5dcb7e7bc6ce931565dd0df6fba15b9578117bacc2be8ccd97081c711bd46f40

Sharing

Copy URL

Twitter E-mail

General

Target

5dcb7e7bc6ce931565dd0df6fba15b9578117bacc2be8ccd97081c711bd46f40
Size

307KB
MD5

0cf179d0ece73b69557b870f03357163
SHA1

1f4eef2ccc4e465950cefdb5745b7f561cd6cefa
SHA256

5dcb7e7bc6ce931565dd0df6fba15b9578117bacc2be8ccd97081c711bd46f40
SHA512

121e42d85c994930fd904512f0308dd2d35ab70a344cf83abd83a0151be745dd5293fb7df362adcf3a5670cffe4d4d8954de1eeb6b2fa979fc3571c1b16900c8
SSDEEP

6144:AtjxFh4Vd19VxqC0c4BDeCYjOEtsrC9K1BgsiPmJcr0b:g54J9V0C0csCCNrzqsX

Score

N/A

Malware Config

Signatures

Files

5dcb7e7bc6ce931565dd0df6fba15b9578117bacc2be8ccd97081c711bd46f40
.exe windows x86

2dbf6dfbd65090219a0d8dd96c6d7059

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

WindowFromAccessibleObject
ObjectFromLresult
LresultFromObject
GetStateTextW
GetRoleTextW
GetRoleTextA
GetOleaccVersionInfo
CreateStdAccessibleProxyW
CreateStdAccessibleProxyA
CreateStdAccessibleObject
AccessibleObjectFromWindow
AccessibleObjectFromPoint
AccessibleObjectFromEvent
AccessibleChildren

winspool.drv

ClosePrinter
ConvertUnicodeDevModeToAnsiDevmode
DEVICEMODE
DeletePrinter
DocumentPropertiesW
FlushPrinter
OpenPrinterW
StartPagePrinter
XcvDataW
CloseSpoolFileHandle

shlwapi

UrlIsNoHistoryW
AssocCreate
ColorAdjustLuma
GetMenuPosFromID
StrToIntW
StrCpyNW
StrCmpIW
StrCatW
SHRegCloseUSKey
ord16
PathRemoveFileSpecW
HashData
PathFindExtensionW

comdlg32

Ssync_ANSI_UNICODE_Struct_For_WOW
dwOKSubclass
dwLBSubclass
WantArrows
LoadAlterBitmap

user32

InSendMessage
ImpersonateDdeClientWindow
GrayStringW
GetWindowTextW
GetWindowTextLengthW
GetWindowPlacement
GetWindowLongW
GetWindowContextHelpId
GetSystemMetrics
GetSysColorBrush
GetSysColor
GetSubMenu
GetQueueStatus
GetPropW
GetProcessWindowStation
GetParent
GetNextDlgTabItem
GetNextDlgGroupItem
GetMessageW
GetMessageTime
GetMessagePos
GetMenuState
GetMenuItemID
GetMenuCheckMarkDimensions
GetMenu
GetLastActivePopup
GetInputState
GetForegroundWindow
GetFocus
GetDlgCtrlID
GetCursorPos
GetCursorInfo
GetClipboardSequenceNumber
InternalGetWindowText
IsClipboardFormatAvailable
IsIconic
IsRectEmpty
IsWindow
IsWindowVisible
LoadBitmapW
LoadCursorW
LoadStringW
LockSetForegroundWindow
MapDialogRect
MapWindowPoints
MessageBoxW
ModifyMenuW
OpenInputDesktop
PackDDElParam
PeekMessageA
PeekMessageW
PostQuitMessage
PostThreadMessageW
PtInRect
RegisterShellHookWindow
GetClientRect
GetClassNameW
GetClassLongW
GetClassInfoW
GetCaretBlinkTime
GetCapture
GetAsyncKeyState
GetActiveWindow
FlashWindow
FillRect
ExitWindowsEx
EndPaint
EndDialog
EnableScrollBar
EnableMenuItem
DrawTextW
DispatchMessageW
DispatchMessageA
DestroyWindow
DestroyMenu
DestroyIcon
DefWindowProcW
DdeUnaccessData
DdeClientTransaction
DdeAbandonTransaction
CreateWindowExW
CreateDialogIndirectParamW
CreateCursor
CopyRect
CopyImage
ClientToScreen
CheckMenuItem
CharUpperW
CallWindowProcW
CallNextHookEx
BeginPaint
AdjustWindowRectEx
RegisterWindowMessageW
ReleaseDC
RemovePropW
ScreenToClient
SendDlgItemMessageA
SendDlgItemMessageW
SendMessageW
SetActiveWindow
SetCursor
SetDebugErrorLevel
SetFocus
SetForegroundWindow
SetLayeredWindowAttributes
SetPropW
SetWindowLongW
SetWindowPos
SetWindowTextW
SetWindowsHookExW
SystemParametersInfoA
TabbedTextOutW
ToAsciiEx
TranslateMessage
UnhookWindowsHookEx
UnregisterClassA
UnregisterClassW
UpdateWindow
ValidateRect
WaitForInputIdle
WaitMessage
WinHelpW
keybd_event

