dd01fb79fe3701aabfd3279bded823b1fbaa91004993a58d6e6682ed0b678504

Sharing

Copy URL Twitter E-mail

General

Target

dd01fb79fe3701aabfd3279bded823b1fbaa91004993a58d6e6682ed0b678504
Size

1.5MB
MD5

0111204496bbd25036d1b2cbb9ae91f0
SHA1

8ee182236a56eec9f56b3da6e1f71edef857ffc3
SHA256

dd01fb79fe3701aabfd3279bded823b1fbaa91004993a58d6e6682ed0b678504
SHA512

504cb5ce255a9ed3f83de4bc3c9adafd4771ab760949dfa95742ee424609e6764ec51d143fd80dc6e98b04976038b6da4c6a1f13b6dc8c27c781fc53b3281324
SSDEEP

24576:pjyEaJzmKchZjvhwHZ4B/M8Sd8MryONjrLytSNG8YqB7mktcHd64O8TBcjGAdjPr:kEFKc/6HiVSdJryONjrLYS1BC9HvO8Tk

Score

N/A

Malware Config

Signatures

Files

dd01fb79fe3701aabfd3279bded823b1fbaa91004993a58d6e6682ed0b678504
.exe windows x86

19a482a976cce74ca9e7fd3c9f5a4c54

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryPerformanceFrequency
GetQueuedCompletionStatus
TransactNamedPipe
CreateIoCompletionPort
WaitNamedPipeW
SetNamedPipeHandleState
FindResourceW
LoadResource
LoadLibraryExW
SizeofResource
LockResource
InitializeCriticalSection
SetFilePointer
WriteFile
GlobalAlloc
FormatMessageW
GetModuleFileNameW
CreateFileW
ExitThread
GetLastError
SetLastError
GlobalFree
CreateEventW
WaitForMultipleObjects
DuplicateHandle
LocalFree
CreateThread
WideCharToMultiByte
MultiByteToWideChar
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
GetCommandLineW
LoadLibraryW
GetTempPathW
Process32FirstW
Process32NextW
CreateToolhelp32Snapshot
GetCurrentProcessId
InterlockedIncrement
InterlockedCompareExchange
SystemTimeToFileTime
MoveFileExW
WaitForSingleObject
SetFileTime
FileTimeToSystemTime
GetFileTime
DeleteFileW
SetFileAttributesW
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
FindFirstFileW
FindClose
LocalAlloc
FindNextFileW
GetSystemDirectoryW
RemoveDirectoryW
CreateMutexW
OpenMutexW
ReleaseMutex
GetFileSize
ReadFile
FlushFileBuffers
GetTickCount
VirtualQuery
SetUnhandledExceptionFilter
OutputDebugStringW
GetCurrentThread
IsBadWritePtr
GetLocalTime
lstrcatW
lstrcpyW
GlobalLock
GlobalUnlock
GlobalReAlloc
GlobalHandle
CreateFileA
CreateFileMappingA
OpenFileMappingA
GetWindowsDirectoryA
DeleteFileA
SetEvent
ResetEvent
HeapAlloc
HeapFree
GetProcessHeap
GetTimeZoneInformation
HeapReAlloc
GetStartupInfoW
FileTimeToLocalFileTime
GetDriveTypeW
ResumeThread
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedDecrement
UnhandledExceptionFilter
RtlUnwind
GetDriveTypeA
FindFirstFileA
GetFileType
TerminateProcess
IsDebuggerPresent
RaiseException
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
Module32NextW
ExitProcess
HeapCreate
VirtualFree
VirtualAlloc
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
QueryPerformanceCounter
GetFullPathNameW
GetCurrentDirectoryA
LCMapStringA
LCMapStringW
GetModuleHandleA
GetFullPathNameA
SetStdHandle
GetConsoleCP
GetConsoleMode
SetEndOfFile
InterlockedExchange
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetLocaleInfoA
FreeLibrary
LoadLibraryA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
CompareStringW
SetEnvironmentVariableA
OpenEventW
GetSystemTimeAsFileTime
CreateDirectoryW
GetCurrentProcess
GetSystemInfo
GetProcAddress
GetModuleHandleW
CloseHandle
GetCurrentThreadId
CopyFileW
Sleep
CreateProcessW
Module32FirstW
GetExitCodeProcess
HeapSize

