1436af2453bdad9324cf8930a8964dd586207fd4124a2bf4ea8e663b496011ce

Sharing

Copy URL Twitter E-mail

General

Target

1436af2453bdad9324cf8930a8964dd586207fd4124a2bf4ea8e663b496011ce
Size

614KB
MD5

0a0a1500b6be87cb2f5d5ed34e79dc90
SHA1

1fb04303db1994e1689f13d012b19083ef5d3ee4
SHA256

1436af2453bdad9324cf8930a8964dd586207fd4124a2bf4ea8e663b496011ce
SHA512

604a3c120b68018c39b449f1d8e0861a84a1f869e5f82bc908262d11535bed07392b68b7ad357189a4840e95fd2dceb98cbe173d6fa712d1838d5425175ea391
SSDEEP

12288:9N0sG3+JLT1/xZJa5BXlglENuWakFdBkPlNhF5AS0FRtoQ:9N0s2+JLRYlglENTdBkBL90toQ

Score

N/A

Malware Config

Signatures

Files

1436af2453bdad9324cf8930a8964dd586207fd4124a2bf4ea8e663b496011ce
.exe windows x86

5f1c9d08062434394afd67082d009e9c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SuspendThread
GetThreadContext
SetThreadContext
LoadLibraryA
InitializeCriticalSectionAndSpinCount
VirtualProtect
VirtualAlloc
GetSystemTimeAsFileTime
GetTickCount
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
GetThreadLocale
GetLocaleInfoA
GetACP
VirtualFree
IsProcessorFeaturePresent
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
InterlockedExchange
LocalAlloc
ResumeThread
InterlockedCompareExchange
VirtualQuery
GetCurrentThread
lstrlenW
SizeofResource
FreeResource
Sleep
GetProcAddress
ReadFile
DeleteFileW
FreeLibrary
InterlockedIncrement
RaiseException
GlobalFree
FlushInstructionCache
CreateFileW
GetPrivateProfileIntW
MulDiv
FindResourceW
GetVersionExW
GetModuleHandleW
LockResource
GetCurrentProcessId
LoadLibraryExW
MultiByteToWideChar
GetCurrentProcess
lstrcmpW
LoadResource
GetCurrentThreadId
GlobalAlloc
SetLastError
WideCharToMultiByte
lstrlenA
lstrcmpiW
LoadLibraryW
ExitProcess
GlobalLock
GlobalUnlock
GetFileSize
CreateMutexW
GetModuleFileNameW
OutputDebugStringW
InterlockedDecrement
FindResourceExW
GetLastError
LeaveCriticalSection
WaitForSingleObject
InitializeCriticalSection
EnterCriticalSection
TerminateThread
WaitForMultipleObjects
CreateEventW
ResetEvent
DeleteCriticalSection
CloseHandle
SetEvent
QueryPerformanceCounter

