67ffced7f914a4b7fa903495239f7a7e967fa1eefbdc1a7398e12daa26f33099

Sharing

Copy URL

Twitter E-mail

General

Target

67ffced7f914a4b7fa903495239f7a7e967fa1eefbdc1a7398e12daa26f33099
Size

1005KB
MD5

0af236256d2bbeb321f43b0261abaa67
SHA1

5b5cc11573ad1f5cfdb4bdb09bf250ad122f546b
SHA256

67ffced7f914a4b7fa903495239f7a7e967fa1eefbdc1a7398e12daa26f33099
SHA512

cc77c333ac92cd5f54ff32d364de12eb326785c2096c1905fb472de97693cfbd402da0ba323b22a488beaa9ecb538ee7dbb5807ce17574888bdd2ebfc8ccca99
SSDEEP

24576:lrcikBn3FEd6351YJFZV8dT4++I7T4X56LeAkezEmB:839sZV8dE/AT4X56LeAkUB

Score

N/A

Malware Config

Signatures

Files

67ffced7f914a4b7fa903495239f7a7e967fa1eefbdc1a7398e12daa26f33099
.exe windows x86

9d8737448a30ec9aa493772e0d5d4462

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationW

kernel32

GetSystemTime
SetFileTime
MulDiv
MapViewOfFileEx
GetFullPathNameW
GetCPInfo
IsDBCSLeadByte
GetTickCount
DeleteCriticalSection
InitializeCriticalSection
GetStdHandle
WriteConsoleW
FreeResource
SetEndOfFile
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
SetStdHandle
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
FlushFileBuffers
GetConsoleMode
GetConsoleCP
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetCurrentDirectoryA
WaitForSingleObject
GetDateFormatA
GetTimeFormatA
GetFileAttributesW
HeapCreate
IsValidCodePage
GetOEMCP
ExitProcess
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
OpenMutexW
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
RtlUnwind
GetStartupInfoW
CreateDirectoryW
FileTimeToLocalFileTime
FileTimeToSystemTime
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
Sleep
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
InterlockedCompareExchange
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
lstrlenW
InterlockedDecrement
GlobalFree
GlobalAlloc
CompareStringA
CompareStringW
SetEnvironmentVariableA
GlobalUnlock
GlobalLock
GetFileSizeEx
VirtualFreeEx
SetFileAttributesW
CreateMutexW
InterlockedIncrement
FindNextFileW
DeleteFileW
VirtualAllocEx
OpenProcess
CloseHandle
GetFileTime
CreateFileW
RaiseException
SetLastError
GetVersion
LocalFree
ProcessIdToSessionId
FlushInstructionCache
GetCurrentProcess
LeaveCriticalSection
EnterCriticalSection
GetDiskFreeSpaceExW
DeviceIoControl
QueryDosDeviceW
GetDriveTypeW
GetLogicalDrives
CopyFileW
GetCurrentThread
GetModuleFileNameA
VirtualQuery
GetCurrentProcessId
WritePrivateProfileStringW
ReadProcessMemory
VirtualQueryEx
GetThreadSelectorEntry
SetUnhandledExceptionFilter
CreateFileA
FreeLibrary
GetVersionExW
GetLocalTime
UnmapViewOfFile
MapViewOfFile
SystemTimeToFileTime
CreateFileMappingW
OpenFileMappingW
GetProcAddress
LoadLibraryW
GetModuleFileNameW
SetFilePointer
GetLastError
WriteFile
ReadFile
GetFileSize
FindClose
FindFirstFileW
GetCurrentThreadId
FindResourceExW
LoadResource
LockResource
SizeofResource
MultiByteToWideChar
FindResourceW
GetModuleHandleA
WideCharToMultiByte
GetTimeZoneInformation
GetDriveTypeA