user32

SetCursor
EndPaint
InflateRect
DrawTextW
LoadImageW
GetDesktopWindow
InvalidateRect
GetClientRect
CreateDialogParamW
CheckDlgButton
EndDialog
DialogBoxParamW
MonitorFromRect
EnableWindow
CloseWindow
AdjustWindowRectEx
SetLayeredWindowAttributes
SetFocus
DrawIconEx
ScreenToClient
GetMessageW
PostQuitMessage
KillTimer
LoadCursorW
PtInRect
TranslateMessage
SetWindowRgn
SetWindowPos
DispatchMessageW
wvsprintfW
GetSystemMetrics
MessageBoxW
MonitorFromPoint
FillRect
SetCapture
SubtractRect
BeginPaint
GetAsyncKeyState
IntersectRect
SetTimer
EnumThreadWindows
DefWindowProcW
SendMessageW
CreateWindowExW
SetWindowLongW
GetClassNameW
GetWindowLongW
RegisterClassExW
FindWindowW
RedrawWindow
GetCursorPos
ShowWindow
GetParent
SetForegroundWindow
PostMessageW
keybd_event
GetCursor
ReleaseCapture
IsWindowVisible
DestroyWindow
SetWindowTextW
IsDlgButtonChecked
GetDlgItem
GetDC
GetForegroundWindow
LoadKeyboardLayoutW
SystemParametersInfoW
GetKeyboardLayoutList
GetMonitorInfoW
MoveWindow
OffsetRect
SetRect
SetCursorPos
GetWindowRect
UpdateLayeredWindow
ReleaseDC

gdi32

StretchBlt
CreateFontIndirectW
SetBkMode
SetTextColor
CreateCompatibleDC
CreateCompatibleBitmap
GetTextExtentPointW
SelectObject
DeleteDC
SelectClipRgn
CreateDIBSection
GetObjectW
GetTextExtentExPointW
CreateRectRgn
RestoreDC
FillPath
EndPath
SaveDC
AngleArc
CreateSolidBrush
CreatePen
GetFontData
MoveToEx
BitBlt
LineTo
ExtCreateRegion
CombineRgn
Rectangle
GetPixel
BeginPath
GetStockObject
DeleteObject
SetViewportOrgEx
GetTextExtentPoint32W
GetTextMetricsW
GetCharABCWidthsFloatW
OffsetRgn

comdlg32

GetSaveFileNameW

advapi32

RegQueryValueW
AddAccessAllowedAceEx
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetNamedSecurityInfoW
GetNamedSecurityInfoW
InitializeAcl
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityInfo
SetEntriesInAclW
GetSidLengthRequired
GetSecurityDescriptorSacl
BuildExplicitAccessWithNameW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegEnumValueW
RegDeleteKeyW
RegCreateKeyExW
GetTokenInformation
OpenProcessToken
RegQueryInfoKeyW
LookupAccountSidW
RegOpenKeyW

ole32

CoInitializeEx
OleSetContainedObject
OleCreate
CoInitializeSecurity
CoUninitialize
CoCreateInstance
CoInitialize
OleInitialize

oleaut32

VariantInit
SysAllocString
SysFreeString
VariantClear

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

msimg32

TransparentBlt
GradientFill
AlphaBlend

wininet

HttpSendRequestW
InternetQueryOptionW
HttpOpenRequestW
InternetConnectW
InternetSetOptionW
InternetOpenW
InternetOpenUrlW
InternetReadFile
HttpQueryInfoW
InternetCloseHandle
InternetCanonicalizeUrlW

shell32

SHGetFolderPathW
SHFileOperationW
ShellExecuteExW
ShellExecuteW

comctl32

InitCommonControlsEx

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 294KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 25KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SogouIn
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 106KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

19a482a976cce74ca9e7fd3c9f5a4c54

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

version

msimg32

wininet

shell32

comctl32

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.rdata Size: 294KB - Virtual size: 294KB

.data Size: 25KB - Virtual size: 58KB

.SogouIn Size: 12KB - Virtual size: 11KB

.rsrc Size: 106KB - Virtual size: 108KB

.text
Size: 1.0MB - Virtual size: 1.0MB

.rdata
Size: 294KB - Virtual size: 294KB

.data
Size: 25KB - Virtual size: 58KB

.SogouIn
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 106KB - Virtual size: 108KB