a92a61ad96ad8e7fd995ec8deef178b9bc97eab40856640566a747a27e53f46c

Sharing

Copy URL

Twitter E-mail

General

Target

a92a61ad96ad8e7fd995ec8deef178b9bc97eab40856640566a747a27e53f46c
Size

832KB
MD5

02de35434876d8affc83960e32012e62
SHA1

fa293dc74a4307582a872e51990948fbcc53c38b
SHA256

a92a61ad96ad8e7fd995ec8deef178b9bc97eab40856640566a747a27e53f46c
SHA512

8cf4ebd286eb1b5a9f2416698beefeba8f8a0d65842508f16a1193cd71850176743fcefeac1158771eb1a0486bf5ee3e670a1b64848d472f347a11912bb226ab
SSDEEP

12288:wUiL5o/PyqYDsMgKP2N2jPKj2C7N/4PZNLXqs76P:CNP2NQSj2C7NQPZRR76P

Score

N/A

Malware Config

Signatures

Files

a92a61ad96ad8e7fd995ec8deef178b9bc97eab40856640566a747a27e53f46c
.exe windows x86

932d8ef88ba3e502258768e7fa2a1c34

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipFillRectangleI
GdipCreateBitmapFromFile
GdipDrawImageRectI
GdiplusShutdown
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipLoadImageFromFileICM
GdipLoadImageFromFile
GdipSetSolidFillColor
GdipCloneImage
GdipCloneBrush
GdipDrawImageRectRectI
GdipDrawString
GdipSetInterpolationMode
GdipSetTextRenderingHint
GdipReleaseDC
GdipGetDC
GdipGetImageGraphicsContext
GdipCreateFromHDC
GdipCreateSolidFill
GdipBitmapGetPixel
GdipCreateBitmapFromScan0
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteFont
GdipCreateFont
GdipDeleteFontFamily
GdipGetGenericFontFamilySansSerif
GdipCreateFontFamilyFromName
GdipDeleteGraphics
GdipDeleteBrush
GdipAlloc
GdipFree
GdiplusStartup
GdipGetPropertyItem

kernel32

GlobalAlloc
GlobalLock
GetLocaleInfoA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThreadId
GetCurrentThread
GlobalAddAtomA
FreeResource
GlobalUnlock
GetVersionExA
lstrcmpW
GlobalFindAtomA
GlobalGetAtomNameA
MulDiv
LocalFree
FormatMessageA
GetModuleFileNameW
InterlockedDecrement
InterlockedIncrement
GetThreadLocale
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
GetVolumeInformationA
GetFullPathNameA
GetCPInfo
GetOEMCP
FileTimeToSystemTime
SetErrorMode
FileTimeToLocalFileTime
GetFileTime
GlobalDeleteAtom
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
RtlUnwind
ExitThread
CreateThread
ExitProcess
HeapAlloc
HeapFree
HeapReAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetTimeFormatA
GetDateFormatA
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetDriveTypeA
GetConsoleCP
GetConsoleMode
GetProcessHeap
GetStartupInfoA
HeapSize
GetStdHandle
VirtualFree
HeapDestroy
HeapCreate
SetHandleCount
GetFileType
GetACP
SetStdHandle
CreateFileW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStringTypeA
GetStringTypeW
GetLocaleInfoW
LCMapStringA
LCMapStringW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetEnvironmentVariableA
GetModuleHandleA
GetPrivateProfileStringA
GlobalFree
GetPrivateProfileIntA
GetComputerNameA
GetExitCodeProcess
SetFileAttributesA
DeleteFileA
GetCurrentProcessId
WaitForMultipleObjects
SetLastError
GetProcAddress
WriteFile
GetFileAttributesA
CreateDirectoryA
ReadFile
CreateFileA
SetFilePointer
TerminateThread
FindFirstFileA
FindNextFileA
lstrcmpA
FindClose
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
CreateProcessA
LoadLibraryA
FreeLibrary
CompareStringW
CompareStringA
GetVersion
Sleep
GetLastError
InterlockedExchange
GetTickCount
SetCurrentDirectoryA
GetModuleFileNameA
CreateToolhelp32Snapshot
Process32First
Module32First
Process32Next
OpenProcess
TerminateProcess
GetCurrentDirectoryA
WritePrivateProfileStringA
lstrlenA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
CloseHandle
WaitForSingleObject
MultiByteToWideChar
GetCommandLineA
UnhandledExceptionFilter

