cea675add5989ca25e1453ea369fc7ca3a5a446d24f4989cea777584633e49cf

Sharing

Copy URL

Twitter E-mail

General

Target

cea675add5989ca25e1453ea369fc7ca3a5a446d24f4989cea777584633e49cf
Size

2.7MB
MD5

910a5a54bf188c19ba038d075f71f9f2
SHA1

8ad6d793cad967c101a95fa9d1b9256e9b75f17e
SHA256

cea675add5989ca25e1453ea369fc7ca3a5a446d24f4989cea777584633e49cf
SHA512

fa1a172cc36c24237ff4e4ce581e2acff1c703a21dcfe7c2ae27fd1b059ca9414d5bc2137495b062eee373926d1832894832edecb83dd4d750693f2f8a92cb69
SSDEEP

24576:Jqctu0iZ/IG4qZVMAtbw7mywkjpCalWJcU4gHHHicwQgNxujv:JcZei+Adw7vVjwalWJcUzHHHic

Score

N/A

Malware Config

Signatures

Files

cea675add5989ca25e1453ea369fc7ca3a5a446d24f4989cea777584633e49cf
.exe windows x86

c9b581adba50481c5f8b83de989fd796

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

rpcrt4

UuidFromStringW

gdiplus

GdipCreateFromHDC
GdipSetTextRenderingHint
GdipGetDpiY
GdipDrawString
GdipMeasureString
GdipCreateSolidFill
GdipGetFontHeightGivenDPI
GdipCloneBrush
GdiplusShutdown
GdiplusStartup
GdipGetFontHeight
GdipDeleteFont
GdipDeleteFontFamily
GdipDeleteGraphics
GdipCreateFontFamilyFromName
GdipDeleteStringFormat
GdipCreateStringFormat
GdipAlloc
GdipCreateFont
GdipDeleteBrush
GdipFree

wtsapi32

WTSUnRegisterSessionNotification
WTSQueryUserToken
WTSRegisterSessionNotification

shlwapi

PathFindFileNameW
PathFileExistsW
PathRemoveFileSpecW
SHGetValueW
SHSetValueW
PathStripToRootW
PathIsUNCW
PathFindExtensionW

comctl32

ImageList_Add
ImageList_Create
ord17
InitCommonControlsEx

msimg32

AlphaBlend

setupapi

SetupDiEnumDeviceInfo
SetupDiGetClassDevsW
SetupDiGetDeviceRegistryPropertyW
SetupDiDestroyDeviceInfoList

kernel32

lstrcmpA
EnumResourceLanguagesW
ConvertDefaultLocale
GetPrivateProfileIntW
WritePrivateProfileStringW
GetPrivateProfileStringW
SearchPathW
GetProfileIntW
GetTempPathW
FileTimeToSystemTime
FileTimeToLocalFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
SetErrorMode
GlobalFlags
lstrlenA
GetCurrentDirectoryW
CompareStringA
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
GetTimeFormatA
GetDateFormatA
HeapReAlloc
Sleep
ExitProcess
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
LCMapStringW
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
LCMapStringA
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
GlobalGetAtomNameW
GetShortPathNameW
GetVolumeInformationW
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetStringTypeExW
DeleteFileW
MoveFileW
GetDiskFreeSpaceW
GetFullPathNameW
GetTempFileNameW
GetFileTime
SetFileTime
GetModuleHandleA
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
GetVersionExA
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
GetProcessHeap
HeapFree
LoadLibraryA
ExpandEnvironmentStringsA
lstrcpynW
FindResourceExW
FreeResource
GetModuleHandleExA
OpenMutexW
GetVersionExW
GetProcessTimes
GetFileSizeEx
WideCharToMultiByte
SetEvent
GetSystemTimeAsFileTime
CreateEventA
ExpandEnvironmentStringsW
QueryPerformanceFrequency
QueryPerformanceCounter
SetThreadLocale
GetCurrentThread
LocalAlloc
InterlockedExchange
GetLocalTime
GetComputerNameW
GetTickCount
CreateMutexW
WaitForSingleObject
ReleaseMutex
OutputDebugStringW
GetLocaleInfoW
lstrcmpW
FindFirstFileW
FindClose
GetFileAttributesW
FormatMessageW
LocalFree
CreateFileW
WriteFile
ReadFile
lstrcatW
GetCurrentProcessId
ProcessIdToSessionId
GetUserDefaultUILanguage
CloseHandle
GetSystemDefaultLCID
GetSystemDirectoryW
LoadLibraryExW
MultiByteToWideChar
FreeLibrary
GetModuleFileNameW
MulDiv
InterlockedDecrement
InterlockedIncrement
SetLastError
GetProcAddress
GetModuleHandleW
LoadLibraryW
GetCurrentProcess
FlushInstructionCache
lstrcmpiW
GetLastError
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
lstrlenW
GetCurrentThreadId
IsBadReadPtr
GetThreadLocale
InterlockedCompareExchange
IsProcessorFeaturePresent
RemoveDirectoryW
CreateDirectoryW
FormatMessageA
GetStartupInfoW

