b1e3086e9ea203a27ebe43f954fac2409caea06bb4d0602394b674885f61e358

Sharing

Copy URL Twitter E-mail

General

Target

b1e3086e9ea203a27ebe43f954fac2409caea06bb4d0602394b674885f61e358
Size

954KB
MD5

0f42cc709d2bf4ecfd39f815b329ee11
SHA1

9be97cfd01ba8fed563965d2b0e6f0a488296b2b
SHA256

b1e3086e9ea203a27ebe43f954fac2409caea06bb4d0602394b674885f61e358
SHA512

c7f831de2142a9c181a580e89e8040346d8fa59213cf903e551eef30c5560242463f11074930e1ec062e42eadb4ae499ac2b134563d939e89fb3f4caed9c93a9
SSDEEP

12288:7VAUUETGcVImCpPAXbysOdR+7bldust1xSb579ok3p4rVVuO3u6fDGePALwlIi6P:xV8PXsOdR+7bnum0uVh3N7GePALbfP5

Score

N/A

Malware Config

Signatures

Files

b1e3086e9ea203a27ebe43f954fac2409caea06bb4d0602394b674885f61e358
.exe windows x86

6b18d574f6b3aa212db20947ae8f5427

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetSaveFileNameW
GetOpenFileNameW

kernel32

lstrcmpiW
FreeLibrary
LoadLibraryExW
GetModuleFileNameW
ExpandEnvironmentStringsW
lstrcmpW
WideCharToMultiByte
DeleteFileW
GetLongPathNameW
GetVolumeInformationW
GetTempFileNameW
WritePrivateProfileStringW
GetThreadLocale
SetThreadLocale
SetFileTime
GetFileTime
CloseHandle
VirtualAllocEx
SizeofResource
LockResource
SetEnvironmentVariableA
CompareStringW
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
InitializeCriticalSectionAndSpinCount
InterlockedExchange
SetConsoleCtrlHandler
GetConsoleMode
GetConsoleCP
SetStdHandle
LCMapStringA
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
SetHandleCount
GetTimeZoneInformation
FatalAppExitA
HeapCreate
GetModuleFileNameA
GetStdHandle
GetModuleHandleA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetCurrentThread
ExitProcess
Sleep
GetStartupInfoA
GetCommandLineA
RtlUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetFileType
SetFilePointer
LocalFileTimeToFileTime
GetEnvironmentVariableW
SetEnvironmentVariableW
TlsFree
TlsAlloc
OpenThread
TlsSetValue
TlsGetValue
ReleaseMutex
SetEndOfFile
GetFileSizeEx
SetFilePointerEx
ReadFile
OutputDebugStringW
FormatMessageW
CreateFileA
GetSystemTimeAsFileTime
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
InterlockedCompareExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
OpenProcess
ReadProcessMemory
LoadResource
FindResourceW
FindResourceExW
GetVersionExW
SystemTimeToFileTime
GetSystemTime
VirtualFreeEx
GetCurrentProcessId
RaiseException
EnterCriticalSection
LeaveCriticalSection
CreateDirectoryA
lstrcatA
CreateDirectoryW
lstrcatW
GetModuleHandleW
GetProcAddress
InterlockedDecrement
InterlockedIncrement
DeviceIoControl
LoadLibraryW
CreateMutexW
GetLastError
DeleteCriticalSection
InitializeCriticalSection
MultiByteToWideChar
LocalFree
CreateFileW
WriteFile
LocalAlloc
MulDiv
WaitForSingleObject
CreateEventW
SetEvent
GetProfileIntW
GetTempPathW
GetTickCount
GetPrivateProfileIntW
GetLocalTime
GetPrivateProfileStringW
lstrlenW
lstrcpynW
lstrlenA
lstrcpynA
SetLastError
GetCurrentThreadId
TerminateProcess
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
GetCurrentProcess
FlushInstructionCache
WriteProcessMemory

