5cebe5686308a978454806ab86e13703487bcedb799d0b8200b8345bf44db2fb

Sharing

Copy URL Twitter E-mail

General

Target

5cebe5686308a978454806ab86e13703487bcedb799d0b8200b8345bf44db2fb
Size

736KB
MD5

36fcca3512602a0182f577e0e7baadb0
SHA1

cb90be651446aff84cb8a69913312dafd3d5a4de
SHA256

5cebe5686308a978454806ab86e13703487bcedb799d0b8200b8345bf44db2fb
SHA512

a9967eaef9980e72831b516aeb012dc13ad284506916105198b5e44c4b8fc4fb2db99c9e6926584c820973dd92f89c39e3ab594e7f3867392945b8f3782e3538
SSDEEP

12288:JDNOP7el4ofJ19Uhe+sRzA9x3EuGAAX3u0UELYPAoF8c2g:JDNOP7el5fJ19Uhe+sRzA9x3EuGAAHuR

Score

N/A

Malware Config

Signatures

Files

5cebe5686308a978454806ab86e13703487bcedb799d0b8200b8345bf44db2fb
.exe windows x86

60ed9d0fb00b3a793e9b2394c0ac137b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvfw32

DrawDibClose
DrawDibOpen
DrawDibSetPalette
DrawDibRealize
DrawDibDraw

fwatl

_AtlModuleTerm@4
_AtlModuleInit@12
_AtlModuleUpdateRegistryFromResourceD@20
_AtlModuleRegisterClassObjects@12
_AtlModuleRevokeClassObjects@4
_AtlModuleUnregisterServer@8
_AtlModuleRegisterWndClassInfoW@12
_AtlModuleAddTermFunc@12
___FreeStdCallThunk@4
___AllocStdCallThunk@0
_AtlModuleExtractCreateWndData@4
_AtlModuleAddCreateWndData@12
_AtlInternalQueryInterface@16
_AtlComPtrAssign@8
_AtlModuleRegisterServer@12

kernel32

CloseHandle
Process32FirstW
Process32NextW
Module32FirstW
Module32NextW
TerminateProcess
GetModuleFileNameW
WaitForMultipleObjects
GetTickCount
SetThreadExecutionState
lstrcpyW
InterlockedExchange
GetModuleHandleW
VirtualProtect
FormatMessageW
GetLocalTime
SetFilePointer
GetSystemTime
CreateProcessW
CreateDirectoryW
IsDebuggerPresent
WriteFile
RaiseException
IsBadWritePtr
OutputDebugStringW
SetUnhandledExceptionFilter
VirtualQuery
WriteProcessMemory
QueryPerformanceCounter
UnhandledExceptionFilter
GetStartupInfoW
InterlockedCompareExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
Sleep
GetFullPathNameW
GetLastError
CreateToolhelp32Snapshot
WaitForSingleObject
CreateMutexW
InterlockedIncrement
InterlockedDecrement
lstrcpynW
lstrlenW
FlushInstructionCache
GetCurrentProcess
ExitProcess
SetThreadPriority
GetCurrentThread
GetVersionExW
FreeLibrary
GetProcAddress
LoadLibraryW
GetCurrentProcessId
GetSystemPowerStatus
GetCurrentThreadId
OpenProcess
DeviceIoControl
CreateFileW
GetPrivateProfileStringW
GetSystemTimeAsFileTime