kernel32

GetLastError
GetLocalTime
GetLocaleInfoW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetProcessIoCounters
GetStartupInfoW
GetStringTypeA
GetStringTypeW
GetSystemInfo
GetThreadLocale
lstrlenW
lstrlenA
lstrcmpiW
lstrcmpW
_lread
_lopen
_lcreat
_hread
WritePrivateProfileStringW
WriteFileGather
WriteFile
WriteConsoleW
WriteConsoleA
WinExec
WideCharToMultiByte
WaitForSingleObject
VirtualQuery
VirtualProtect
VirtualFree
VirtualAlloc
UnlockFile
UnhandledExceptionFilter
TryEnterCriticalSection
TransmitCommChar
TlsSetValue
TlsFree
TerminateProcess
SuspendThread
SizeofResource
SetThreadIdealProcessor
SetStdHandle
SetHandleCount
SetEvent
SetErrorMode
SetEnvironmentVariableA
SetConsoleCursorInfo
SetConsoleCursor
SetConsoleCtrlHandler
SetCommBreak
RtlUnwind
ResumeThread
ResetEvent
ReadFileScatter
QueryPerformanceFrequency
QueryPerformanceCounter
Process32Next
Process32First
PostQueuedCompletionStatus
OpenEventW
MultiByteToWideChar
MulDiv
LockResource
LockFile
LocalShrink
LocalReAlloc
LocalFree
LocalFlags
LocalAlloc
LoadResource
LoadLibraryW
LCMapStringW
LCMapStringA
IsValidCodePage
IsDebuggerPresent
IsDBCSLeadByte
InterlockedDecrement
InitializeCriticalSection
HeapSize
HeapReAlloc
HeapFree
HeapDestroy
HeapAlloc
GlobalUnlock
GlobalReAlloc
GlobalHandle
GlobalFlags
GlobalFindAtomW
GlobalDeleteAtom
GlobalAlloc
GetWriteWatch
GetVolumeInformationW
GetVersionExW
GetThreadPriority
GetLargestConsoleWindowSize
GetSystemTimeAsFileTime
GetSystemTimeAdjustment
BackupRead
Beep
CancelIo
CancelWaitableTimer
CloseHandle
CompareStringA
CompareStringW
ConvertDefaultLocale
CreateEventW
CreateFileA
CreateFileW
CreateThread
CreateTimerQueue
DebugActiveProcess
DeleteAtom
DeleteCriticalSection
DeleteTimerQueueTimer
DisconnectNamedPipe
DuplicateHandle
EnterCriticalSection
EnumResourceLanguagesW
EscapeCommFunction
ExitProcess
ExitThread
FatalExit
FileTimeToLocalFileTime
FindClose
FindFirstFileW
FindResourceExW
FindResourceW
FlushFileBuffers
FormatMessageW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetEnvironmentStringsW
GetFileInformationByHandle
GetFileSize
GetFileTime
GetFileType
GetHandleInformation
GetSystemTime

