082bbc69f7de7c9db95ab9f3b9344bb61ded37781ae4c85f7bf093f5889fcd9e

Sharing

Copy URL Twitter E-mail

General

Target

082bbc69f7de7c9db95ab9f3b9344bb61ded37781ae4c85f7bf093f5889fcd9e
Size

151KB
MD5

0214f579215e56006b0ab50be9acfd04
SHA1

7f8f42f55f9dbf89a5d0db8a176fe5fd139125a3
SHA256

082bbc69f7de7c9db95ab9f3b9344bb61ded37781ae4c85f7bf093f5889fcd9e
SHA512

f7e776ea410aff396a9ced1546fac4290a183978ab52f6d1535b28ad9e432da89c9add989b5df8e996a4d27bdf297ff9c48e897a25c1843445c2525eae68c365
SSDEEP

3072:BvvcWM3qZ1FVgGouebb/9tkYkG8rC0sZOxHQHl6RHEIZQ9xfiomcoJ:VUWM3q/ZzQD9tk+YDsQtfR/Q9xaomcoJ

Score

N/A

Malware Config

Signatures

Files

082bbc69f7de7c9db95ab9f3b9344bb61ded37781ae4c85f7bf093f5889fcd9e
.exe windows x86

24100dd9bc8e3e54db50f5b43b8182be

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptGetUserKey
SetSecurityDescriptorOwner
CryptHashData
CryptDestroyKey
InitializeAcl
CopySid
SetSecurityDescriptorGroup
RegCloseKey
CryptReleaseContext
ConvertStringSidToSidW
ImpersonateSelf
OpenProcessToken
MakeAbsoluteSD
CryptAcquireContextW
CryptCreateHash
GetSecurityDescriptorGroup
GetSecurityInfo
RegQueryValueExW
LookupPrivilegeValueW
CryptDecrypt
GetSecurityDescriptorDacl
CryptDestroyHash
GetSecurityDescriptorLength
InitializeSid
CryptSetProvParam
EqualSid
RegOpenKeyExW
GetSecurityDescriptorOwner
AdjustTokenPrivileges
IsValidSid
ReportEventW
GetSidLengthRequired
GetSecurityDescriptorSacl
GetSidSubAuthority
CryptGetProvParam
CryptGetHashParam
GetLengthSid
SetThreadToken
CryptSetHashParam
GetTokenInformation
SetSecurityDescriptorDacl
LookupAccountSidW
InitializeSecurityDescriptor
GetAclInformation
RevertToSelf
GetAce
MakeSelfRelativeSD
CryptSignHashW
AddAce
OpenThreadToken
RegisterEventSourceW
DeregisterEventSource
GetSecurityDescriptorControl

kernel32

VirtualFree
SystemTimeToFileTime
GetFileSizeEx
VerSetConditionMask
GetSystemTime
BaseFlushAppcompatCache
GetThreadLocale
SetProcessAffinityMask
GetTimeFormatW
GetProfileIntA
GetCurrentProcessId
VerifyVersionInfoW
GetCommandLineW
HeapSize
AssignProcessToJobObject
SetInformationJobObject
SetLastError
UnhandledExceptionFilter
GetGeoInfoW
FormatMessageW
HeapDestroy
CreateFileW
GetTickCount
CreateSemaphoreW
LZOpenFileW
DebugBreak
InterlockedIncrement
lstrcpyW
GetFileSize
IsDebuggerPresent
WideCharToMultiByte
GetVersionExW
CreateJobObjectW
MapViewOfFile
GetProcessHeap
CloseHandle
OpenEventW
GetConsoleAliasesLengthW
HeapReAlloc
FindNextFileA
SetProcessShutdownParameters
HeapSetInformation
InterlockedDecrement
GlobalGetAtomNameW
LockFile
GetDriveTypeA
SetCurrentDirectoryW
ReadConsoleOutputCharacterW
FindResourceExW
VirtualAlloc
QueryPerformanceCounter
CloseHandle
TerminateJobObject
GlobalUnlock
CompareFileTime
LoadResource
UnregisterWait
HeapAlloc
GetUserGeoID
GetFileType
FileTimeToSystemTime
ExpandEnvironmentStringsA
GetEnvironmentVariableW
GetUserDefaultUILanguage
LockResource
TerminateProcess
GetStartupInfoW
GetStringTypeExW
RaiseException
SystemTimeToTzSpecificLocalTime
GetExitCodeThread
GetDateFormatW
SetCurrentDirectoryW
LocalFree
GetDriveTypeW
VerifyVersionInfoW
FindFirstVolumeMountPointA
CreateFileMappingW
QueueUserWorkItem
GetCommandLineW
GetLastError
SetUnhandledExceptionFilter
FlushInstructionCache
UnregisterWaitEx
WaitForDebugEvent
ResetEvent
FreeLibrary
PeekNamedPipe
SetUnhandledExceptionFilter
SetEvent
GetCurrentThread
OpenProcess
LCMapStringW
GetComputerNameExW
IsProcessorFeaturePresent
ExitProcess
OpenFileMappingW
RegisterWaitForSingleObject
FatalAppExitA
WaitForMultipleObjects
GetACP
OutputDebugStringW
DuplicateHandle
FindResourceW
LocalAlloc
RtlFillMemory
EnumSystemGeoID
CompareStringW
InterlockedCompareExchange
GetSystemDefaultUILanguage
LeaveCriticalSection
MultiByteToWideChar
GetSystemTimeAsFileTime
ExitProcess
CreateEventW
ExpandEnvironmentStringsW
ScrollConsoleScreenBufferA
HeapDestroy
GetCurrentDirectoryW
GetLocaleInfoW
GetLocaleInfoA
Sleep
HeapFree
GetCurrentProcess
InterlockedExchange
SizeofResource
OpenEventW
GetTimeFormatW
UnmapViewOfFile
GetVersionExA
EnterCriticalSection
DeleteCriticalSection
WaitForSingleObject
LZOpenFileA
FatalExit