user32

InsertMenuItemW
BringWindowToTop
TranslateAcceleratorW
CharUpperW
GetMessageW
GetActiveWindow
ValidateRect
GetWindowDC
GrayStringW
DrawTextExW
TabbedTextOutW
SendDlgItemMessageA
GetCapture
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
GetTopWindow
GetMessageTime
GetMessagePos
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
UnregisterClassA
GetScrollPos
ShowScrollBar
GetClassInfoExW
GetClassInfoW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetMenu
SystemParametersInfoA
GetWindowPlacement
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetMenuState
GetMenuStringW
InsertMenuW
SetRectEmpty
GetMenuItemID
GetWindowThreadProcessId
PeekMessageW
DispatchMessageW
TranslateMessage
DrawFocusRect
DestroyCursor
CallWindowProcW
GetClassLongW
BeginDeferWindowPos
EndDeferWindowPos
ReleaseCapture
SetCapture
GetDCEx
GetSystemMenu
SystemParametersInfoW
IsDlgButtonChecked
EndDialog
SetDlgItemTextW
SendDlgItemMessageW
MapWindowPoints
SetWindowPos
FillRect
LoadImageW
DrawIcon
SetRect
SetParent
IsIconic
SetForegroundWindow
RegisterClipboardFormatW
LoadAcceleratorsW
GetDlgItem
EnumDisplayDevicesW
GetCursorPos
OffsetRect
IsChild
InflateRect
GetKeyState
GetClassNameW
SetFocus
DestroyMenu
LoadMenuIndirectW
GetMenuItemInfoW
DeleteMenu
WindowFromPoint
ScreenToClient
GetMenuItemCount
GetSubMenu
IsWindowEnabled
CharLowerW
DialogBoxParamW
MessageBoxW
CreateWindowExW
LockSetForegroundWindow
wsprintfW
GetNextDlgTabItem
GetFocus
UpdateWindow
LoadMenuW
RemoveMenu
AppendMenuW
CreatePopupMenu
FindWindowW
EnumDisplaySettingsW
GetDesktopWindow
GetWindow
CopyRect
GetWindowTextLengthW
GetWindowTextW
DrawTextW
RegisterClassW
DefWindowProcW
BeginPaint
EndPaint
IsRectEmpty
GetDlgCtrlID
GetWindowLongW
GetParent
IntersectRect
LoadBitmapW
TrackMouseEvent
SetCursor
DestroyIcon
GetSystemMetrics
CreateDialogParamW
WinHelpW
GetDC
ReleaseDC
GetDialogBaseUnits
IsDialogMessageW
MoveWindow
ShowWindow
SetWindowLongW
CharNextW
DestroyWindow
LoadCursorW
GetSysColorBrush
RegisterClassExW
ReuseDDElParam
UnpackDDElParam
CreateDialogIndirectParamW
IsZoomed
PostQuitMessage
GetSysColor
SetWindowsHookExW
CallNextHookEx
LoadIconW
DrawIconEx
ClientToScreen
UnhookWindowsHookEx
KillTimer
SetTimer
RedrawWindow
IsWindowVisible
GetClientRect
SetWindowRgn
DrawFrameControl
PtInRect
IsWindow
PostMessageW
RegisterWindowMessageW
EnableWindow
InvalidateRect
GetWindowRect
SendMessageW
SetWindowContextHelpId
MapDialogRect
GetTabbedTextExtentA
CreateMenu
PostThreadMessageW
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableW
UnregisterClassW
FindWindowExW
LockWindowUpdate
EnumWindows
ShowOwnedPopups
SetWindowTextW
SetScrollPos

