fa3b9aef30520239de368aee0cf07167d311087ae6ae61165b12702e68bcae52

Sharing

Copy URL

Twitter E-mail

General

Target

fa3b9aef30520239de368aee0cf07167d311087ae6ae61165b12702e68bcae52
Size

832KB
MD5

0e265e6d5d6cb265ee81a643a2600480
SHA1

5070aef2462c98cc04245b4ad6fddfb3aac3678a
SHA256

fa3b9aef30520239de368aee0cf07167d311087ae6ae61165b12702e68bcae52
SHA512

7bce4aeb940ac9b22e9ce21c1088e1e2dff7bbcc45c98729425cbf9a6d653348661e06135a86b8cd2a7f74a6d12795c16ed71f761d48d1e4edcc95d99eda7316
SSDEEP

12288:ALXfIVkMIh8rgR4dvs4T69qqpOJPU9NH64aY7:ADIkMIhOQ4T69hpOJEDaC

Score

N/A

Malware Config

Signatures

Files

fa3b9aef30520239de368aee0cf07167d311087ae6ae61165b12702e68bcae52
.exe windows x86

8a6a7fb7fd6b66a038730c7466da5bd0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetErrorMode
GetFileSizeEx
GetFileTime
GlobalFlags
GetTickCount
GetStartupInfoW
HeapFree
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
GetTimeZoneInformation
RtlUnwind
HeapReAlloc
ExitProcess
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStartupInfoA
TlsFree
VirtualFree
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryA
GetDriveTypeA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
DeleteCriticalSection
LocalReAlloc
GetProcessHeap
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
lstrlenA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
LoadLibraryExW
CompareStringA
InterlockedExchange
GetCurrentProcessId
GlobalGetAtomNameW
GetModuleHandleA
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
CompareStringW
LoadLibraryA
lstrcmpW
GetModuleHandleW
GetVersionExA
FormatMessageW
LocalFree
MulDiv
GetFullPathNameW
GetVolumeInformationW
UnlockFile
LockFile
FlushFileBuffers
GetThreadLocale
SetLastError
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrlenW
DuplicateHandle
GetFileType
GetCurrentDirectoryW
MultiByteToWideChar
WideCharToMultiByte
SystemTimeToFileTime
SetFilePointer
DosDateTimeToFileTime
SetFileAttributesW
GlobalReAlloc
CreateToolhelp32Snapshot
FindNextFileW
Process32NextW
RemoveDirectoryW
Process32FirstW
FindClose
TerminateProcess
CopyFileW
CreateDirectoryW
GetCurrentProcess
FindFirstFileW
lstrcpyW
GetProcAddress
WriteFile
SetEndOfFile
GetModuleFileNameW
ReadFile
GetFileSize
WritePrivateProfileStringW
GlobalFree
GlobalUnlock
GlobalAlloc
GlobalLock
LoadLibraryW
InterlockedDecrement
InterlockedIncrement
FreeLibrary
DeleteFileW
CloseHandle
LockResource
GetLastError
GetPrivateProfileIntW
RaiseException
CreateFileW
GetFileAttributesW
SizeofResource
Sleep
GetSystemDirectoryW
GetPrivateProfileStringW
OutputDebugStringW
WaitForSingleObject
GetLogicalDriveStringsW
CreateProcessW
LoadResource
HeapCreate
FindResourceW

