d3de942b80ba2987070daca87542347163295c5ac96dbcee9e3a9524efe09b70

Sharing

Copy URL Twitter E-mail

General

Target

d3de942b80ba2987070daca87542347163295c5ac96dbcee9e3a9524efe09b70
Size

592KB
MD5

5982d1c1273e4c1fd89e01d0e969d73c
SHA1

ce5f0c257b5c70ae216aa4455f6052843aa841a3
SHA256

d3de942b80ba2987070daca87542347163295c5ac96dbcee9e3a9524efe09b70
SHA512

5b2df2804da305cff7ca640db5b8edaa060295905403c564557f1791765de7113ad707f92c0d5b6708af16c35c26913ea3a69b728dae74c64bc14d79e2f8261d
SSDEEP

12288:5D2AcvlyFAuIcmBTDekRPpQa/vKHNuiG2LB9j2FRK+HFpAbPVO:5DCvlk9MRPPHKHEiG2d92bAhO

Score

N/A

Malware Config

Signatures

Files

d3de942b80ba2987070daca87542347163295c5ac96dbcee9e3a9524efe09b70
.exe windows x86

e128b824a34894124e6f44b0b74045fc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

closesocket
select
accept
socket
bind
htons
htonl
WSASetLastError
listen
ioctlsocket
__WSAFDIsSet
shutdown
WSACleanup
ntohs
getpeername
getsockname
send
recv
connect
gethostbyname
setsockopt
getsockopt
gethostbyaddr
sendto
recvfrom
WSAStartup
WSAGetLastError
inet_ntoa
inet_addr

kernel32

GetProcessVersion
GetCPInfo
GetOEMCP
CopyFileA
lstrlenW
GetFileAttributesA
GetFileSize
GetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
SetFileAttributesA
SetErrorMode
SizeofResource
FindResourceExA
GetCurrentDirectoryA
GetTempFileNameA
GetDiskFreeSpaceA
HeapFree
HeapAlloc
RtlUnwind
GetStartupInfoA
GetCommandLineA
ExitProcess
RaiseException
HeapReAlloc
GetTimeZoneInformation
GetACP
SetStdHandle
GetFileType
TerminateProcess
ExitThread
HeapSize
FatalAppExitA
LCMapStringA
LCMapStringW
GlobalFlags
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
SetConsoleCtrlHandler
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetLocaleInfoW
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
SuspendThread
SetThreadPriority
ResumeThread
GetCurrentThread
VirtualProtect
lstrcmpA
GetProfileIntA
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
DuplicateHandle
GlobalFree
GlobalAlloc
GetModuleFileNameA
LoadLibraryA
GetTickCount
WaitForSingleObject
GetEnvironmentVariableA
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
InterlockedIncrement
EnterCriticalSection
InterlockedDecrement
FreeLibrary
FormatMessageA
FindResourceA
LoadResource
LockResource
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
LocalFree
lstrcpynA
GetModuleHandleA
GetProcAddress
SetLastError
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
LoadLibraryExA
GetSystemTime
GetCurrentProcess
SetSystemTime
GetLocalTime
GetExitCodeThread
TerminateThread
CreateThread
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateMutexA
GetLastError
ReleaseMutex
GetSystemDirectoryA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetProfileStringA
GetPrivateProfileIntA
Sleep
MulDiv
GlobalSize
GlobalLock
GlobalUnlock
GlobalReAlloc
GetVersionExA
ResetEvent
SetEvent
UnmapViewOfFile
CloseHandle
MapViewOfFile
OpenFileMappingA
OpenEventA
CreateEventA
CreateFileMappingA
LocalAlloc