user32

IsZoomed
KillTimer
SetWindowRgn
GetWindowRect
GetMessageW
MessageBeep
PtInRect
DestroyAcceleratorTable
GetForegroundWindow
LoadStringW
MessageBoxW
GetClassInfoExW
UnregisterClassA
GetWindow
DestroyIcon
LoadIconW
PostThreadMessageW
EqualRect
GetScrollPos
GetNextDlgTabItem
HideCaret
MonitorFromWindow
ShowCaret
TrackPopupMenu
CallNextHookEx
GetAsyncKeyState
FillRect
IsChild
SetRect
SystemParametersInfoW
GetSysColorBrush
FindWindowExW
UnhookWindowsHookEx
SetClipboardData
InvalidateRgn
PostMessageW
AdjustWindowRectEx
ScreenToClient
MoveWindow
EnableWindow
CreateWindowExW
IsWindow
DrawEdge
UpdateWindow
FindWindowW
LoadImageW
GetMenuItemInfoW
DrawIconEx
SendMessageW
GetDlgItem
LoadBitmapW
OpenClipboard
GetWindowTextW
CreatePopupMenu
EndPaint
CharNextW
RemoveMenu
LoadMenuW
GetWindowThreadProcessId
SetMenuItemInfoW
IsWindowVisible
SetMenuDefaultItem
DrawFrameControl
MapWindowPoints
GetMenuItemCount
GetSystemMetrics
SetMenu
AttachThreadInput
DefWindowProcW
SetWindowTextW
EmptyClipboard
IsDialogMessageW
BeginPaint
GetSubMenu
GetDC
OffsetRect
DispatchMessageW
GetActiveWindow
PeekMessageW
CallWindowProcW
GetMenu
FrameRect
GetMonitorInfoW
CharLowerW
GetFocus
PostQuitMessage
EnableMenuItem
RegisterClassExW
InflateRect
SetFocus
ShowWindow
DestroyWindow
SetCursor
UpdateLayeredWindow
CopyRect
GetCursorPos
WindowFromPoint
CloseClipboard
GetWindowDC
GetClientRect
TrackPopupMenuEx
IsWindowEnabled
GetWindowLongW
GetDesktopWindow
SetTimer
SetActiveWindow
GetParent
TranslateMessage
AppendMenuW
GetMessagePos
GetKeyState
GetWindowTextLengthW
RegisterWindowMessageW
LoadCursorW
CheckMenuRadioItem
ReleaseCapture
DrawTextW
InvalidateRect
GetMenuItemID
SetCapture
LoadStringA
GetSysColor
LoadAcceleratorsW
MonitorFromPoint
IsIconic
CreateAcceleratorTableW
SetRectEmpty
DestroyMenu
ModifyMenuW
GetClassNameW
RedrawWindow
TranslateAcceleratorW
DeleteMenu
IsMenu
SetForegroundWindow
ReleaseDC
SetWindowPos
GetDlgCtrlID
SetWindowLongW
ClientToScreen
SetWindowsHookExW

gdi32

ExcludeClipRect
GetCurrentObject
RoundRect
SetBkColor
CreateSolidBrush
SetStretchBltMode
SetBrushOrgEx
SetViewportOrgEx
SaveDC
Polygon
Rectangle
GetObjectW
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
SelectClipRgn
DeleteObject
StretchBlt
CreateRectRgn
DeleteDC
GetDeviceCaps
CreatePatternBrush
SetTextColor
CreateFontW
SelectObject
GetStockObject
ExtTextOutW
RestoreDC
SetBkMode
CreateBitmap
CreatePen
CreateFontIndirectW
CreateDIBSection
PatBlt
GetTextExtentPoint32W
LineTo
TextOutW
RectInRegion
CreateRectRgnIndirect
OffsetRgn
GetTextColor
MoveToEx
CombineRgn
CreateRoundRectRgn
GetClipRgn

advapi32

RegQueryInfoKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegDeleteKeyW
RegSetValueExW
RegDeleteValueW
RegEnumKeyExW
RegCloseKey

shell32

CommandLineToArgvW
SHGetSpecialFolderPathW
ShellExecuteW

ole32

CoInitialize
CoUninitialize
CreateStreamOnHGlobal
CLSIDFromString
CoGetClassObject
CoCreateInstance
OleInitialize
OleUninitialize
CoTaskMemAlloc
CoTaskMemFree
CLSIDFromProgID
OleLockRunning
StringFromGUID2
CoTaskMemRealloc

oleaut32

DispCallFunc
VariantClear
VariantInit
LoadRegTypeLi
LoadTypeLi
SysStringLen
OleCreateFontIndirect
VarUI4FromStr
SysStringByteLen
SysAllocString
SysFreeString
SysAllocStringLen

msvcp80

?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?open@?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXPB_WHH@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@XZ
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?close@?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??$getline@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_WI@Z
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?compare@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEHABV12@@Z
?at@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z

shlwapi

StrToIntW
PathAddBackslashW
PathRemoveFileSpecW
StrToIntA
PathAppendW
PathAppendA
PathFileExistsW
StrStrW

