6262896abcf5f9021ae7188fd865a0cf28c82ab006f2552bdbdaab4eca5c839b

Sharing

Copy URL Twitter E-mail

General

Target

6262896abcf5f9021ae7188fd865a0cf28c82ab006f2552bdbdaab4eca5c839b
Size

1.5MB
MD5

a05659049eae0390ee19ae3a58748fbb
SHA1

453fe9d20f394395fe304fe278507c7f874c2c92
SHA256

6262896abcf5f9021ae7188fd865a0cf28c82ab006f2552bdbdaab4eca5c839b
SHA512

86f1a61c12b2d4ca6c6f17908282ea3c20b25651040480b4110dd7dcc8c12f49786a31c35ad05eca377ebb2ef916324f1a72b45cf45da7371f712d499b8a7d92
SSDEEP

24576:C48UW4XttxA2qyWG+u4vR9TJQw+xE5K+VOdhrSVlKdOXsZ9D438UZELngC:0UWAxB4fCwR5/0EVc069D435a

Score

N/A

Malware Config

Signatures

Files

6262896abcf5f9021ae7188fd865a0cf28c82ab006f2552bdbdaab4eca5c839b
.exe windows x86

63dc3f6a3696155ad1a779d9a961376a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileStringW
CopyFileW
DeleteAtom
FindAtomW
AddAtomW
GetStartupInfoW
CreateProcessW
DeleteFileW
OpenProcess
GetVersionExW
FindNextFileW
GetFullPathNameW
GetDriveTypeW
WideCharToMultiByte
GetFileSize
FileTimeToLocalFileTime
CreateFileW
FindClose
lstrlenW
FindFirstFileW
ReadFile
SetUnhandledExceptionFilter
LoadLibraryExW
IsBadReadPtr
InterlockedIncrement
GetCurrentProcessId
Sleep
CreateMutexW
SetErrorMode
InterlockedDecrement
VirtualProtect
GetTickCount
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetCommandLineW
lstrcmpiW
ResetEvent
WaitForMultipleObjects
GetCurrentProcess
SystemTimeToFileTime
CloseHandle
WaitForSingleObjectEx
SetEvent
LocalFileTimeToFileTime
CreateEventW
CancelWaitableTimer
ResumeThread
GetCurrentThreadId
WaitForSingleObject
CreateWaitableTimerW
SetLastError
SetWaitableTimer
GetPrivateProfileIntW
WritePrivateProfileStringW
FreeLibrary
GetModuleHandleW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
GetProcessHeap
FindFirstFileExW
WriteConsoleW
ReadConsoleW
SetStdHandle
DeleteCriticalSection
GetProcAddress
HeapDestroy
DecodePointer
HeapAlloc
FindResourceW
LoadResource
FindResourceExW
LoadLibraryW
RaiseException
HeapReAlloc
LockResource
GetLastError
MultiByteToWideChar
HeapSize
InitializeCriticalSection
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetStdHandle
GetTimeZoneInformation
GetConsoleMode
GetConsoleCP
SetFilePointerEx
GetFileType
GetModuleHandleExW
ExitThread
RtlUnwind
FlushFileBuffers
LocalFree
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
ReleaseSemaphore
GetModuleHandleA
FreeLibraryAndExitThread
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
CreateThread
SignalObjectAndWait
CreateTimerQueue
lstrcmpA
GetSystemWindowsDirectoryW
TerminateProcess
UnhandledExceptionFilter
FindFirstChangeNotificationW
DeviceIoControl
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
lstrlenA
MoveFileW
CreateFileMappingW
UnmapViewOfFile
MapViewOfFile
SetFilePointer
SetEndOfFile
GetTempFileNameW
GetTempPathW
WriteFile
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetVersion
OutputDebugStringA
GetLocalTime
InterlockedCompareExchange
InterlockedExchange
MulDiv
lstrcmpW
GetACP
ExitProcess
FreeResource
LoadLibraryExA
IsProcessorFeaturePresent
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
OutputDebugStringW
IsDebuggerPresent
GetCPInfo
GetLocaleInfoW
LCMapStringW
CompareStringW
QueryPerformanceFrequency
QueryPerformanceCounter
EncodePointer
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetExitCodeThread
GetCurrentThread
SwitchToThread
DuplicateHandle
TryEnterCriticalSection
VirtualFree
VirtualAlloc
GetNativeSystemInfo
GetStringTypeW
lstrcpynW
EnterCriticalSection
HeapFree
SizeofResource

user32

AttachThreadInput
CopyRect
RedrawWindow
SetWindowTextW
MoveWindow
SetFocus
BringWindowToTop
ShowCaret
RegisterWindowMessageW
SetForegroundWindow
GetCursorPos
GetMessageW
SendMessageTimeoutW
DispatchMessageW
PeekMessageW
CharNextW
TranslateMessage
FindWindowW
GetWindowRect
IsWindowVisible
SetWindowPos
SendMessageW
GetSystemMetrics
ShowWindow
PostQuitMessage
SystemParametersInfoW
PtInRect
IsIconic
PostMessageW
PrivateExtractIconsW
DestroyIcon
LoadImageW
GetWindowLongW
DefWindowProcW
CallWindowProcW
DestroyWindow
CreateWindowExW
ScreenToClient
HideCaret
GetWindowDC
FindWindowExW
FillRect
InvalidateRgn
CreateAcceleratorTableW
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetIconInfo
RegisterClassExW
IsWindow
SetTimer
LoadCursorW
SetWindowLongW
KillTimer
GetClassInfoExW
UnregisterClassW
GetForegroundWindow
SetRect
GetDC
ReleaseDC
LoadIconW
MonitorFromPoint
GetWindow
GetShellWindow
WindowFromPoint
GetWindowInfo
GetMonitorInfoW
GetDesktopWindow
EnumDisplaySettingsW
GetAncestor
GetWindowThreadProcessId
GetCaretPos
SetCursor
IntersectRect
IsChild
UpdateLayeredWindow
GetFocus
GetKeyState
SetCapture
ReleaseCapture
BeginPaint
EndPaint
GetUpdateRect
InvalidateRect
GetClientRect
CreateCaret
GetCaretBlinkTime
SetCaretPos
MapWindowPoints
UnionRect
IsRectEmpty
GetParent
GetClassNameW
IsZoomed
SetWindowRgn
MessageBoxW
MonitorFromWindow
wsprintfW
RegisterClassW
EnableWindow
SetPropW
GetPropW
wvsprintfW
InflateRect
OffsetRect
ClientToScreen
GetSysColor
DrawIconEx
CharPrevW
DrawTextW