user32

LoadImageW
AdjustWindowRectEx
SetScrollInfo
GetScrollInfo
ShowScrollBar
SetScrollPos
ScrollWindow
GetScrollRange
GetScrollPos
GetClientRect
GetMessageW
TranslateMessage
wsprintfW
IsDialogMessageW
GetParent
UpdateWindow
MessageBoxW
GetSystemMetrics
SystemParametersInfoW
MoveWindow
GetWindowInfo
GetWindowRect
GetDesktopWindow
CallWindowProcW
DispatchMessageW
GetWindowLongW
EnumWindows
GetFocus
wvsprintfW
LoadIconW
LoadStringW
EnableWindow
SetWindowPos
SetWindowTextW
PostQuitMessage
BeginPaint
EndPaint
GetForegroundWindow
GetWindowThreadProcessId
IsChild
IsIconic
PostThreadMessageW
SetForegroundWindow
CreateDialogParamW
SetWindowLongW
KillTimer
SetTimer
ShowWindow
BringWindowToTop
SubtractRect
GetSysColor
DrawTextW
OffsetRect
IsWindow
EnumThreadWindows
AttachThreadInput
GetWindow
DestroyWindow
SetCapture
InvalidateRect
PtInRect
GetAsyncKeyState
keybd_event
GetCapture
ReleaseCapture
FindWindowW
RegisterClassW
CreateWindowExW
SendMessageW
CharNextW
PostMessageW
DefWindowProcW
RegisterWindowMessageW

gdi32

GetObjectW
GetDIBColorTable
SetEnhMetaFileBits
PlayEnhMetaFile
SetWinMetaFileBits
DeleteEnhMetaFile
CreateICW
SetViewportOrgEx
DPtoLP
BitBlt
GetDeviceCaps
CreateCompatibleDC
CreateCompatibleBitmap
SetWindowOrgEx
SetBkColor
ExtTextOutW
SetTextColor
SelectObject
SetBkMode
DeleteObject
CreateFontIndirectW
DeleteDC

comdlg32

GetOpenFileNameW

advapi32

SetSecurityDescriptorDacl
InitializeSecurityDescriptor
LookupAccountNameW
RegQueryValueExW
RegOpenKeyExW
GetAce
GetAclInformation
AddAccessAllowedAce
InitializeAcl
GetLengthSid
RegCloseKey
AddAce

ole32

CoUninitialize
CoLockObjectExternal
CoCreateInstance
CoInitialize

oleaut32

SafeArrayGetDim
LoadRegTypeLi
SafeArrayAccessData
SafeArrayUnaccessData
UnRegisterTypeLi
VariantInit
VariantCopy
VariantClear
SysFreeString
SysStringLen
SysAllocStringLen
SysAllocString
RegisterActiveObject
SafeArrayCreate
VariantChangeType

psapi

EnumProcessModules
GetModuleFileNameExW

fwutilbase

ord225
ord232

msvcr80

fseek
_wfopen
wcschr
wcsncmp
wcslen
wcsncpy
wcstol
wcsncpy_s
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
_wcsicmp
wcsrchr
memcmp
wcscat
_swprintf
wcscpy
_wcsupr
memcpy
ftell
fread
fwrite
_vswprintf_c_l
wcscat_s
wcscpy_s
swprintf_s
_snwprintf_s
_snwprintf
_unlock
__dllonexit
__CxxFrameHandler3
_encode_pointer
_lock
_onexit
_decode_pointer
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
??_U@YAPAXI@Z
malloc
_initterm
_initterm_e
_configthreadlocale
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
?terminate@@YAXXZ
_crt_debugger_hook
_except_handler4_common
_invoke_watson
_controlfp_s
realloc
_purecall
??_V@YAXPAX@Z
free
_wtoi
??3@YAXPAX@Z
??2@YAPAXI@Z
memset
wcscmp
?_type_info_dtor_internal_method@type_info@@QAEXXZ
fclose
__setusermatherr

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

shell32

SHGetFolderPathW

Sections

.text
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 652KB - Virtual size: 651KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

60ed9d0fb00b3a793e9b2394c0ac137b

Headers

File Characteristics

Imports

msvfw32

fwatl

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

psapi

fwutilbase

msvcr80

version

shell32

Sections

.text Size: 52KB - Virtual size: 48KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 4KB - Virtual size: 131KB

.rsrc Size: 652KB - Virtual size: 651KB

.text
Size: 52KB - Virtual size: 48KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 4KB - Virtual size: 131KB

.rsrc
Size: 652KB - Virtual size: 651KB