comctl32

ImageList_Destroy
ImageList_DragMove
ImageList_AddMasked
ImageList_DrawIndirect
ImageList_GetImageCount
InitCommonControlsEx
ImageList_DragEnter
ImageList_Draw
ImageList_BeginDrag
ImageList_DragLeave
ImageList_EndDrag
CreateStatusWindowW
ImageList_Create
_TrackMouseEvent
ImageList_DragShowNolock

msimg32

AlphaBlend

gdiplus

GdipDrawRectangle
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipCreateFont
GdipClosePathFigure
GdipMeasureString
GdipCreateFontFromLogfontW
GdipSetSmoothingMode
GdipAddPathRectangleI
GdipResetWorldTransform
GdipRotateWorldTransform
GdipTranslateWorldTransform
GdipFillRectangleI
GdipDrawString
GdipAddPathPieI
GdipSetTextRenderingHint
GdipDeletePen
GdipCreatePen1
GdipCreatePath
GdipDrawLinesI
GdipSetStringFormatLineAlign
GdipSetClipPath
GdipCreateFontFromDC
GdipSetStringFormatAlign
GdipGetImageWidth
GdipSetStringFormatTrimming
GdipCreateStringFormat
GdipImageRotateFlip
GdipCreateImageAttributes
GdipDrawImageRectRectI
GdipGetImageHeight
GdipDrawImageRect
GdipDrawImageRectI
GdipSetImageAttributesColorMatrix
GdiplusStartup
GdipSetSolidFillColor
GdipDeleteBrush
GdipDrawImageRectRect
GdipLoadImageFromStream
GdipDisposeImageAttributes
GdipCreateFromHDC
GdipCreateBitmapFromStream
GdipSetStringFormatFlags
GdipCreateHBITMAPFromBitmap
GdipDrawImagePointsRectI
GdiplusShutdown
GdipDeletePath
GdipFillRectangle
GdipDeleteGraphics
GdipCreateSolidFill
GdipDeleteFont
GdipDeleteStringFormat
GdipCloneBrush
GdipCloneImage
GdipDisposeImage
GdipLoadImageFromFile
GdipAlloc
GdipFree
GdipSetImageAttributesWrapMode

msvcr80

??3@YAXPAX@Z
??0exception@std@@QAE@ABV01@@Z
_beginthreadex
??_V@YAXPAX@Z
_invalid_parameter_noinfo
??2@YAPAXI@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
??0exception@std@@QAE@ABQBD@Z
_resetstkoflw
strncpy_s
_purecall
_vscprintf
wcsncpy_s
free
iswspace
swprintf_s
malloc
memcpy_s
_vscwprintf
wcscat_s
_recalloc
memmove_s
wcscpy_s
vsprintf_s
calloc
_waccess
_mbscmp
_wcsicmp
__RTDynamicCast
wcschr
wcsncmp
_wcsnicmp
strstr
wcsrchr
wcsstr
wcsspn
strncmp
_CxxThrowException
_wtoi
_mbschr
wcscspn
atoi
tolower
fopen_s
fread
_strnicmp
fclose
memmove
fprintf
_vsnprintf_s
isspace
strchr
isalnum
isalpha
memset
?terminate@@YAXXZ
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_invoke_watson
_controlfp_s
_stricmp
memcpy
__CxxFrameHandler3
vswprintf_s

wininet

InternetCrackUrlA

Sections

.text
Size: 325KB - Virtual size: 325KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 196KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5f1c9d08062434394afd67082d009e9c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

msvcp80

shlwapi

comctl32

msimg32

gdiplus

msvcr80

wininet

Sections

.text Size: 325KB - Virtual size: 325KB

.rdata Size: 72KB - Virtual size: 71KB

.data Size: 12KB - Virtual size: 14KB

.rsrc Size: 196KB - Virtual size: 200KB

.text
Size: 325KB - Virtual size: 325KB

.rdata
Size: 72KB - Virtual size: 71KB

.data
Size: 12KB - Virtual size: 14KB

.rsrc
Size: 196KB - Virtual size: 200KB