43266fe3deefd4fda1fa0f22aae9f4f78ed44640b68fec3cd8de9a5da58fb1ef

Sharing

Copy URL

Twitter E-mail

General

Target

43266fe3deefd4fda1fa0f22aae9f4f78ed44640b68fec3cd8de9a5da58fb1ef
Size

1.0MB
MD5

07a75da008e1579e4e19010675c9a1a0
SHA1

aef1056dcb2bf4247f1f84d0aba1b01e4f52d21e
SHA256

43266fe3deefd4fda1fa0f22aae9f4f78ed44640b68fec3cd8de9a5da58fb1ef
SHA512

c422e8764d5e36f7c673d1981b490eb45ed8ef652fa03145d5c06c3b9d6dc3f5a536de7deeac9e29dbb70629016382d7069eb790bf385059ffbd1a44a50d5524
SSDEEP

24576:a9ZKFH5rKr7xrZ2DwtmTWvqxXL3KJeoM11nmEZZi5:GIZrKr7p3magLPo4NmAw

Score

N/A

Malware Config

Signatures

Files

43266fe3deefd4fda1fa0f22aae9f4f78ed44640b68fec3cd8de9a5da58fb1ef
.exe windows x86

f2b201320f94d195f0cffde4e8a34ea7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
HeapFree
ExitProcess
HeapReAlloc
RtlUnwind
RaiseException
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapSize
SetStdHandle
GetFileType
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetStartupInfoW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
SetErrorMode
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
GetFileTime
GetFileSizeEx
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
GetUserDefaultLCID
GetThreadLocale
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
LocalAlloc
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
CompareStringW
LoadLibraryA
lstrcmpW
GetModuleHandleW
GetVersionExA
GetCurrentProcessId
GetModuleHandleA
SetLastError
GlobalFree
FormatMessageW
LocalFree
MulDiv
FreeResource
GlobalUnlock
GlobalLock
GlobalAlloc
GetModuleFileNameW
lstrlenW
WaitForSingleObject
GetCurrentProcess
FindClose
FindNextFileW
RemoveDirectoryW
SetFileAttributesW
GetFileAttributesW
FindFirstFileW
Process32NextW
SetProcessWorkingSetSize
OpenProcess
Process32FirstW
CreateToolhelp32Snapshot
CreateThread
lstrlenA
GetTickCount
GetProcAddress
InterlockedDecrement
InterlockedIncrement
IsBadWritePtr
WritePrivateProfileStringW
GetPrivateProfileIntW
GetPrivateProfileStringW
WideCharToMultiByte
GetLastError
MultiByteToWideChar
FreeLibrary
Sleep
LoadLibraryW
SetUnhandledExceptionFilter
CloseHandle
WriteFile
CreateFileW
DeleteFileW
FindResourceW
LoadResource
LockResource
GetSystemTimeAsFileTime
SizeofResource

user32

RemovePropW
GetFocus
SetFocus
GetWindowTextW
GetForegroundWindow
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
CopyRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
GetWindowThreadProcessId
GetLastActivePopup
GetSysColor
EndPaint
BeginPaint
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
GetMenuState
GetMenuItemID
GetMenuItemCount
TrackPopupMenu
wsprintfW
GetKeyState
SystemParametersInfoW
ScreenToClient
DispatchMessageW
TranslateMessage
PeekMessageW
MoveWindow
IsWindowVisible
CheckMenuItem
GetSubMenu
GetCursorPos
LoadMenuW
IsIconic
SetCursor
MessageBoxW
ReleaseDC
UpdateLayeredWindow
SetWindowLongW
GetWindowLongW
GetDC
GetWindowDC
SetRect
SetForegroundWindow
KillTimer
ReleaseCapture
SetTimer
GetSystemMetrics
LoadIconW
PostMessageW
ShowWindow
SetWindowPos
GetWindowRect
SetParent
LoadCursorW
UpdateWindow
IsWindow
GetClientRect
EnableWindow
RegisterHotKey
UnregisterHotKey
UnregisterClassW
SetPropW
PostThreadMessageW
GetPropW
GetNextDlgGroupItem
SetCapture
InvalidateRgn
SendMessageW
PtInRect
InvalidateRect
IsRectEmpty
CopyAcceleratorTableW
CharUpperW
GetSysColorBrush
WindowFromPoint
DestroyMenu
CharNextW
GetMessageW
ValidateRect
RegisterClipboardFormatW
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
MapVirtualKeyW
GetKeyNameTextW
SetWindowTextW
IsDialogMessageW
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
GetDlgItem
MessageBeep

