3ca434b7e90aad3360b172b83349d68607cc2624aff754550158858b12201f77

Sharing

Copy URL Twitter E-mail

General

Target

3ca434b7e90aad3360b172b83349d68607cc2624aff754550158858b12201f77
Size

1.0MB
MD5

0cd207eb7e330b911c57678e1a1adc20
SHA1

19169338db0a45b5fbf77f6fe6184f3e4d510ce3
SHA256

3ca434b7e90aad3360b172b83349d68607cc2624aff754550158858b12201f77
SHA512

22d970f2ee9e6e6c1bb98216f9738970d70f9f02691144947e4807a031ae8f09f887c6c1b20c46e35c90c7c86813456a3c14e440d8c5d9ddbb1fad01bfb4a2b9
SSDEEP

24576:F3L3ccT1WBe6yKFwR5Rqzwep5CbTbcjkk8eTPFUo:ZLgDyKFA5kztyTzz4Uo

Score

N/A

Malware Config

Signatures

Files

3ca434b7e90aad3360b172b83349d68607cc2624aff754550158858b12201f77
.exe windows x86

d53abc1b2bf41faba39b480651bdd8ef

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
Sleep
InterlockedCompareExchange
lstrcpyW
MulDiv
GetCurrentThreadId
DeleteCriticalSection
lstrcmpiW
EnterCriticalSection
GetProcAddress
SetLastError
GetLastError
RaiseException
FlushInstructionCache
lstrlenW
MultiByteToWideChar
GetModuleFileNameW
SetEnvironmentVariableA
SizeofResource
InitializeCriticalSection
GetModuleHandleW
GetCurrentProcess
InterlockedDecrement
InterlockedIncrement
LoadLibraryExW
GetLocaleInfoA
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
SetEndOfFile
GetConsoleMode
GetConsoleCP
SetStdHandle
LeaveCriticalSection
GetModuleHandleA
LockResource
LCMapStringW
LoadResource
FreeLibrary
LCMapStringA
GetCurrentDirectoryA
FindResourceW
GetFullPathNameW
GetTimeZoneInformation
QueryPerformanceCounter
InitializeCriticalSectionAndSpinCount
GetCommandLineW
LoadLibraryW
GetTempPathW
CloseHandle
GetCurrentProcessId
GetTempFileNameW
CreateProcessW
MoveFileExW
CreateDirectoryW
WaitForSingleObject
GlobalAlloc
FileTimeToSystemTime
CreateFileW
GlobalFree
DeleteFileW
SetFileAttributesW
SetFilePointer
WriteFile
FormatMessageW
ExitThread
CreateEventW
WaitForMultipleObjects
DuplicateHandle
LocalFree
CreateThread
WideCharToMultiByte
FindFirstFileW
GetSystemDirectoryW
FindClose
RemoveDirectoryW
FindNextFileW
CreateMutexW
OpenMutexW
ReleaseMutex
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
LocalAlloc
GetFileSize
ReadFile
FlushFileBuffers
GetTickCount
CompareStringW
GlobalLock
GlobalUnlock
GlobalReAlloc
CreateFileA
HeapFree
GetProcessHeap
HeapAlloc
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
ResumeThread
HeapReAlloc
GetSystemTimeAsFileTime
GetStartupInfoW
FileTimeToLocalFileTime
GetDriveTypeW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlUnwind
GetDriveTypeA
GetFileType
TerminateProcess
IsDebuggerPresent
HeapCreate
ExitProcess
GetStdHandle
GetModuleFileNameA
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA

