68d063a514f66dc6b82edb26f0009af801d0c69ef9e4f9c07767e25cf94dcdab

Sharing

Copy URL Twitter E-mail

General

Target

68d063a514f66dc6b82edb26f0009af801d0c69ef9e4f9c07767e25cf94dcdab
Size

961KB
MD5

205159ebe0cbe49a71bcb95b3f57f6a0
SHA1

542d98818d4d1bd04d8e5d402cfad5d8fe3d1854
SHA256

68d063a514f66dc6b82edb26f0009af801d0c69ef9e4f9c07767e25cf94dcdab
SHA512

093c9f478184bf701b80a0c8dabf7e89810b4c777c495371d91d88055c197dbe0d3d9fc6d9d8de4ec3d2a484e8be98998aca54cfedc89e811ce1a2662af1688f
SSDEEP

24576:YnTvMrPRxBGC4RUwonE9eCEoGXJmlT6k/6TLJ:GaZ/GC4RUwEE9e9oUwTBGLJ

Score

N/A

Malware Config

Signatures

Files

68d063a514f66dc6b82edb26f0009af801d0c69ef9e4f9c07767e25cf94dcdab
.exe windows x86

b6ecb36fc6d9eddab4fddc995ed612f9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetProcessMemoryInfo

ws2_32

WSASetLastError
WSACleanup
inet_addr
WSAGetLastError
gethostbyname
inet_ntoa
htonl
socket
connect
closesocket
send
recv
WSAStartup
getservbyport
ntohs
gethostbyaddr
htons
getservbyname

dnsapi

DnsQuery_W
DnsFree

wininet

HttpQueryInfoW
HttpOpenRequestW
InternetReadFile
InternetCloseHandle
InternetWriteFile
HttpSendRequestExW
HttpEndRequestW
InternetOpenW
InternetConnectW

rpcrt4

RpcStringFreeA
UuidToStringA

gdi32

CreateDCW
GetDIBits
TextOutW
CreateFontW
CreateRectRgn
SelectClipRgn
BitBlt
SelectPalette
RealizePalette
SetStretchBltMode
StretchBlt
SetViewportOrgEx
SetDIBits
GetDIBColorTable
SetLayout
DeleteObject
SelectObject
GetObjectW
SetBkMode
SetTextColor
DeleteDC
CreateFontIndirectW
GetStockObject
CreateCompatibleDC
CreateCompatibleBitmap
CreatePen
Polygon
CreateSolidBrush
SetBkColor
CreateHalftonePalette
CreatePalette

shell32

SHFileOperationW
ExtractIconW
ShellExecuteW
CommandLineToArgvW
SHGetFileInfoW
Shell_NotifyIconW
SHGetSpecialFolderPathW

comdlg32

GetOpenFileNameW
GetSaveFileNameW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

kernel32

UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLocaleInfoW
HeapReAlloc
GetConsoleCP
GetConsoleMode
PeekNamedPipe
GetFileType
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFilePointer
SetHandleCount
QueryPerformanceCounter
GetTickCount
TerminateProcess
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
ExitProcess
GetStartupInfoW
GetCurrentProcessId
LCMapStringW
SetConsoleCtrlHandler
GetStdHandle
HeapSize
Sleep
FatalAppExitA
lstrlenW
InterlockedDecrement
OpenFileMappingW
CreateFileMappingW
CloseHandle
UnmapViewOfFile
InterlockedIncrement
GetSystemInfo
MapViewOfFile
GetCurrentProcess
FreeLibrary
GetProcAddress
LoadLibraryW
WritePrivateProfileStringW
GetUserDefaultLCID
InterlockedExchange
MultiByteToWideChar
lstrlenA
DebugBreak
OutputDebugStringW
GetModuleFileNameW
GetTempFileNameW
GetTempPathW
SystemTimeToTzSpecificLocalTime
GetPrivateProfileStringW
GlobalFree
FormatMessageW
GlobalAlloc
GetFileAttributesW
GetLastError
CreateDirectoryW
SetEvent
WaitForSingleObject
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
ResetEvent
CreateEventW
lstrcpyW
FindNextFileW
FindClose
SetLastError
GetFullPathNameW
FindFirstFileW
WideCharToMultiByte
GetSystemTime
FileTimeToSystemTime
GetProcessTimes
OpenProcess
GetFileSizeEx
CreateFileW
RaiseException
FlushInstructionCache
GetCurrentThreadId
lstrcmpiW
MulDiv
CompareStringW
lstrcmpW
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
CreateMutexW
GetCommandLineW
GetVersionExW
lstrcpynW
CreateProcessW
ReadFile
GetFileInformationByHandle
WriteFile
CreateThread
InitializeCriticalSection
GlobalUnlock
GlobalLock
GetProcessId
LoadLibraryA
GetSystemDirectoryA
GetTimeZoneInformation
HeapSetInformation
FindFirstFileExW
GetLocaleInfoA
GetDriveTypeW
FileTimeToLocalFileTime
DecodePointer
EncodePointer
GetDateFormatA
GetTimeFormatA
GetSystemTimeAsFileTime
RtlUnwind
InterlockedPopEntrySList
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedPushEntrySList
InterlockedCompareExchange
FlushFileBuffers
GetFileAttributesA
CreateFileA
GetModuleHandleW
SetEnvironmentVariableW
EnumSystemLocalesA
IsValidLocale
SetStdHandle
WriteConsoleW
SetEndOfFile
SetEnvironmentVariableA
GetFullPathNameA
SystemTimeToFileTime
GetACP
GetOEMCP
IsValidCodePage
GetStringTypeW
HeapCreate
HeapDestroy
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo

