cd7624c05e42217577339b7f9113420477bd6a5a840f2e1f383d3c47405ec24c

Sharing

Copy URL Twitter E-mail

General

Target

cd7624c05e42217577339b7f9113420477bd6a5a840f2e1f383d3c47405ec24c
Size

1.1MB
MD5

05c7d3caf35084866c92fd3a618313d0
SHA1

603a9d2893512ecbb09360c9c5b55d82f9a34395
SHA256

cd7624c05e42217577339b7f9113420477bd6a5a840f2e1f383d3c47405ec24c
SHA512

dbd0da8817f90256a44d7e8a64a9b557a880b236113f02b007e2ae0aed06508158a2e5190594dacf64d70db1859c521fd28503b5f30ea8ac3390541e672bb44c
SSDEEP

24576:6gll+o6hK7nIkxhyZBSQ5jRxfeLjqlf6/Qca4If:6u0KEkuBJVymfwQca4If

Score

N/A

Malware Config

Signatures

Files

cd7624c05e42217577339b7f9113420477bd6a5a840f2e1f383d3c47405ec24c
.exe windows x86

054b62192717d0b67229fdf7357176e3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLongPathNameW
QueryDosDeviceW
InitializeCriticalSectionAndSpinCount
GetModuleFileNameA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
InterlockedCompareExchange
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
SleepEx
FormatMessageA
PeekNamedPipe
GetFileType
GetStdHandle
ExpandEnvironmentStringsA
SetEvent
LocalFree
CloseHandle
UnmapViewOfFile
ResetEvent
MapViewOfFile
OpenFileMappingW
WaitForSingleObject
WaitForMultipleObjects
CreateEventW
CreateMutexW
GetLastError
CreateFileMappingW
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
GetCurrentProcess
GetProcAddress
GetModuleHandleW
SetFilePointer
SetEndOfFile
WideCharToMultiByte
lstrlenW
SetLastError
GetVersionExW
CreateFileW
WriteFile
CreateDirectoryW
GetFileAttributesW
RaiseException
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetModuleFileNameW
LoadLibraryW
InitializeCriticalSection
FreeLibrary
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetCurrentThreadId
MultiByteToWideChar
lstrlenA
GlobalSize
FreeResource
TerminateProcess
OpenProcess
GetPrivateProfileIntW
GetFileAttributesExW
DeleteFileW
MoveFileExW
GetLogicalDriveStringsW
ExpandEnvironmentStringsW
Sleep
GetTickCount
FlushInstructionCache
lstrcpyW
LoadLibraryExW
lstrcmpiW
InterlockedDecrement
InterlockedIncrement
MapViewOfFileEx
SetErrorMode
GetPrivateProfileStringW
WritePrivateProfileStringW
GetFileSize
ReadFile
GetCurrentProcessId
TerminateThread

user32

RegisterWindowMessageW
UnregisterClassA
GetWindowLongW
BringWindowToTop
ReleaseCapture
UpdateLayeredWindow
EndPaint
BeginPaint
GetKeyState
SetLayeredWindowAttributes
RegisterClassExW
SetWindowRgn
WindowFromPoint
GetScrollPos
MonitorFromWindow
GetMonitorInfoW
GetFocus
GetClassInfoExW
GetDlgCtrlID
GetNextDlgTabItem
SetFocus
SetCapture
RedrawWindow
CreateWindowExW
LoadCursorW
SetCursor
DrawIconEx
LoadIconW
LoadImageW
DrawFrameControl
IsWindowVisible
SetRectEmpty
EqualRect
DestroyIcon
GetDlgItem
DrawTextW
OffsetRect
SetRect
PtInRect
GetCursorPos
CallWindowProcW
PostThreadMessageW
SetWindowLongW
MessageBoxW
KillTimer
SetTimer
ShowWindow
InvalidateRect
SendMessageW
CharNextW
DefWindowProcW
GetActiveWindow
GetDesktopWindow
IsWindowEnabled
EnableWindow
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
SetForegroundWindow
SetActiveWindow
GetDC
ReleaseDC
InflateRect
FindWindowExW
PostMessageW
PeekMessageW
IsWindow
GetMessageW
TranslateMessage
DispatchMessageW
DestroyWindow
CopyRect
GetParent
GetWindow
GetWindowRect
SystemParametersInfoW
GetClientRect
MapWindowPoints
SetWindowPos

gdi32

CreateRoundRectRgn
GetTextExtentPoint32W
TextOutW
GetTextMetricsW
GetGlyphOutlineW
GetRegionData
GetClipRgn
RoundRect
GetCurrentObject
GetObjectA
RectInRegion
SetBkMode
GetTextColor
CreateCompatibleBitmap
CreateBitmap
StretchBlt
SetTextColor
BitBlt
CombineRgn
CreateRectRgnIndirect
EnumFontFamiliesExW
Rectangle
GetStockObject
CreateFontIndirectW
CreateCompatibleDC
DeleteDC
GetObjectW
CreateDIBSection
CreatePen
CreateRectRgn
SetBkColor
ExtTextOutW
LineTo
MoveToEx
SelectClipRgn
SelectObject
RestoreDC
SaveDC
SetDIBitsToDevice
StretchDIBits
DeleteObject

advapi32

RegCloseKey
RegOpenKeyExW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegOpenKeyW
RegEnumKeyExW
RegQueryInfoKeyW
RegDeleteValueW
RegDeleteKeyW
RegSetValueExW
RegCreateKeyExW
GetNamedSecurityInfoW
GetAclInformation
GetAce
GetSidLengthRequired
InitializeSid
GetSidSubAuthority
CopySid
IsValidSid
GetLengthSid
SetNamedSecurityInfoW
InitializeAcl
AddAce
RegQueryValueExW

