73df93117ea8cf88ad6ab93f3f58a10737059475421612208f203428437f202f

Sharing

Copy URL Twitter E-mail

General

Target

73df93117ea8cf88ad6ab93f3f58a10737059475421612208f203428437f202f
Size

808KB
MD5

0f5300c6711da02e95ebbc700015cfd0
SHA1

4a01149ae58133082ecec9638e9b4c8c0990d181
SHA256

73df93117ea8cf88ad6ab93f3f58a10737059475421612208f203428437f202f
SHA512

2bf026adc90267627fef2fd290b65d003905b384e541c0cbb4022b3e13c23e18180c005f1b8110e7efc146efb215ba25e013b9599c945f3160bbf369cada8bed
SSDEEP

12288:oA8ndoqdydLWPKyR/EaC7qTQVmTyJkyoBlmBmQ5NgNRuJ/VyiLRjU17q+Xl+5:nGSKPVCRpBbNl/yiLW17JXl+5

Score

N/A

Malware Config

Signatures

Files

73df93117ea8cf88ad6ab93f3f58a10737059475421612208f203428437f202f
.exe windows x86

185edaecbdf3bee4263c7178e5eb4e9c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GlobalFree
GlobalUnlock
GetCurrentThreadId
FlushInstructionCache
SetCurrentDirectoryW
GlobalLock
GlobalAlloc
RaiseException
DeleteFileA
MoveFileA
GetModuleFileNameA
CreateEventW
ResetEvent
CreateFileA
SetFileAttributesA
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetEnvironmentVariableW
SetEnvironmentVariableA
CompareStringW
CompareStringA
FlushFileBuffers
SetStdHandle
GetLocaleInfoW
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetCommandLineW
GetCommandLineA
GetConsoleMode
GetConsoleCP
SetFilePointer
GetStartupInfoA
GetFileType
SetHandleCount
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
lstrcmpiW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapCreate
IsValidCodePage
GetOEMCP
GetStdHandle
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
LCMapStringW
LCMapStringA
GetCPInfo
RtlUnwind
GetStartupInfoW
ExitProcess
GetModuleHandleA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
InterlockedCompareExchange
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
lstrlenA
GetFileSize
CreateMutexW
FreeResource
LoadLibraryExW
SetLastError
GetVersionExW
OutputDebugStringW
SetEvent
OpenEventW
LoadLibraryA
GetFullPathNameW
lstrlenW
ReadFile
WriteFile
CreateFileW
WideCharToMultiByte
WaitNamedPipeW
CreateThread
GetLocalTime
FindResourceExW
MoveFileExW
SetFileAttributesW
LoadResource
LockResource
lstrcmpW
SizeofResource
GetModuleFileNameW
FindFirstFileW
FindResourceW
CloseHandle
WaitForSingleObject
CreateDirectoryW
GetSystemDirectoryW
CreateProcessW
GetDiskFreeSpaceExW
GetDriveTypeW
Process32NextW
GetVersion
TerminateProcess
OpenProcess
GetCurrentProcessId
Process32FirstW
CreateToolhelp32Snapshot
GetLogicalDriveStringsW
QueryDosDeviceW
GetModuleHandleW
MultiByteToWideChar
RemoveDirectoryW
FindClose
FindNextFileW
GetCurrentProcess
GetFileAttributesW
DeleteFileW
GetLastError
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetProcAddress
FreeLibrary
LoadLibraryW
Sleep
InterlockedDecrement
InterlockedIncrement
GetPrivateProfileStringW
GetUserDefaultLCID