gdi32

CreateDIBSection
SetTextColor
CreateCompatibleDC
DeleteDC
BitBlt
SetDIBits
GetTextExtentPoint32W
GetTextColor
GetDeviceCaps
SetLayout
SelectObject
DeleteObject
SetBkMode
CreateCompatibleBitmap
StretchBlt
CreateDCW
GetBkColor
GetStockObject
GetObjectA
CreateRoundRectRgn
CreateICW
GetDIBits
GetObjectW
CreateFontIndirectW
SetBkColor
CreateSolidBrush

user32

DefWindowProcW
BeginPaint
GetDialogBaseUnits
IsDlgButtonChecked
IsCharLowerW
KillTimer
GetInputDesktop
PtInRect
GetQueueStatus
InvalidateRect
DefWindowProcW
SetClassWord
GetMessageW
DdeInitializeW
AllowForegroundActivation
EqualRect
MonitorFromWindow
CheckMenuItem
CopyIcon
GetShellWindow
GetClassNameW
PostThreadMessageW
SetCursor
SetCapture
GetDC
SetInternalWindowPos
GetFocus
DeleteMenu
CreateSystemThreads
SetForegroundWindow
MapWindowPoints
CreateDialogIndirectParamA
LoadImageW
GetKeyboardState
RegisterMessagePumpHook
EnumDisplaySettingsA
RedrawWindow
IsChild
GetClipboardData
SetFocus
DestroyMenu
CreateAcceleratorTableW
AppendMenuW
GetWindowTextLengthW
ClientToScreen
PrivateExtractIconsW
SwitchDesktop
GetMessageW
DdeFreeDataHandle
DdeAccessData
DrawIconEx
CloseDesktop
LoadMenuIndirectW
GetMenuItemInfoA
FillRect
PostMessageW
RegisterDeviceNotificationA
KillTimer
ShowWindow
DeferWindowPos
GetMenuItemRect
DdeConnect
RegisterClassExW
GetCaretPos
PrivateExtractIconExA
WinHelpW
EnableWindow
ScreenToClient
MessageBoxExA
SetTimer
SetThreadDesktop
GetKeyboardLayoutList
DrawFocusRect
InvalidateRgn
SetMenuItemInfoA
PrivateExtractIconExW
CharToOemW
BroadcastSystemMessageA
RealChildWindowFromPoint
ChangeDisplaySettingsA
DrawMenuBar
EnableMenuItem
InvalidateRect
IsWindow
EnumWindowStationsA
SystemParametersInfoW
IsWindowEnabled
GetKeyState
SetTimer
RegisterClassA
GetParent
GetMonitorInfoW
IMPGetIMEA
DestroyWindow
CreateWindowExW
PostQuitMessage
DlgDirListA
DdeFreeStringHandle
GetInputState
TrackPopupMenuEx
GetRegisteredRawInputDevices
TranslateAcceleratorW
EndDialog
IsRectEmpty
EnumDisplayMonitors
GetForegroundWindow
ClientToScreen
GetWindowTextW
ActivateKeyboardLayout
GetMonitorInfoW
MoveWindow
DlgDirSelectExW
SetWindowTextW
TrackMouseEvent
ReleaseDC
GetClassInfoExW
LoadCursorW
GetSystemMetrics
CliImmSetHotKey
GetClientRect
LoadStringW
SetClipboardViewer
SetWindowRgn
ArrangeIconicWindows
DestroyAcceleratorTable
IsWindowVisible
MessageBoxExW
GetWindowRect
ScrollChildren
keybd_event
SendNotifyMessageA
SendMessageW
EndPaint
SetWindowPos
BeginDeferWindowPos
GetMessagePos
SetCaretPos
SetClassLongW
MessageBoxW
WindowFromDC
InflateRect
InflateRect
GetWindow
SetScrollInfo
GetSysColor
DestroyMenu
LoadCursorA
GetWindowLongW
CharUpperW
GetKeyboardLayout
SetActiveWindow
IsDialogMessageW
UpdateWindow
DestroyIcon
MessageBoxIndirectA
DialogBoxParamW
SendMessageCallbackA
SetWindowLongW
OpenInputDesktop
IsDialogMessageW
CharNextW
GetScrollInfo
SendInput
UnloadKeyboardLayout
MessageBeep
CreateDesktopW
GetCapture
CopyRect
ScrollWindowEx
GetDlgCtrlID
OffsetRect
CloseDesktop
UnregisterClassA
TranslateMessage
EndDeferWindowPos
GetThreadDesktop
DispatchMessageW
MsgWaitForMultipleObjects
GetWinStationInfo
MB_GetString
CreatePopupMenu
LoadStringW
GetUserObjectInformationW
GetDesktopWindow

