d7b33753d4be7459adf3da4bcda10c70404776d648a27819c14469abc05dc8fa

Sharing

Copy URL Twitter E-mail

General

Target

d7b33753d4be7459adf3da4bcda10c70404776d648a27819c14469abc05dc8fa
Size

953KB
MD5

0cea7e817c06b4cf13f4b7e19cdf44d0
SHA1

555451549c91e8f036d280cf76dfdf30dfaf43cd
SHA256

d7b33753d4be7459adf3da4bcda10c70404776d648a27819c14469abc05dc8fa
SHA512

5ef2ec11332729a90138ec47f4b9eb15e42425fa06941d6a34dc62ecc85094be78a08f9be002b2f64176fa923e7ad031983e92114646819be849c26392a600a1
SSDEEP

24576:PmahQEJE4LxO3xGSy5VZZZZZZKXZZZZJNugQEfS3rdO+311U:+yQ74V28YudBZOo

Score

N/A

Malware Config

Signatures

Files

d7b33753d4be7459adf3da4bcda10c70404776d648a27819c14469abc05dc8fa
.exe windows x86

7260b0bd336458fadf59912f82cda009

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
HeapAlloc
ExitProcess
ExitThread
HeapReAlloc
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
FatalAppExitA
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
LCMapStringW
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
HeapFree
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
GetProcessHeap
SetEnvironmentVariableA
EnterCriticalSection
LeaveCriticalSection
GetSystemDirectoryW
GetFileTime
GetFileSizeEx
lstrcmpiA
DeleteAtom
FindAtomW
ReleaseMutex
AddAtomW
OpenThread
GetSystemTime
GetLocalTime
OutputDebugStringW
SetFilePointerEx
IsProcessorFeaturePresent
InterlockedCompareExchange
InitializeCriticalSection
DeleteCriticalSection
GetFileAttributesW
SetFileAttributesW
LCMapStringA
GetStartupInfoW
SizeofResource
LockResource
LoadResource
FindResourceW
LoadLibraryW
GetModuleFileNameW
GetLastError
CreateMutexW
FreeLibrary
GetProcAddress
GetCurrentThreadId
lstrlenW
InterlockedIncrement
InterlockedDecrement
lstrcmpiW
CloseHandle
MultiByteToWideChar
LoadLibraryExW
GetModuleHandleW
LocalFree
GetCommandLineW
DeleteFileW
GetTempFileNameW
GetTempPathW
Sleep
DeviceIoControl
CreateFileW
GetCurrentProcessId
CreateProcessW
WideCharToMultiByte
GlobalUnlock
GlobalFree
GlobalLock
GlobalAlloc
CreateThread
FlushInstructionCache
GetCurrentProcess
SetLastError
RaiseException
MulDiv
FormatMessageW
GlobalSize
CopyFileW
lstrcmpW
SetFileTime
LocalFileTimeToFileTime
GetFileAttributesExW
FileTimeToLocalFileTime
GetTickCount
SetErrorMode
GetShortPathNameW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetStringTypeExW
MoveFileW
SystemTimeToFileTime
FileTimeToSystemTime
GetThreadLocale
lstrlenA
GetAtomNameW
GlobalGetAtomNameW
GlobalFlags
GetCurrentDirectoryW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalFindAtomW
GetVersionExW
CompareStringW
LoadLibraryA
GetVersionExA
GetModuleHandleA
GlobalAddAtomW
CreateEventW
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
FreeResource
GlobalDeleteAtom
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange

user32

CharUpperW
DestroyIcon
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
IsRectEmpty
CopyAcceleratorTableW
WaitMessage
WindowFromPoint
DeleteMenu
UnregisterClassW
GetSysColorBrush
GetDesktopWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
ScrollWindowEx
SetWindowTextW
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
GetDlgItemTextW
GetDlgItemInt
CheckRadioButton
CheckDlgButton
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
GetMessageTime
InflateRect
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
UpdateWindow
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetDlgCtrlID
GetMenu
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
GetSysColor
GetWindowDC
GrayStringW
DrawTextExW
CharNextW
DestroyWindow
GetMenuItemInfoW
DestroyMenu
DrawTextW
TabbedTextOutW
FillRect
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
ShowOwnedPopups
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
ValidateRect
SetMenuItemBitmaps
GetDialogBaseUnits
TranslateAcceleratorW
SetRectEmpty
CreatePopupMenu
InsertMenuItemW
LoadAcceleratorsW
GetMenuBarInfo
GetMenuCheckMarkDimensions
LoadBitmapW
LoadMenuW
ReuseDDElParam
UnpackDDElParam
RegisterClipboardFormatW
GetKeyNameTextW
MapVirtualKeyW
GetSystemMenu
LockWindowUpdate
GetDCEx
PostThreadMessageW
UnionRect
GetMessagePos
MoveWindow
SetParent
MessageBoxW
GetActiveWindow
SetForegroundWindow
UnregisterClassA
ShowWindow
FindWindowW
IsWindow
CopyRect
PtInRect
OffsetRect
IntersectRect
SetRect
SendMessageW
PostMessageW
GetClientRect
ClientToScreen
ScreenToClient
InvalidateRect
SetTimer
KillTimer
SetCapture
SetCursor
GetCursor
LoadCursorW
GetCursorPos
ReleaseCapture
GetKeyState
EnableWindow
LoadIconW
SetWindowPos
GetWindowLongW
PostQuitMessage
BringWindowToTop
WaitForInputIdle
DefWindowProcW
SetWindowLongW
GetWindowRect
IsWindowVisible
GetFocus
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetWindow
SetWindowContextHelpId
GetParent
MapDialogRect
UnhookWindowsHookEx
GetMenuState
GetMenuStringW
AppendMenuW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
RemoveMenu
SystemParametersInfoW
CreateWindowExW
RegisterClassExW
UpdateLayeredWindow
CallWindowProcW
ReleaseDC
GetDC
EndPaint
BeginPaint
GetClassInfoExW
SetWindowRgn