user32

EndDialog
DeleteMenu
CheckMenuRadioItem
SetMenuItemInfoW
DestroyMenu
GetMonitorInfoW
MonitorFromPoint
MonitorFromWindow
LoadMenuW
TrackPopupMenu
GetSubMenu
GetActiveWindow
DrawIcon
DrawTextExW
GetIconInfo
GetMenu
SetTimer
KillTimer
EnableWindow
IsDialogMessageW
AdjustWindowRectEx
CopyRect
LoadIconW
PostQuitMessage
DialogBoxParamW
PostMessageW
GetScrollInfo
SetScrollInfo
CharUpperW
DrawTextExA
AnimateWindow
EnableMenuItem
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
GetSystemMetrics
GetWindowThreadProcessId
EnumWindows
IntersectRect
EnumDisplayMonitors
GetCursorInfo
OffsetRect
GetCapture
ReleaseCapture
MessageBoxW
EndPaint
BeginPaint
GetCursorPos
SetCursor
DrawFocusRect
FillRect
DrawTextW
PtInRect
CallWindowProcW
IsWindow
GetDlgCtrlID
GetParent
SetFocus
SetCapture
IsWindowEnabled
UpdateWindow
ScreenToClient
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
CreateWindowExW
DestroyWindow
SetRectEmpty
GetDlgItem
RedrawWindow
IsWindowVisible
ShowWindow
InvalidateRect
SendMessageW
SetWindowPos
DefWindowProcW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
DestroyIcon
GetGuiResources
CharNextW
GetWindowLongW
SetWindowLongW
GetDC
GetClientRect
GetWindowRect
MapWindowPoints
MoveWindow
LoadStringW
wvsprintfW
SetProcessDefaultLayout
LoadImageW
GetDesktopWindow
GetSysColorBrush
GetKeyState
CreateDialogParamW
LoadCursorW
GetClassNameW
GetSysColor
ReleaseDC
GetFocus
GetWindow
UnregisterClassA

advapi32

RegOpenKeyExW
RegCloseKey
RegEnumValueW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW

ole32

CoUninitialize
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateGuid
CoInitialize

oleaut32

VarDateFromStr
VarI4FromStr
VarR8FromStr
VarDecFromStr
VarDecCmp
SysFreeString
VarUI4FromStr

comctl32

InitCommonControlsEx
ImageList_Create
ImageList_ReplaceIcon
_TrackMouseEvent

Sections

.text
Size: 660KB - Virtual size: 659KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 108KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b6ecb36fc6d9eddab4fddc995ed612f9

Headers

DLL Characteristics

File Characteristics

Imports

psapi

ws2_32

dnsapi

wininet

rpcrt4

gdi32

shell32

comdlg32

version

kernel32

user32

advapi32

ole32

oleaut32

comctl32

Sections

.text Size: 660KB - Virtual size: 659KB

.rdata Size: 128KB - Virtual size: 128KB

.data Size: 10KB - Virtual size: 20KB

.rsrc Size: 28KB - Virtual size: 28KB

.reloc Size: 24KB - Virtual size: 23KB

.text Size: 108KB - Virtual size: 112KB

.text
Size: 660KB - Virtual size: 659KB

.rdata
Size: 128KB - Virtual size: 128KB

.data
Size: 10KB - Virtual size: 20KB

.rsrc
Size: 28KB - Virtual size: 28KB

.reloc
Size: 24KB - Virtual size: 23KB

.text
Size: 108KB - Virtual size: 112KB