gdi32

GetClipBox
GetObjectW
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
SetMapMode
ExtSelectClipRgn
CreateBitmap
GetStockObject
CreateFontIndirectW
CreateRectRgnIndirect
GetMapMode
DPtoLP
GetBkColor
GetTextColor
GetRgnBox
SetTextColor
SetBkColor
RestoreDC
SaveDC
GetDeviceCaps
DeleteDC
DeleteObject
SelectObject
CreateDIBSection
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

AdjustTokenPrivileges
RegCreateKeyExW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW
RegOpenKeyW
LookupPrivilegeValueW
OpenProcessToken
RegEnumValueW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegQueryValueExW

shell32

ShellExecuteW
Shell_NotifyIconW
SHGetSpecialFolderPathW
ShellExecuteExW

comctl32

_TrackMouseEvent

shlwapi

UrlUnescapeW
PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW

oledlg

OleUIBusyW

ole32

OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoTaskMemFree
CreateStreamOnHGlobal
CoRegisterMessageFilter
CoFreeUnusedLibraries
CoGetClassObject
OleInitialize
OleUninitialize
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc

oleaut32

VariantChangeType
SysAllocStringLen
SysFreeString
SysStringLen
SysAllocString
VariantClear
VariantCopy
VariantInit
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect

wininet

HttpOpenRequestW
InternetOpenUrlW
InternetConnectW
HttpSendRequestW
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetOpenW
InternetGetLastResponseInfoW
InternetCloseHandle
HttpQueryInfoW
HttpAddRequestHeadersW
DeleteUrlCacheEntryW
InternetCrackUrlW
FindFirstUrlCacheEntryW
FindNextUrlCacheEntryW
GetUrlCacheEntryInfoW
InternetCanonicalizeUrlW
InternetQueryOptionW
InternetSetOptionExW
InternetQueryDataAvailable

gdiplus

GdipLoadImageFromStream
GdipCloneImage
GdipDisposeImage
GdipDrawImageRectI
GdipReleaseDC
GdipGetImageHeight
GdipAlloc
GdipFree
GdipCreateFontFamilyFromName
GdipCreateFont
GdipDeleteFontFamily
GdipDeleteFont
GdipCreateFromHDC
GdipDeleteGraphics
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetTextRenderingHint
GdipDrawImageRectRectI
GdipDrawString
GdipCreateSolidFill
GdipDeleteBrush
GdipGetImageWidth
GdiplusStartup
GdiplusShutdown

psapi

EmptyWorkingSet

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

iphlpapi

GetAdaptersInfo
GetAdaptersAddresses

netapi32

Netbios

snmpapi

SnmpUtilOidCpy
SnmpUtilOidNCmp
SnmpUtilVarBindFree

sensapi

IsNetworkAlive

ws2_32

WSAStartup

Sections

.text
Size: 309KB - Virtual size: 309KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 561KB - Virtual size: 560KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f2b201320f94d195f0cffde4e8a34ea7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

wininet

gdiplus

psapi

version

iphlpapi

netapi32

snmpapi

sensapi

ws2_32

Sections

.text Size: 309KB - Virtual size: 309KB

.rdata Size: 79KB - Virtual size: 79KB

.data Size: 13KB - Virtual size: 28KB

.rsrc Size: 561KB - Virtual size: 560KB

.reloc Size: 43KB - Virtual size: 42KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 309KB - Virtual size: 309KB

.rdata
Size: 79KB - Virtual size: 79KB

.data
Size: 13KB - Virtual size: 28KB

.rsrc
Size: 561KB - Virtual size: 560KB

.reloc
Size: 43KB - Virtual size: 42KB

.rmnet
Size: 56KB - Virtual size: 60KB