user32

EnumDisplayMonitors
UpdateLayeredWindow
PostMessageW
SetWindowPos
IsWindowVisible
UpdateWindow
RegisterClassExW
GetClassInfoExW
UnregisterClassW
MoveWindow
GetPropW
GetWindow
SetPropW
GetWindowThreadProcessId
SetRectEmpty
FindWindowExW
WindowFromPoint
UnregisterClassA
FillRect
MenuItemFromPoint
UnhookWindowsHookEx
SetWindowsHookExW
GetSysColor
GetSysColorBrush
CallNextHookEx
CopyRect
GetMenuItemID
DrawTextW
GetKeyNameTextW
MapVirtualKeyW
SetRect
ReleaseDC
GetDC
MonitorFromPoint
GetMonitorInfoW
CreateWindowExW
GetWindowTextW
GetKeyboardLayoutList
LoadBitmapW
TrackPopupMenu
SystemParametersInfoW
IsWindow
DestroyMenu
FindWindowW
GetMenuItemRect
AppendMenuW
GetMenuItemInfoW
CreateMenu
GetWindowRect
GetMenuItemCount
GetKeyState
EnableMenuItem
SetMenuItemBitmaps
CheckMenuRadioItem
CheckMenuItem
LoadIconW
InsertMenuW
GetSubMenu
LoadMenuW
PostQuitMessage
SetForegroundWindow
ModifyMenuW
DestroyWindow
DialogBoxParamW
MessageBoxW
CreateDialogParamW
GetMessageW
ShowWindow
RegisterWindowMessageW
DispatchMessageW
TranslateMessage
IsDialogMessageW
SetWindowTextW
SendMessageW
GetDlgItem
CallWindowProcW
LoadCursorW
SetCursor
SetTimer
InvalidateRect
KillTimer
PtInRect
GetClientRect
ScreenToClient
GetMessagePos
ClientToScreen
OffsetRect
GetCursorPos
EndPaint
BeginPaint
DefWindowProcW
EndDialog
SetWindowLongW
DestroyIcon
GetWindowLongW
LoadImageW
GetDesktopWindow

gdi32

Rectangle
PatBlt
GetDeviceCaps
GetObjectW
CreateDIBSection
Ellipse
SetBkMode
CreateFontIndirectW
BitBlt
CreateSolidBrush
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
SetPixel
GetPixel
StretchDIBits
SetStretchBltMode
DeleteDC
GetStockObject
CreateFontW
SetTextColor
DeleteObject
CreatePen

advapi32

RegSetValueExW
LookupAccountNameW
OpenProcessToken
ConvertSidToStringSidW
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
LookupAccountSidW
GetTokenInformation
GetSecurityInfo
BuildExplicitAccessWithNameW
SetEntriesInAclW
SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetSecurityDescriptorSacl
IsTextUnicode

shell32

SHGetSpecialFolderPathW
Shell_NotifyIconW
SHGetFolderPathW
ShellExecuteW
ShellExecuteExW
SHCreateDirectoryExW

ole32

CoCreateGuid
CoInitialize
CoUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfile
StgOpenStorage
StgOpenStorageOnILockBytes

shlwapi

PathFileExistsW

comctl32

ord17

msimg32

TransparentBlt

imm32

ImmGetIMEFileNameW
ImmGetHotKey

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

ws2_32

socket
htons
WSAStartup
sendto
gethostbyname
WSACleanup
ntohl
htonl
closesocket

netapi32

NetApiBufferFree
NetWkstaTransportEnum
Netbios

Sections

.text
Size: 648KB - Virtual size: 645KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 124KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 212KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9d8737448a30ec9aa493772e0d5d4462

Headers

File Characteristics

Imports

wtsapi32

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

comctl32

msimg32

imm32

version

ws2_32

netapi32

Sections

.text Size: 648KB - Virtual size: 645KB

.rdata Size: 124KB - Virtual size: 120KB

.data Size: 12KB - Virtual size: 24KB

.rsrc Size: 212KB - Virtual size: 212KB

.text
Size: 648KB - Virtual size: 645KB

.rdata
Size: 124KB - Virtual size: 120KB

.data
Size: 12KB - Virtual size: 24KB

.rsrc
Size: 212KB - Virtual size: 212KB