user32

ShowOwnedPopups
ValidateRect
TranslateMessage
GetMessageA
SetWindowContextHelpId
DestroyMenu
GetClassNameA
GetDesktopWindow
GetSysColorBrush
PostThreadMessageA
InsertMenuA
GetMenuStringA
RemoveMenu
GetDialogBaseUnits
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
SetMenu
ReuseDDElParam
UnpackDDElParam
BringWindowToTop
WaitMessage
GetWindowThreadProcessId
DeleteMenu
CharNextA
CopyAcceleratorTableA
GetNextDlgGroupItem
MessageBeep
DestroyIcon
RegisterClipboardFormatA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
SetActiveWindow
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
MessageBoxA
IsChild
WinHelpA
wvsprintfA
RegisterClassA
TrackPopupMenu
SetWindowPlacement
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetLastActivePopup
GetForegroundWindow
GetWindow
GetWindowLongA
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
GetWindowPlacement
BeginPaint
GetWindowDC
OemToCharA
CharToOemA
UnhookWindowsHookEx
ClientToScreen
WindowFromPoint
IsRectEmpty
IsWindowVisible
CopyRect
GetDoubleClickTime
GetMenu
GetMenuItemCount
GetMenuItemID
GetWindowRect
OffsetRect
FindWindowA
LoadMenuA
GetSubMenu
SetForegroundWindow
GetFocus
PostQuitMessage
IsIconic
DrawIcon
GetSystemMenu
AppendMenuA
LoadIconA
GetCapture
ReleaseCapture
SetCapture
ClipCursor
SetTimer
PtInRect
InvertRect
PostMessageA
EnableWindow
GetMessagePos
GetSystemMetrics
GrayStringA
IsClipboardFormatAvailable
TabbedTextOutA
InvalidateRect
GetCursorPos
ScreenToClient
GetClientRect
KillTimer
GetKeyState
IntersectRect
GetParent
SendMessageA
GetClassInfoA
MapDialogRect
GetAsyncKeyState
EndDialog
GetActiveWindow
CreateDialogIndirectParamA
wsprintfA
CharUpperA
DefWindowProcA
IsWindow
SetRect
LoadCursorA
SetCursor
GetSysColor
FillRect
FrameRect
InflateRect
DrawEdge
DrawTextA
GetDC
ReleaseDC
SystemParametersInfoA
LoadStringA
IsWindowUnicode
DefDlgProcA
DrawFocusRect
ExcludeUpdateRgn
ShowCaret
HideCaret
UnregisterClassA
EndPaint

gdi32

SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SelectClipRgn
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
MoveToEx
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetCurrentPositionEx
ArcTo
SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
SetStretchBltMode
DeleteObject
GetClipRgn
CreateRectRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
GetViewportExtEx
GetWindowExtEx
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
CreatePatternBrush
CreateDIBPatternBrushPt
GetMapMode
CreateBitmap
SetRectRgn
CombineRgn
CreateRectRgnIndirect
DPtoLP
GetDCOrgEx
SetAbortProc
CreateDCA
CopyMetaFileA
EnumFontFamiliesExA
GetTextColor
LPtoDP
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
SelectPalette
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
PatBlt
CreateFontA
StartDocA
StartPage
EndPage
EndDoc
AbortDoc
GetObjectA
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreatePen
CreateCompatibleDC
CreateCompatibleBitmap
GetBkColor
BitBlt
GetDeviceCaps
GetTextMetricsA
GetCurrentObject
GetTextExtentPoint32A
GetTextExtentPointA
PolyBezierTo
CreateDIBitmap
CreateFontIndirectA

comdlg32

GetFileTitleA
PrintDlgA
GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError
PageSetupDlgA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegEnumKeyA
InitializeSecurityDescriptor
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegOpenKeyA
RegSetValueA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegQueryValueA
SetFileSecurityA
RegCreateKeyA
SetSecurityDescriptorDacl
GetFileSecurityA

shell32

DragQueryFileA
DragFinish
SHGetFileInfoA
DragAcceptFiles
Shell_NotifyIconA
ExtractIconA

comctl32

ImageList_Draw
ImageList_GetImageInfo
ImageList_AddMasked
ImageList_ReplaceIcon
ord17
ord13
ord14
CreatePropertySheetPageA
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA
ImageList_Merge
ImageList_Read
ImageList_Write
DestroyPropertySheetPage
PropertySheetA

oledlg

ord8

ole32

CoCreateInstance
OleSetClipboard
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CoTaskMemFree
CoFileTimeNow
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
OleRun
StgOpenStorageOnILockBytes
CreateStreamOnHGlobal
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CreateBindCtx
CoTaskMemAlloc
OleDuplicateData
CoDisconnectObject
CoRevokeClassObject
CoRegisterClassObject
CoGetClassObject
CoRegisterMessageFilter
CLSIDFromString
CLSIDFromProgID
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
DoDragDrop
OleGetClipboard
OleIsCurrentClipboard
OleFlushClipboard
ReleaseStgMedium

olepro32

ord253

oleaut32

SafeArrayCopy
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysReAllocStringLen
VariantCopy
SysAllocStringByteLen
SysStringLen
VariantChangeType
VariantTimeToSystemTime
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
VarCyFromStr
VarBstrFromCy
VarDateFromStr
VarBstrFromDate
SysAllocString
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
LoadTypeLi
VariantClear
SysStringByteLen
SysAllocStringLen
SysFreeString

Sections

.text
Size: 452KB - Virtual size: 448KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 24KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e128b824a34894124e6f44b0b74045fc

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 452KB - Virtual size: 448KB

.rdata Size: 88KB - Virtual size: 85KB

.data Size: 24KB - Virtual size: 39KB

.rsrc Size: 24KB - Virtual size: 24KB

.text
Size: 452KB - Virtual size: 448KB

.rdata
Size: 88KB - Virtual size: 85KB

.data
Size: 24KB - Virtual size: 39KB

.rsrc
Size: 24KB - Virtual size: 24KB