user32

SendDlgItemMessageA
RegisterWindowMessageA
IsDialogMessageA
SetWindowTextA
MoveWindow
ShowWindow
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
ClientToScreen
GetWindowDC
BeginPaint
EndPaint
CharNextA
CopyAcceleratorTableA
SetRect
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
LoadCursorA
GetSysColorBrush
DestroyMenu
UnregisterClassA
RegisterClipboardFormatA
PostThreadMessageA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
WinHelpA
IsChild
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExA
GetPropA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
EqualRect
GetScrollInfo
SetScrollInfo
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
IntersectRect
IsIconic
GetWindowPlacement
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
SetActiveWindow
GetSystemMetrics
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
PeekMessageA
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
GetMenuState
EnableMenuItem
CheckMenuItem
PostQuitMessage
EnumDisplaySettingsA
MessageBoxA
PostMessageA
GetComboBoxInfo
ReleaseCapture
OffsetRect
LoadImageA
GetCursorPos
IsRectEmpty
SetCapture
ScreenToClient
PtInRect
CopyRect
GetAsyncKeyState
GetKeyState
SetScrollPos
ReleaseDC
GetDC
CharUpperA
InvalidateRect
GetCapture
GetClassLongA
GetClassNameA
SetForegroundWindow
SetPropA
UpdateWindow
GetParent
GetWindowLongA
SetWindowLongA
SystemParametersInfoA
LoadIconA
EnableWindow
GetDesktopWindow
KillTimer
SetTimer
IsWindowVisible
GetClientRect
GetWindowRect
SetWindowRgn
RemovePropA
SetFocus
GetWindowTextA
GetClassInfoExA
GetForegroundWindow
SendMessageA
ModifyMenuA

gdi32

SetTextColor
SetBkColor
GetDeviceCaps
SaveDC
RestoreDC
SetBkMode
SetMapMode
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetClipBox
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
CreateFontIndirectA
GetMapMode
DPtoLP
CreateBitmap
CreateSolidBrush
DeleteObject
SelectObject
StretchBlt
CreateCompatibleDC
GetStockObject
GetTextExtentPoint32A
PtInRegion
GetObjectA
BitBlt
CombineRgn
CreateRectRgn
SetViewportOrgEx
DeleteDC

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueA
RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA

shell32

ShellExecuteExA

comctl32

_TrackMouseEvent
InitCommonControlsEx

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA

oledlg

ord8

ole32

CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

SysFreeString
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
SysStringLen
SysAllocStringByteLen
OleCreateFontIndirect
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
SysAllocString
VariantCopy

ws2_32

connect
WSACleanup
gethostname
gethostbyname
WSAGetLastError
inet_ntoa
bind
WSAIoctl
recvfrom
sendto
send
htons
inet_addr
socket
setsockopt
closesocket
recv
WSAStartup

Sections

.text
Size: 468KB - Virtual size: 467KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tc
Size: 204KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

932d8ef88ba3e502258768e7fa2a1c34

Headers

File Characteristics

Imports

gdiplus

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

Sections

.text Size: 468KB - Virtual size: 467KB

.rdata Size: 112KB - Virtual size: 110KB

.data Size: 16KB - Virtual size: 89KB

.rsrc Size: 28KB - Virtual size: 27KB

.tc Size: 204KB - Virtual size: 204KB

.text
Size: 468KB - Virtual size: 467KB

.rdata
Size: 112KB - Virtual size: 110KB

.data
Size: 16KB - Virtual size: 89KB

.rsrc
Size: 28KB - Virtual size: 27KB

.tc
Size: 204KB - Virtual size: 204KB