shell32

SHGetFileInfoA
SHGetSpecialFolderPathW
ShellExecuteW
SHGetFolderPathW
Shell_NotifyIconW
ShellExecuteExW

ole32

CoCreateGuid
CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc
CoInitialize
CoUninitialize
CreateStreamOnHGlobal
CoTaskMemRealloc

oleaut32

VarUI4FromStr

shlwapi

StrCpyNW
PathAddBackslashW
PathFileExistsA
PathFindFileNameW
StrToIntA
PathRemoveFileSpecW
PathAppendW
PathFileExistsW
StrToIntW
StrCmpNIW
StrCmpNW
StrStrIA

comctl32

_TrackMouseEvent
InitCommonControlsEx

msimg32

AlphaBlend
TransparentBlt

gdiplus

GdipSetSmoothingMode
GdipResetWorldTransform
GdipTranslateWorldTransform
GdipDeleteBrush
GdipDeleteGraphics
GdipRotateWorldTransform
GdipSetPageUnit
GdipSetPageScale
GdipGetFontCollectionFamilyCount
GdipCreateFontFamilyFromName
GdipGetGenericFontFamilySansSerif
GdipCreateFont
GdipCloneFontFamily
GdipGetFontCollectionFamilyList
GdipGetFamilyName
GdipIsStyleAvailable
GdipSetPixelOffsetMode
GdipGetPixelOffsetMode
GdipSetInterpolationMode
GdipGetInterpolationMode
GdipSetImageAttributesWrapMode
GdipSetImageAttributesRemapTable
GdipDrawLineI
GdipSetPenDashStyle
GdipDeletePen
GdipCreatePen1
GdipCreateFontFromLogfontW
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipMeasureString
GdipDrawString
GdipSetTextRenderingHint
GdipSetStringFormatTrimming
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDeleteFontFamily
GdipDeleteFont
GdiplusShutdown
GdiplusStartup
GdipDrawImagePointsRectI
GdipDrawImageRectI
GdipImageRotateFlip
GdipCloneImage
GdipCloneBrush
GdipDrawImageRectRectI
GdipFillRectangleI
GdipReleaseDC
GdipGetDC
GdipCreateFromHDC
GdipCreateSolidFill
GdipSetImageAttributesColorMatrix
GdipGetImageHeight
GdipDisposeImage
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipAlloc
GdipFree
GdipGetImageWidth

msvcp80

?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?allocate@?$allocator@D@std@@QAEPADIPBX@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?erase@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@II@Z
?replace@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@III_W@Z
?swap@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXAAV12@@Z
wctype
?deallocate@?$allocator@D@std@@QAEXPADI@Z
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?erase@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@V32@0@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z

msvcr80

strrchr
_fileno
_wcslwr_s
_wcsnicmp
_time64
_read
_close
_open
_strdup
isprint
isupper
islower
isgraph
_stat64
_stricmp
atoi
sscanf
abs
_mbsstr
_mbsicmp
_mbschr
vsprintf_s
_vscprintf
_endthread
wcsncpy_s
wcscpy_s
_waccess
_mbscmp
strlen
__RTDynamicCast
labs
strncpy
sprintf
memcmp
iswctype
??8type_info@@QBE_NABV0@@Z
_gmtime64
_isctype
fflush
_fstat64
_lseeki64
memchr
isdigit
__sys_nerr
strerror
strcmp
fputs
qsort
fopen
fgets
_strtoi64
isxdigit
strtoul
__iob_func
realloc
_wcsicmp
strtol
strstr
_strnicmp
?terminate@@YAXXZ
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_except_handler4_common
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__set_app_type
?_type_info_dtor_internal_method@type_info@@QAEXXZ
towlower
towupper
wcscat
_wcslwr
wcscpy
wcschr
__p__commode
__p__fmode
malloc
_recalloc
_controlfp_s
_invoke_watson
toupper
??0exception@std@@QAE@ABQBDH@Z
fwrite
_errno
iswspace
strcpy
strcat
strchr
strncmp
isalnum
isalpha
tolower
isspace
fclose
fseek
fread
_vsnprintf_s
fprintf
fputc
memmove
getenv
??3@YAXPAX@Z
memcpy
??2@YAPAXI@Z
??_V@YAXPAX@Z
_invalid_parameter_noinfo
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
__CxxFrameHandler3
swprintf_s
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
memset
_beginthreadex
wcsstr
memcpy_s
_purecall
wcsrchr
_vscwprintf
vswprintf_s
wcslen
memmove_s
free
calloc
_crt_debugger_hook

iphlpapi

GetAdaptersInfo

ws2_32

ioctlsocket
gethostname
WSAStartup
select
__WSAFDIsSet
accept
listen
recvfrom
sendto
getaddrinfo
freeaddrinfo
socket
closesocket
htons
bind
connect
setsockopt
WSACleanup
WSAGetLastError
send
recv
getsockname
getpeername
ntohs
WSASetLastError
getsockopt

Sections

.text
Size: 536KB - Virtual size: 534KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 120KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 368KB - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

054b62192717d0b67229fdf7357176e3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msimg32

gdiplus

msvcp80

msvcr80

iphlpapi

ws2_32

Sections

.text Size: 536KB - Virtual size: 534KB

.rdata Size: 120KB - Virtual size: 117KB

.data Size: 48KB - Virtual size: 48KB

.rsrc Size: 368KB - Virtual size: 368KB

.text
Size: 536KB - Virtual size: 534KB

.rdata
Size: 120KB - Virtual size: 117KB

.data
Size: 48KB - Virtual size: 48KB

.rsrc
Size: 368KB - Virtual size: 368KB