gdi32

DeleteObject
GetTextExtentPointW
GetTextMetricsW
GetTextFaceW
DeleteDC
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ExtSelectClipRgn
CreatePatternBrush
GetCurrentObject
FrameRgn
CreateRectRgnIndirect
SetRectRgn
CreateEllipticRgn
LPtoDP
Ellipse
GetCharWidthW
CreateFontW
StretchDIBits
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
GetViewportOrgEx
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextExtentPoint32A
GetWindowOrgEx
GetDeviceCaps
SetStretchBltMode
SetROP2
SetPolyFillMode
RestoreDC
SaveDC
GetRgnBox
CombineRgn
CreateRoundRectRgn
CreatePolygonRgn
CreateRectRgn
GetObjectW
CreateFontIndirectW
CreateSolidBrush
SetViewportExtEx
OffsetViewportOrgEx
Escape
TextOutW
RectVisible
PtVisible
StartDocW
GetPixel
GetWindowExtEx
GetViewportExtEx
SelectClipRgn
SetTextAlign
MoveToEx
LineTo
SelectObject
GetTextExtentPoint32W
IntersectClipRect
ExcludeClipRect
GetStockObject
GetBkColor
CreateDCW
DPtoLP
CreateBitmap
GetMapMode
SetMapMode
SetBkColor
SetTextColor
CreateDIBSection
SetDIBitsToDevice
SetViewportOrgEx
PatBlt
Rectangle
CreatePen
GetTextColor
EnumFontFamiliesW
ExtTextOutW
OffsetWindowOrgEx
SetBkMode
GetClipBox

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter
GetJobW

advapi32

RegQueryValueW
RegEnumKeyW
RegOpenKeyW
GetFileSecurityW
SetFileSecurityW
RegSetValueW
RegOpenKeyExA
RegQueryValueExA
RegEnumValueW
GetTokenInformation
ImpersonateSelf
OpenThreadToken
OpenProcessToken
AllocateAndInitializeSid
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
IsValidSecurityDescriptor
AccessCheck
FreeSid
ImpersonateLoggedOnUser
RevertToSelf
RegQueryValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyW

shell32

DragFinish
DragQueryFileW
SHGetFileInfoW
ShellExecuteExW
SHGetFolderPathW
ExtractAssociatedIconW
ShellExecuteW
ExtractIconW

oledlg

OleUIBusyW

ole32

IsAccelerator
OleTranslateAccelerator
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromProgID
CoInitializeEx
CoUninitialize
OleCreateMenuDescriptor
StringFromCLSID
StringFromGUID2
CoRegisterClassObject
CoRevokeClassObject
CLSIDFromString
CoGetMalloc
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
OleDestroyMenuDescriptor

oleaut32

OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
VarUI4FromStr
VariantInit
VariantClear
VariantChangeType
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
LoadRegTypeLi
SysAllocString
SysAllocStringLen
SysStringLen
SysFreeString

Exports

Exports

GetNvidiaModuleFirstTimestamp

Sections

.text
Size: 719KB - Virtual size: 719KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 183KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 28KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

-Ϭ�J�
Size: 222KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c9b581adba50481c5f8b83de989fd796

Headers

DLL Characteristics

File Characteristics

Imports

version

rpcrt4

gdiplus

wtsapi32

shlwapi

comctl32

msimg32

setupapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

oledlg

ole32

oleaut32

Exports

Exports

Sections

.text Size: 719KB - Virtual size: 719KB

.rdata Size: 183KB - Virtual size: 182KB

.data Size: 28KB - Virtual size: 47KB

.rsrc Size: 1.5MB - Virtual size: 1.5MB

-Ϭ�J� Size: 222KB - Virtual size: 224KB

.text
Size: 719KB - Virtual size: 719KB

.rdata
Size: 183KB - Virtual size: 182KB

.data
Size: 28KB - Virtual size: 47KB

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

-Ϭ�J�
Size: 222KB - Virtual size: 224KB