gdi32

GetStockObject
Rectangle
RestoreDC
DeleteDC
SelectObject
GetTextMetricsW
GetObjectW
SetWindowOrgEx
CreateRoundRectRgn
GetTextExtentPoint32W
CombineRgn
CreateRectRgnIndirect
GetCharABCWidthsW
GetClipBox
SelectClipRgn
ExtSelectClipRgn
SetBkColor
SetBkMode
StretchBlt
SetStretchBltMode
SetTextColor
CreateDIBSection
TextOutW
ExtTextOutW
CreateSolidBrush
CreateDCW
GetDIBits
SetDIBitsToDevice
CreatePen
CreateFontIndirectW
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
GetDeviceCaps
DeleteObject
SaveDC

advapi32

OpenProcessToken
GetTokenInformation
RegQueryInfoKeyW
RegDeleteKeyW
RegCreateKeyExW
RegEnumKeyExW
RegDeleteValueW
RegCloseKey
RegSetValueExW
RegOpenKeyExW
GetUserNameW
RegQueryValueExW
RegCreateKeyW

shell32

SHGetFileInfoW
SHGetDesktopFolder
SHCreateDirectoryExW
Shell_NotifyIconW
SHGetSpecialFolderPathW
ShellExecuteExW
ShellExecuteW
ExtractIconW
ord165

ole32

CoCreateGuid
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
CoInitializeEx
CreateStreamOnHGlobal
OleInitialize
CoUninitialize
CoInitialize
OleUninitialize
CoInitializeSecurity
OleLockRunning

oleaut32

VariantInit
VarBstrCmp
SysAllocString
SystemTimeToVariantTime
VariantTimeToSystemTime
SysStringLen
SafeArrayPutElement
SafeArrayCreate
SysAllocStringLen
VarUI4FromStr
SysStringByteLen
SysAllocStringByteLen
SysFreeString
VariantClear

shlwapi

PathIsDirectoryW
StrTrimA
StrStrIW
SHGetValueW
wnsprintfW
PathAppendW
StrCmpNIW
StrRStrIW
PathFileExistsW
PathFindExtensionW
SHDeleteValueW
StrStrW
ord176
PathCombineW
PathRemoveFileSpecW
PathFindFileNameW
StrCmpIW
SHSetValueW
PathAddBackslashW
StrStrIA

comctl32

InitCommonControlsEx
_TrackMouseEvent
ord17

psapi

GetModuleFileNameExW

gdiplus

GdipDrawImageRectI
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdiplusStartup
GdipAlloc
GdipFree
GdipCreatePath
GdipDeletePath
GdipAddPathLineI
GdipAddPathArcI
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipCreatePen1
GdipDeletePen
GdipSetPenMode
GdipSetPenDashStyle
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetSmoothingMode
GdipDrawLineI
GdipDrawRectangleI
GdipDrawPath
GdipFillEllipseI
ord1
GdipDrawEllipseI
GdipClosePathFigure
GdipCreateTexture
GdipCloneImage
GdipDisposeImage
GdipSaveImageToFile
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromStream
GdipCreateBitmapFromFile
GdipCreateBitmapFromScan0
GdipCreateHBITMAPFromBitmap
GdipCloneBitmapAreaI
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipSetInterpolationMode
GdipGraphicsClear
GdipFillPath
GdipDrawImagePointsI
GdipDrawImageRectRectI
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipImageGetFrameDimensionsCount
GdipLoadImageFromStreamICM
GdipImageGetFrameDimensionsList

imm32

ImmSetCompositionWindow
ImmGetContext

secur32

GetUserNameExW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

wininet

InternetGetConnectedState

iphlpapi

GetAdaptersInfo

msimg32

GradientFill
AlphaBlend

urlmon

URLDownloadToCacheFileW
URLDownloadToFileW

Sections

.text
Size: 935KB - Virtual size: 934KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 228KB - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 24KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 129KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

63dc3f6a3696155ad1a779d9a961376a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

psapi

gdiplus

imm32

secur32

version

wininet

iphlpapi

msimg32

urlmon

Sections

.text Size: 935KB - Virtual size: 934KB

.rdata Size: 228KB - Virtual size: 227KB

.data Size: 24KB - Virtual size: 38KB

.rsrc Size: 160KB - Virtual size: 160KB

.reloc Size: 129KB - Virtual size: 132KB

.text
Size: 935KB - Virtual size: 934KB

.rdata
Size: 228KB - Virtual size: 227KB

.data
Size: 24KB - Virtual size: 38KB

.rsrc
Size: 160KB - Virtual size: 160KB

.reloc
Size: 129KB - Virtual size: 132KB