChecked@12
_HTML_GetChecked@12
?Resize_Init@@YG_NPAUHWND__@@IQAUSIZING@@H@Z
?MessageBoxPlus@@YAHPAUMSGBOXPLUS@@ZZ
?AddDialogHeader@@YG_NPAUHWND__@@PAUDialogHeader@@@Z
?ArrangeControls@@YAXPAUHWND__@@W4ARRANGE_WAY@@HHHZZ
?SetControlsState@@YAXPAUHWND__@@HHHZZ
?GetString@CProfile@@QBEHPBD0PADI@Z
?PocketHTML@@YGXPAUHWND__@@@Z
?Load@CProfile@@QAE_NPBD@Z
?FindChapter@CProfile@@ABEPAUChapter@1@PBD@Z
ord2
_Profile_SetRoot@4
MakeFullPathName
?GetMessageBoxCheck@@YGHPBD@Z
??0CWaitDialog@@QAE@PAUHWND__@@P6GHPBV0@@ZPAX@Z
?HideCancel@CWaitDialog@@QBEABV1@XZ
?UseFakeProgress@CWaitDialog@@QBEABV1@XZ
?DoModal@CWaitDialog@@QAEHKK@Z
??1CWaitDialog@@UAE@XZ
?SetMessageBoxCheck@@YGXPBDH@Z
_InitSplitterWnd@0
_Profile_GetBinary@20
_CreateHtmlSlideView@20
?strrepc@@YGPADPADDD@Z
?GetInt@CProfile@@QBEHPBD0H@Z
?GetString@CProfile@@QBEHPBD00PADI@Z
_CenterWindow@4
??1CProfile@@UAE@XZ
??0CProfile@@QAE@PBD_N@Z
_Profile_GetInt@16
?SizeCtrlToText@@YG?AUtagSIZE@@PAUHWND__@@H@Z
_Profile_SetInt@16
_Profile_GetRoot@0
_HTML_CreateBrowser@20
?FindSection@CProfile@@ABEPAUSection@1@PBD@Z
?GetInt@CProfile@@QBEHPBDH@Z
?FindKey@CProfile@@ABEPAUKey@1@PBD@Z
_IsInternetConnected@4
_HTML_CanGoBack@4
_HTML_CanGoForward@4
_HTML_GoBack@4
_HTML_GoForward@4
_HTML_Stop@4
_HTML_Navigate@12
_HTML_Refresh@4
_Profile_SetBinary@20

grconv

ord5
ord3

logoedit

?UnLoad@CGif@@QAEXXZ
??1CGif@@UAE@XZ
??0CGif@@QAE@XZ
?Load@CGif@@QAE_NPBDHHK@Z
?Stop@CGif@@QAEXXZ
?Draw@CGif@@QAE_NPAUHWND__@@@Z
?CreateView@CGif@@QAE_NPAUHWND__@@HHHHKK@Z

msvcrt

_exit
_onexit
__dllonexit
??1type_info@@UAE@XZ
floor
vsprintf
_mbsicmp
_mbsupr
_mbscmp
abs
memcpy
time
gmtime
memset
strlen
strcpy
_mbsnbcpy
atol
_acmdln
sprintf
srand
rand
strrchr
_ftol
_XcptFilter
strtoul
_except_handler3
strtol
_mbschr
realloc
_osver
malloc
_strdup
_mbsnbicmp
sscanf
free
_mbstok
atoi
__RTDynamicCast
_mbsrchr
_mbslen
??2@YAPAXI@Z
__CxxFrameHandler
??3@YAXPAX@Z
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_mbsstr
exit
toupper

comctl32

PropertySheetA
ImageList_ReplaceIcon
InitCommonControlsEx

gdiplus

GdiplusShutdown
GdiplusStartup

shlwapi

PathFileExistsA
PathRenameExtensionA
PathFindFileNameA
PathIsURLA
PathAppendA
PathAddExtensionA
StrStrIA
SHGetValueA
PathRemoveFileSpecA

msimg32

AlphaBlend

setupapi

SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiGetDeviceRegistryPropertyA

wininet

HttpOpenRequestA
InternetSetOptionA
HttpSendRequestA
InternetErrorDlg
InternetQueryDataAvailable
InternetReadFile
HttpQueryInfoA
InternetOpenA
InternetConnectA
InternetGetConnectedState
InternetCloseHandle

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

advapi32

AddAccessAllowedAce
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegCreateKeyA
RegQueryValueExA
RegCreateKeyExA
RegEnumValueA
FreeSid
RevertToSelf
AccessCheck
IsValidSecurityDescriptor
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
RegOpenKeyExA
RegCloseKey
InitializeAcl
GetLengthSid
InitializeSecurityDescriptor
AllocateAndInitializeSid
OpenProcessToken
OpenThreadToken
ImpersonateSelf
RegDeleteKeyA

Sections

.text
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 4KB - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 228KB - Virtual size: 226KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tc
Size: 248KB - Virtual size: 248KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6c551123893cdbfa73f6f369c9829cec

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

oleaut32

newui

mexplorer

bvrpctln

grconv

logoedit

msvcrt

comctl32

gdiplus

shlwapi

msimg32

setupapi

wininet

version

advapi32

Sections

.text Size: 104KB - Virtual size: 101KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 20KB - Virtual size: 24KB

Shared Size: 4KB - Virtual size: 8B

.rsrc Size: 228KB - Virtual size: 226KB

.tc Size: 248KB - Virtual size: 248KB

.text
Size: 104KB - Virtual size: 101KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 20KB - Virtual size: 24KB

Shared
Size: 4KB - Virtual size: 8B

.rsrc
Size: 228KB - Virtual size: 226KB

.tc
Size: 248KB - Virtual size: 248KB