gdi32

SetWorldTransform
ModifyWorldTransform
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
LineTo
MoveToEx
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
SetArcDirection
SetColorAdjustment
SelectClipRgn
GetClipRgn
SelectClipPath
GetObjectW
GetViewportExtEx
GetWindowExtEx
GetPixel
StartDocW
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
SetBkColor
GetCurrentPositionEx
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
SetGraphicsMode
CreatePatternBrush
GetStockObject
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
GetDCOrgEx
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
CreateFontIndirectW
SetRectRgn
GetMapMode
PatBlt
DPtoLP
GetTextExtentPoint32W
GetTextMetricsW
GetCharWidthW
StretchDIBits
SetTextColor
SetStretchBltMode
RestoreDC
SaveDC
CreateBitmap
CreateDCW
CopyMetaFileW
GetDeviceCaps
CombineRgn
CreateRectRgn
CreateDIBSection
DeleteDC
DeleteObject
SetViewportOrgEx
SelectObject
BitBlt
CreateCompatibleDC
SetROP2
SetPolyFillMode
CreateDIBPatternBrushPt
SetBkMode
CreateCompatibleBitmap
CreateFontW
ScaleWindowExtEx

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegEnumKeyExA
RegQueryValueExA
RegCreateKeyW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegQueryValueExW
RegSetValueW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegOpenKeyExA

shell32

ShellExecuteW
ExtractIconW
SHGetFileInfoW
DragFinish
DragQueryFileW
CommandLineToArgvW

comctl32

_TrackMouseEvent

shlwapi

PathFileExistsW
PathAppendW
SHGetValueW
PathIsRelativeW
PathCombineW
PathRemoveFileSpecW
PathFindFileNameW
PathFindExtensionW
PathRemoveExtensionW
PathStripToRootW
PathIsUNCW
SHSetValueW
StrToIntExW
SHGetValueA
SHSetValueA

oledlg

OleUIBusyW

ole32

CreateILockBytesOnHGlobal
CoInitializeSecurity
OleInitialize
CoFreeUnusedLibraries
CoGetClassObject
StgOpenStorageOnILockBytes
CoInitializeEx
CoDisconnectObject
CoRegisterClassObject
OleRun
OleUninitialize
StgCreateDocfileOnILockBytes
CLSIDFromString
CLSIDFromProgID
CoRevokeClassObject
OleSetClipboard
OleIsCurrentClipboard
OleFlushClipboard
OleDuplicateData
CoTreatAsClass
StringFromCLSID
ReleaseStgMedium
CreateBindCtx
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CreateStreamOnHGlobal
CoInitialize
CoUninitialize
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoSetProxyBlanket
CoRegisterMessageFilter
StringFromGUID2

oleaut32

VariantClear
SysAllocStringByteLen
SysStringByteLen
SysStringLen
VariantInit
SysAllocStringLen
VariantChangeType
RegisterTypeLi
LoadTypeLi
LoadRegTypeLi
SafeArrayUnaccessData
SafeArrayAccessData
CreateErrorInfo
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
VariantCopy
SysAllocString
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
VarDateFromStr
SysReAllocStringLen
VarCyFromStr
VarBstrFromCy
VarBstrFromDec
VarDecFromStr
VarBstrFromDate
OleCreateFontIndirect
SafeArrayAllocData
SysFreeString
GetErrorInfo
SetErrorInfo
VarUI4FromStr

urlmon

URLDownloadToCacheFileW
URLDownloadToFileW

gdiplus

GdipDeleteGraphics
GdipDrawImageRectRectI
GdipDrawImagePointRectI
GdipCreateFromHDC
GdipGetImageHeight
GdipFree
GdipAlloc
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipDisposeImage
GdipCloneImage
GdipGetImageWidth
GdiplusShutdown
GdiplusStartup

iphlpapi

GetAdaptersInfo

wininet

InternetGetConnectedState

wintrust

WinVerifyTrust
WTHelperProvDataFromStateData

crypt32

CertGetNameStringW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

netapi32

Netbios

Sections

.text
Size: 679KB - Virtual size: 679KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 145KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 21KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wrdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7260b0bd336458fadf59912f82cda009

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

urlmon

gdiplus

iphlpapi

wininet

wintrust

crypt32

version

netapi32

Sections

.text Size: 679KB - Virtual size: 679KB

.rdata Size: 145KB - Virtual size: 144KB

.data Size: 21KB - Virtual size: 40KB

.rsrc Size: 31KB - Virtual size: 31KB

.wrdata Size: 68KB - Virtual size: 68KB

.text
Size: 679KB - Virtual size: 679KB

.rdata
Size: 145KB - Virtual size: 144KB

.data
Size: 21KB - Virtual size: 40KB

.rsrc
Size: 31KB - Virtual size: 31KB

.wrdata
Size: 68KB - Virtual size: 68KB