user32

SetDlgItemTextW
GetScrollInfo
SetScrollPos
ScrollWindow
ShowScrollBar
GetFocus
AdjustWindowRectEx
GetMenu
SystemParametersInfoW
GetForegroundWindow
DispatchMessageW
MonitorFromRect
GetMonitorInfoW
CloseWindow
SetLayeredWindowAttributes
GetCursorPos
IntersectRect
TranslateMessage
PtInRect
BeginPaint
SetFocus
SubtractRect
PostQuitMessage
MonitorFromPoint
GetMessageW
SetCursor
EndPaint
SetWindowRgn
DrawIconEx
LoadImageW
InvalidateRect
GetDesktopWindow
SetRect
UnregisterClassA
MessageBoxW
SetScrollInfo
GetScrollPos
MapVirtualKeyW
SetTimer
GetWindowDC
DrawTextW
KillTimer
GetParent
DrawIcon
InflateRect
OffsetRect
GetWindowTextW
GetSysColor
SetWindowPos
ShowWindow
IsWindow
IsWindowVisible
UpdateWindow
EnableWindow
DestroyIcon
CopyRect
GetWindowRect
FillRect
LoadCursorW
GetClientRect
GetClassInfoExW
RegisterClassExW
LoadIconW
CreateWindowExW
MoveWindow
GetDC
GetWindowLongW
ReleaseDC
GetSystemMetrics
SetWindowTextW
CallWindowProcW
DestroyWindow
CharNextW
SetForegroundWindow
DialogBoxParamW
FindWindowW
GetDlgItem
SetWindowLongW
EndDialog
GetActiveWindow
SendMessageW
DefWindowProcW
PostMessageW

gdi32

CreateDIBSection
GetObjectW
CreateCompatibleDC
DeleteObject
DeleteDC
GetTextMetricsW
GetStockObject
CreateSolidBrush
RoundRect
CreatePen
GetTextExtentExPointW
DPtoLP
SetBkMode
GetDeviceCaps
CreateFontIndirectW
SelectObject
ExtCreateRegion
SelectClipRgn
StretchBlt
CombineRgn
OffsetRgn
CreateRectRgn
BitBlt
CreateCompatibleBitmap
BeginPath
MoveToEx
LineTo
AngleArc
SaveDC
EndPath
FillPath
RestoreDC
Rectangle
SetViewportOrgEx
SetTextColor
TextOutW

advapi32

OpenProcessToken
GetSecurityDescriptorSacl
BuildExplicitAccessWithNameW
RegSetValueExW
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegDeleteValueW
RegDeleteKeyW
RegQueryInfoKeyW
RegCreateKeyExW
GetTokenInformation
LookupAccountSidW
RegQueryValueExW
RegQueryValueW
AddAccessAllowedAceEx
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetNamedSecurityInfoW
GetNamedSecurityInfoW
InitializeAcl
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityInfo
SetEntriesInAclW
GetSidLengthRequired

shell32

SHGetFolderPathW
SHGetSpecialFolderPathW
ShellExecuteW
ExtractIconW

ole32

OleUninitialize
CoUninitialize
CoInitialize
CoTaskMemAlloc
CoTaskMemFree
OleCreate
OleSetContainedObject
OleInitialize
CoTaskMemRealloc
CoCreateInstance

oleaut32

VariantInit
VariantClear
SysFreeString
VarUI4FromStr
SysAllocString

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

msimg32

GradientFill
TransparentBlt
AlphaBlend

comctl32

_TrackMouseEvent
InitCommonControlsEx

shlwapi

SHDeleteKeyW

wininet

InternetOpenW
InternetCloseHandle
HttpQueryInfoW
InternetSetOptionW
InternetReadFile
InternetOpenUrlW

Sections

.text
Size: 573KB - Virtual size: 572KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 264KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d53abc1b2bf41faba39b480651bdd8ef

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

version

msimg32

comctl32

shlwapi

wininet

Sections

.text Size: 573KB - Virtual size: 572KB

.rdata Size: 166KB - Virtual size: 166KB

.data Size: 16KB - Virtual size: 26KB

.rsrc Size: 264KB - Virtual size: 264KB

.text
Size: 573KB - Virtual size: 572KB

.rdata
Size: 166KB - Virtual size: 166KB

.data
Size: 16KB - Virtual size: 26KB

.rsrc
Size: 264KB - Virtual size: 264KB