user32

SetWindowLongW
IsDialogMessageW
InflateRect
GetParent
GetClientRect
MessageBoxW
CharNextW
WindowFromPoint
GetScrollPos
SetFocus
EndPaint
BeginPaint
PeekMessageW
OffsetRect
GetKeyState
DestroyIcon
ReleaseDC
IsWindow
GetMessageW
TranslateMessage
DispatchMessageW
RegisterClassExW
GetDlgItem
GetDC
CopyRect
GetClassInfoExW
InvalidateRect
CreateWindowExW
LoadBitmapW
LoadImageW
GetActiveWindow
GetDesktopWindow
LoadCursorW
MoveWindow
IsWindowEnabled
EnableWindow
DefWindowProcW
MapWindowPoints
GetWindow
GetWindowThreadProcessId
GetForegroundWindow
SystemParametersInfoW
SetWindowPos
AttachThreadInput
DestroyWindow
SetForegroundWindow
SendMessageW
ShowWindow
UnregisterClassA
CallWindowProcW
LoadIconW
GetMonitorInfoW
MonitorFromWindow
DrawTextW
KillTimer
PostThreadMessageW
SetRectEmpty
DrawFrameControl
SetCapture
SetTimer
ReleaseCapture
EqualRect
DrawIconEx
SetCursor
IsWindowVisible
PtInRect
UpdateLayeredWindow
PostMessageW
GetNextDlgTabItem
GetDlgCtrlID
IsChild
SetRect
SetActiveWindow
GetWindowLongW
GetWindowRect
GetFocus

gdi32

LineTo
MoveToEx
GetTextExtentPoint32W
TextOutW
CreatePen
Rectangle
SetTextColor
CreateDIBSection
CreateCompatibleDC
DeleteObject
StretchBlt
CreateCompatibleBitmap
CreateBitmap
BitBlt
SelectObject
ExtTextOutW
DeleteDC
SetBkColor
CreateRectRgn
GetObjectW
GetStockObject
SaveDC
CreateFontIndirectW
SelectClipRgn
RestoreDC
SetBkMode
GetTextColor
GetClipRgn
CombineRgn
RoundRect
CreateRectRgnIndirect
RectInRegion
GetCurrentObject
SetStretchBltMode

advapi32

GetUserNameW
RegQueryValueExW
RegOpenKeyW
RegSetValueExW
RegCreateKeyExW
OpenProcessToken
RegDeleteKeyW
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
ChangeServiceConfig2W
ChangeServiceConfigW
CreateServiceW
AdjustTokenPrivileges
LookupPrivilegeValueW
StartServiceW
QueryServiceStatus
DeleteService
OpenServiceW
CloseServiceHandle
OpenSCManagerW
ControlService
ControlTraceW
RegQueryInfoKeyW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegDeleteValueW

shell32

SHGetFolderPathW
SHGetSpecialFolderPathW
ShellExecuteW

ole32

CoTaskMemAlloc
CreateStreamOnHGlobal
CoTaskMemRealloc
CoTaskMemFree
StringFromGUID2
CoInitializeEx
CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

SysAllocString
VarUI4FromStr
SysFreeString

shlwapi

SHGetValueW
PathIsDirectoryW
PathFileExistsW
PathRemoveFileSpecW
StrToIntW
StrToIntA
PathRemoveFileSpecA
PathAddBackslashA

comctl32

_TrackMouseEvent
InitCommonControlsEx

gdiplus

GdipDeleteFont
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipSetStringFormatTrimming
GdipDrawString
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipCreateStringFormat
GdipCreateFontFromLogfontW
GdipCreateFontFromDC
GdipDeleteStringFormat
GdipCloneImage
GdipDisposeImage
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipFree
GdipAlloc
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipDeleteGraphics
GdipCreateHBITMAPFromBitmap
GdipGetImageHeight
GdipGetImageWidth
GdipDrawImageRectRectI
GdiplusShutdown
GdiplusStartup
GdipCreateFromHDC

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

Sections

.text
Size: 572KB - Virtual size: 570KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

185edaecbdf3bee4263c7178e5eb4e9c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

gdiplus

version

Sections

.text Size: 572KB - Virtual size: 570KB

.rdata Size: 88KB - Virtual size: 84KB

.data Size: 12KB - Virtual size: 19KB

.rsrc Size: 128KB - Virtual size: 128KB

.text
Size: 572KB - Virtual size: 570KB

.rdata
Size: 88KB - Virtual size: 84KB

.data
Size: 12KB - Virtual size: 19KB

.rsrc
Size: 128KB - Virtual size: 128KB