oleaut32

SafeArrayDestroy
SafeArrayCreate
SafeArrayGetLBound
SafeArrayGetUBound
SysAllocString
SysAllocStringLen
SysFreeString
VarDateFromI2
VarDateFromUI2
VarDecAdd
VarDecCmpR8
VarDecFromDisp
VarI4FromUI4
VarR8FromBool
VarR8FromUI1
VarUI2FromBool
VarUI2FromDate
VariantClear
VariantInit
VariantTimeToDosDateTime
OleTranslateColor

advapi32

StartServiceCtrlDispatcherW
AllocateAndInitializeSid
CloseEncryptedFileRaw
CloseServiceHandle
CopySid
CreateServiceW
DeregisterEventSource
FreeEncryptionCertificateHashList
FreeSid
GetAce
GetLocalManagedApplications
GetSidIdentifierAuthority
GetSidSubAuthority
GetSidSubAuthorityCount
GetTokenInformation
InitializeAcl
InitializeSecurityDescriptor
IsValidSid
LookupAccountNameW
LsaGetSystemAccessAccount
LsaLookupNames
MakeAbsoluteSD
OpenSCManagerW
OpenThreadToken
QueryServiceStatus
RegCreateKeyExW
RegCreateKeyW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyW
RegOpenKeyExW
RegQueryValueExW
RegQueryValueW
RegSetKeySecurity
RegSetValueExW
RegisterServiceCtrlHandlerW
ReportEventW
SetSecurityDescriptorDacl
SystemFunction014
SystemFunction008
AddAccessAllowedObjectAce
SetServiceStatus
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup

version

GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
GetFileVersionInfoW

ole32

HENHMETAFILE_UserSize
CoRevokeClassObject
OpenOrCreateStream
CoInitializeSecurity
CoCreateInstance
CoRegisterClassObject
CoTreatAsClass
CoInitializeEx
STGMEDIUM_UserUnmarshal
SetDocumentBitStg

gdi32

CloseMetaFile
CreateBitmap
CreatePenIndirect
EnumFontFamiliesExW
ExtTextOutW
GdiPlayScript
GetBitmapBits
GetColorSpace
GetEnhMetaFilePaletteEntries
GetObjectW
OffsetViewportOrgEx
PolyPolyline
PtVisible
RestoreDC
SaveDC
ScaleViewportExtEx
SelectObject
SetBkMode
SetPolyFillMode
SetViewportExtEx
SetViewportOrgEx
UnrealizeObject

ntdll

NtCreateKey
NtRequestPort
wcstombs
RtlUnicodeStringToInteger
RtlQueryTimeZoneInformation
RtlFindClearBitsAndSet
RtlInsertElementGenericTable
NtQueryDirectoryFile
RtlIntegerToUnicodeString

ws2_32

WSAAsyncSelect
WSAHtons
WSAResetEvent
WSCWriteNameSpaceOrder
bind
closesocket
getpeername
sendto
shutdown
socket

opengl32

glLightModelf
glNormal3fv
glAccum
glBlendFunc
glPixelTransferi
glGetFloatv
glTexCoord4dv
glVertex4f
wglGetPixelFormat
glFogfv
glEvalCoord2dv
glEvalCoord1dv
glEvalCoord1d
glCullFace
glColor3bv
glClearAccum
glTexCoord3fv

winmm

timeSetEvent
waveOutSetVolume
midiOutReset
midiStreamOut
mmGetCurrentTask
mmTaskYield
tid32Message
timeKillEvent

Sections

.text
Size: 221KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2dbf6dfbd65090219a0d8dd96c6d7059

Headers

File Characteristics

Imports

oleacc

winspool.drv

shlwapi

comdlg32

user32

kernel32

oleaut32

advapi32

version

ole32

gdi32

ntdll

ws2_32

opengl32

winmm

Sections

.text Size: 221KB - Virtual size: 224KB

.rdata Size: 29KB - Virtual size: 31KB

.data Size: 22KB - Virtual size: 23KB

.idata Size: 12KB - Virtual size: 15KB

.rsrc Size: 21KB - Virtual size: 23KB

.text
Size: 221KB - Virtual size: 224KB

.rdata
Size: 29KB - Virtual size: 31KB

.data
Size: 22KB - Virtual size: 23KB

.idata
Size: 12KB - Virtual size: 15KB

.rsrc
Size: 21KB - Virtual size: 23KB