comctl32

ImageList_Add
ImageList_Create
ImageList_Destroy

comdlg32

GetOpenFileNameW
GetSaveFileNameW

cryptui

CryptUIDlgViewCertificateW

msimg32

AlphaBlend

ole32

CoCreateInstance
CreateStreamOnHGlobal
StgCreateStorageEx
CoUninitialize
CoCreateGuid
StringFromGUID2
CoInitializeEx
CoTaskMemFree

rpcrt4

RpcImpersonateClient
RpcBindingFree
NdrClientCall2
RpcStringBindingComposeW
NdrServerCall2
RpcServerUseProtseqEpW
RpcServerUnregisterIf
RpcBindingSetAuthInfoExW
UuidToStringW
UuidCreate
RpcMgmtIsServerListening
RpcStringFreeW
RpcRevertToSelfEx
RpcServerRegisterIf2
RpcServerListen
RpcBindingFromStringBindingW

shlwapi

PathAddBackslashW
PathFindExtensionW

uxtheme

DrawThemeParentBackground

crypt32

CertDuplicateCertificateContext
CertCreateCertificateContext
CertFindCertificateInStore
CertCloseStore
CertOIDToAlgId
CertOpenStore
CertDuplicateStore
CertFreeCertificateContext
CertSerializeCertificateStoreElement
CertStrToNameW
CryptAcquireCertificatePrivateKey

userenv

UnloadUserProfile

shell32

ShellExecuteExW
SHGetFolderPathW
CommandLineToArgvW

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

wininet

InternetConnectW
InternetCloseHandle
HttpOpenRequestW
InternetReadFile
HttpSendRequestW
InternetCrackUrlW
HttpQueryInfoW
InternetOpenW

cmutil

CmStrtokA
CmBuildFullPathFromRelativeW
CmFmtMsgA
CmStrrchrA
CmStrchrA
IsFarEastNonOSR2Win95
CmParsePathW
ReleaseBold

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rDhcYt
Size: 2KB - Virtual size: 38KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.s
Size: 2KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Izs
Size: 2KB - Virtual size: 13KB

IMAGE_SCN_MEM_READ

.rsrc
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

24100dd9bc8e3e54db50f5b43b8182be

Headers

File Characteristics

Imports

advapi32

kernel32

gdi32

user32

comctl32

comdlg32

cryptui

msimg32

ole32

rpcrt4

shlwapi

uxtheme

crypt32

userenv

shell32

version

wininet

cmutil

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 13KB - Virtual size: 13KB

.rDhcYt Size: 2KB - Virtual size: 38KB

.data Size: 8KB - Virtual size: 24KB

.s Size: 2KB - Virtual size: 19KB

.Izs Size: 2KB - Virtual size: 13KB

.rsrc Size: 106KB - Virtual size: 106KB

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 13KB - Virtual size: 13KB

.rDhcYt
Size: 2KB - Virtual size: 38KB

.data
Size: 8KB - Virtual size: 24KB

.s
Size: 2KB - Virtual size: 19KB

.Izs
Size: 2KB - Virtual size: 13KB

.rsrc
Size: 106KB - Virtual size: 106KB