user32

GetMessagePos
TrackMouseEvent
DestroyCursor
PrintWindow
EnumChildWindows
OffsetRect
wsprintfW
MessageBoxW
GetActiveWindow
InvalidateRect
UpdateWindow
SetWindowPos
IntersectRect
SystemParametersInfoW
LoadMenuW
LoadAcceleratorsW
CharNextW
wvsprintfW
GetDesktopWindow
SetLayeredWindowAttributes
MsgWaitForMultipleObjects
TranslateMessage
UnregisterClassA
ShowWindow
GetParent
SetWindowLongW
GetWindowLongW
BeginPaint
EndPaint
SetCursor
SetFocus
DestroyWindow
GetSysColorBrush
SetRect
GetClientRect
GetDlgItem
GetDC
ReleaseDC
FillRect
InflateRect
SetClassLongW
CopyRect
DrawTextW
PtInRect
FindWindowExW
FindWindowW
GetSystemMetrics
IsRectEmpty
IsWindowVisible
GetWindowRect
GetWindow
CreatePopupMenu
AppendMenuW
EqualRect
DestroyMenu
GetMonitorInfoW
MonitorFromPoint
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
SetCapture
OpenClipboard
IsWindow
GetClassInfoExW
LoadCursorW
CloseClipboard
SetClipboardData
EmptyClipboard
SendMessageW
DrawIconEx
WindowFromPoint
GetWindowThreadProcessId
ClientToScreen
SetRectEmpty
GetCapture
GetDCEx
GetMessageW
DispatchMessageW
ScreenToClient
SetMenuItemBitmaps
LoadImageW
SetForegroundWindow
ReleaseCapture
PostMessageW
CreateDialogParamW
PeekMessageW
MessageBeep
TrackPopupMenuEx
LoadStringA
PostQuitMessage
LoadStringW
GetMenuItemInfoW
RemoveMenu
GetMenuItemCount
MapWindowPoints
TranslateAcceleratorW
CreateWindowExW
RegisterClassExW
GetCursorPos
CallWindowProcW
DefWindowProcW
TrackPopupMenu

gdi32

GetTextColor
GetClipBox
SetStretchBltMode
TextOutW
GetTextExtentPoint32W
CreateFontIndirectW
SetPixel
GetDIBits
CreateDIBSection
GetDeviceCaps
SetROP2
UnrealizeObject
PatBlt
CreateBitmap
CreatePatternBrush
GetPixel
StretchBlt
SaveDC
SetMapMode
SetViewportOrgEx
SetWindowOrgEx
RestoreDC
SetBitmapBits
GetBitmapBits
GetObjectW
CreateDCW
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
SetBkMode
SetTextColor
GetStockObject
CreateSolidBrush
CreatePen
SelectObject
Rectangle
EnumFontFamiliesExW
CreateFontW
DeleteObject
DeleteDC
MoveToEx
Polygon
LineTo

advapi32

RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegQueryValueExA
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegCreateKeyExW
RegEnumKeyExW

shell32

SHGetFolderPathW
SHGetSpecialFolderPathW
ShellExecuteExW
ShellExecuteW
SHGetFolderPathA

ole32

CoUninitialize
CoInitialize
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CreateStreamOnHGlobal

oleaut32

SysStringLen
OleLoadPicture
SysAllocStringByteLen
SysStringByteLen
VariantChangeType
SysAllocStringLen
VarUI4FromStr
GetErrorInfo
SetErrorInfo
SysAllocString
VariantCopy
VariantClear
VariantInit
SysFreeString
VarBstrCmp
CreateErrorInfo

shlwapi

PathCombineW
PathRemoveFileSpecW
PathIsRootW
PathFileExistsW
SHGetValueW
StrCmpIW
PathAddBackslashW
StrCpyNW
PathAppendW
PathRemoveBackslashW
SHSetValueW

comctl32

ImageList_Destroy
ImageList_Draw
InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_Create

msimg32

AlphaBlend

gdiplus

GdipGetImageEncoders
GdipGetImageEncodersSize
GdipSaveImageToFile
GdipDrawImageRectRectI
GdipSetInterpolationMode
GdipGetImageHeight
GdipGetImageWidth
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipCloneImage
GdiplusStartup
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipDisposeImage
GdipCloneBrush
GdipDrawPath
GdipDrawLineI
GdipSetSmoothingMode
GdipCreateFromHDC
GdipAddPathEllipseI
GdipAddPathLineI
GdipSetPenBrushFill
GdipSetPenCustomEndCap
GdipSetPenEndCap
GdipSetPenStartCap
GdipCreateSolidFill
GdipDeleteGraphics
GdipSetCustomLineCapWidthScale
GdipSetCustomLineCapStrokeCaps
GdipDeleteCustomLineCap
GdipCreateCustomLineCap
GdipDeletePath
GdipCreatePath
GdipDeletePen
GdipCreatePen1
GdipAlloc
GdipFree
GdipDeleteBrush

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 657KB - Virtual size: 656KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 86KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 113KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6b18d574f6b3aa212db20947ae8f5427

Headers

DLL Characteristics

File Characteristics

Imports

comdlg32

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msimg32

gdiplus

version

Sections

.text Size: 657KB - Virtual size: 656KB

.rdata Size: 89KB - Virtual size: 89KB

.data Size: 86KB - Virtual size: 96KB

.rsrc Size: 113KB - Virtual size: 116KB

.text
Size: 657KB - Virtual size: 656KB

.rdata
Size: 89KB - Virtual size: 89KB

.data
Size: 86KB - Virtual size: 96KB

.rsrc
Size: 113KB - Virtual size: 116KB