user32

ShowOwnedPopups
PostQuitMessage
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
UnpackDDElParam
ReuseDDElParam
GetWindowThreadProcessId
GetActiveWindow
LoadAcceleratorsW
InsertMenuItemW
CreatePopupMenu
BringWindowToTop
TranslateAcceleratorW
EndPaint
BeginPaint
GetWindowDC
GrayStringW
DrawTextExW
TabbedTextOutW
DestroyMenu
GetMenuItemInfoW
InflateRect
GetCursorPos
DrawIcon
ReleaseCapture
GetDesktopWindow
SetCapture
InvalidateRgn
CopyAcceleratorTableW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
DefWindowProcW
CallWindowProcW
PtInRect
GetMenu
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowTextLengthW
GetWindowTextW
GetFocus
SetFocus
IsWindowEnabled
ShowWindow
MoveWindow
GetDlgCtrlID
IsWindow
SetWindowTextW
EnumDisplaySettingsW
FindWindowW
ChangeDisplaySettingsW
SetMenuItemInfoW
IsDialogMessageW
SendDlgItemMessageW
GetDlgItem
GetWindow
GetMenuState
GetMenuStringW
GetMenuItemID
GetMenuItemCount
CharUpperW
GetSystemMetrics
PostThreadMessageW
MessageBeep
GetNextDlgGroupItem
UnregisterClassW
RegisterClipboardFormatW
CharNextW
GetSysColorBrush
WindowFromPoint
GetMessageW
TranslateMessage
ValidateRect
SetWindowContextHelpId
MapDialogRect
EnableWindow
SendMessageW
InsertMenuW
LoadMenuW
GetParent
DeleteMenu
GetSubMenu
GetWindowRect
SetWindowLongW
SystemParametersInfoW
GetWindowLongW
LoadIconW
GetClientRect
LoadCursorW
PostMessageW
RegisterWindowMessageW
IsRectEmpty
OffsetRect
SetRectEmpty
SetWindowRgn
UpdateWindow
CopyRect
SetWindowPos
GetSysColor
DestroyCursor
ReleaseDC
InvalidateRect
GetDC
TrackMouseEvent
DrawIconEx
KillTimer
DrawTextW
FillRect
ScreenToClient
SetTimer
SetRect
ClientToScreen
SetCursor
SetWindowsHookExW

gdi32

SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
GetMapMode
GetBkColor
GetTextColor
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
TextOutW
RectVisible
PtVisible
GetPixel
GetWindowExtEx
GetViewportExtEx
GetStockObject
SetMapMode
SetBkMode
RestoreDC
SaveDC
GetTextExtentPoint32W
ExtTextOutW
Ellipse
LPtoDP
CreateEllipticRgn
GetRgnBox
CreateRectRgnIndirect
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
DeleteDC
CreateFontIndirectW
StretchBlt
DeleteObject
CreateSolidBrush
BitBlt
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
CreateRoundRectRgn
GetObjectW

msimg32

AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegSetValueExW
RegCreateKeyExW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyW
RegQueryValueExW
RegCloseKey
RegOpenKeyExW

shell32

ShellExecuteExW
SHGetSpecialFolderPathW
SHGetFileInfoW
DragFinish
DragQueryFileW
ShellExecuteW

shlwapi

PathFileExistsW
PathAddBackslashW
PathIsDirectoryW
SHGetValueW
SHSetValueW
PathStripToRootW
PathIsUNCW
PathFindFileNameW
PathFindExtensionW
PathRemoveFileSpecW

oledlg

OleUIBusyW

ole32

CoTaskMemAlloc
OleFlushClipboard
CoTaskMemFree
CoInitialize
CoCreateInstance
CreateStreamOnHGlobal
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoRegisterMessageFilter
CLSIDFromProgID
CLSIDFromString
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard

oleaut32

SysAllocStringByteLen
VariantInit
SysStringByteLen
SysFreeString
SysStringLen
SysAllocStringLen
VariantChangeType
SysAllocString
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
VariantCopy
VariantClear
OleCreateFontIndirect

gdiplus

GdipCreateBitmapFromFile
GdipDisposeImage
GdipAlloc
GdipCreateHBITMAPFromBitmap
GdipFree
GdipCloneImage
GdiplusShutdown
GdipCreateBitmapFromStream
GdiplusStartup

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

Sections

.text
Size: 314KB - Virtual size: 314KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 305KB - Virtual size: 305KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8a6a7fb7fd6b66a038730c7466da5bd0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

gdiplus

version

Sections

.text Size: 314KB - Virtual size: 314KB

.rdata Size: 90KB - Virtual size: 90KB

.data Size: 12KB - Virtual size: 28KB

.rsrc Size: 305KB - Virtual size: 305KB

.reloc Size: 51KB - Virtual size: 51KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 314KB - Virtual size: 314KB

.rdata
Size: 90KB - Virtual size: 90KB

.data
Size: 12KB - Virtual size: 28KB

.rsrc
Size: 305KB - Virtual size: 305KB

.reloc
Size: 51KB - Virtual size: 51KB

.rmnet
Size: 56KB - Virtual size: 60KB