bd508b09eeb46d73d69454e1f1f8851989ac2651503bc93dc55a630dd55430a2

Sharing

Copy URL Twitter E-mail

General

Target

bd508b09eeb46d73d69454e1f1f8851989ac2651503bc93dc55a630dd55430a2
Size

826KB
MD5

20716471837c38f083a7b9c42d451390
SHA1

33378a293c32f088c2fa661ce6ba74c2a60c2f85
SHA256

bd508b09eeb46d73d69454e1f1f8851989ac2651503bc93dc55a630dd55430a2
SHA512

1e6591669b3596a69f1267b79861035a7b9dc014bb2a4328a276e623b822d0e91e140c91a2b2aeaedb623c8543dbd5e0dacb62b5d26f6b527fc6e2be2dfb43ec
SSDEEP

12288:oAaplda4omZ7u0BWe/yL4tnyXCoabL7K0MG7iIOTeJztVQ:UhZC0gIdl7K0PxQ

Score

N/A

Malware Config

Signatures

Files

bd508b09eeb46d73d69454e1f1f8851989ac2651503bc93dc55a630dd55430a2
.exe windows x86

4c23c4f0b1e179d7ed50086327e8c068

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

UuidFromStringW

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

gdiplus

GdiplusShutdown
GdipCloneBrush
GdipAlloc
GdipCreateFont
GdipDrawString
GdipSetTextRenderingHint
GdipCreateFromHDC
GdipCreateSolidFill
GdipDeleteFont
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipDeleteGraphics
GdipFree
GdiplusStartup
GdipDeleteBrush

nvexpbar

ord7
g_sEBI
CloseThemeData
OpenThemeData
DrawThemeParentBackground
IsThemeBackgroundPartiallyTransparent
DrawThemeText
GetThemeBackgroundContentRect
DrawThemeBackground
IsThemeActive
ord2
ord1
ord8

kernel32

GlobalFlags
FileTimeToSystemTime
SystemTimeToFileTime
FileTimeToLocalFileTime
LocalFileTimeToFileTime
SetErrorMode
GetPrivateProfileIntW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetCurrentDirectoryW
GetStartupInfoW
RtlUnwind
TlsFree
HeapReAlloc
GetSystemTimeAsFileTime
TerminateProcess
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentProcessId
GetTimeFormatA
GetDateFormatA
GetTimeZoneInformation
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadCodePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
GetTempPathW
GetProfileIntW
SearchPathW
GetTickCount
GetCurrentThread
lstrcmpA
lstrcmpiA
ConvertDefaultLocale
EnumResourceLanguagesW
GetVersion
GlobalGetAtomNameW
GetShortPathNameW
GetVolumeInformationW
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetStringTypeExW
DeleteFileW
MoveFileW
GlobalAlloc
GetDiskFreeSpaceW
GetFullPathNameW
GetTempFileNameW
GetFileTime
SetFileTime
GlobalFree
WideCharToMultiByte
GlobalLock
GlobalUnlock
SetLastError
FreeResource
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
lstrlenA
GetModuleHandleA
GetVersionExA
LoadLibraryA
FindResourceExW
GetModuleHandleExA
OpenMutexW
GetProcAddress
CreateMutexW
SetThreadLocale
GetSystemDirectoryW
ReleaseMutex
GetUserDefaultUILanguage
GetSystemDefaultLCID
FormatMessageW
LocalFree
GetLocalTime
CreateFileW
GetComputerNameW
CloseHandle
GetFileAttributesW
GetLocaleInfoW
lstrcmpW
FindFirstFileW
FindClose
lstrcatW
GetModuleHandleW
LoadLibraryExW
MultiByteToWideChar
GetModuleFileNameW
SizeofResource
LoadLibraryW
FreeLibrary
MulDiv
FindResourceW
LoadResource
LockResource
InterlockedDecrement
InterlockedIncrement
lstrcpynW
lstrcmpiW
HeapAlloc
GetProcessHeap
HeapFree
GetCurrentProcess
FlushInstructionCache
GetLastError
LeaveCriticalSection
EnterCriticalSection
lstrcpyW
lstrlenW
GetVersionExW
GetLocaleInfoA
GetACP
InterlockedExchange
GetCurrentThreadId
GetThreadLocale
DeleteCriticalSection
InitializeCriticalSection
RaiseException
ExitProcess

user32

SetWindowContextHelpId
RegisterClipboardFormatW
DestroyCursor
LockWindowUpdate
CopyAcceleratorTableW
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
PostThreadMessageW
CreateMenu
GetTabbedTextExtentA
GetMessageW
TranslateMessage
ValidateRect
GetActiveWindow
CreateDialogIndirectParamW
EndDialog
GetWindowDC
GrayStringW
DrawTextExW
TabbedTextOutW
SetMenuItemBitmaps
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
SetDlgItemTextW
GetCapture
GetClassInfoExW
SetPropW
GetPropW
RemovePropW
SendDlgItemMessageW
SendDlgItemMessageA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
ScrollWindow
MessageBoxW
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
GetMenu
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetClassInfoW
SetWindowPlacement
SystemParametersInfoA
GetWindowPlacement
DrawFocusRect
CallWindowProcW
BeginDeferWindowPos
EndDeferWindowPos
GetClassLongW
ReleaseCapture
SetCapture
GetDCEx
GetSystemMenu
SystemParametersInfoW
FillRect
LoadImageW
DrawIcon
SetFocus
MapDialogRect
SetParent
FindWindowW
IsIconic
SetForegroundWindow
SetWindowTextW
GetCursorPos
GetKeyState
OffsetRect
IsChild
InflateRect
DestroyMenu
LoadMenuIndirectW
GetMenuItemInfoW
DeleteMenu
WindowFromPoint
ScreenToClient
RegisterWindowMessageW
CharLowerW
IsWindowEnabled
GetClassNameW
CloseWindow
GetNextDlgTabItem
GetFocus
SetMenu
LoadMenuW
RemoveMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
AppendMenuW
CreatePopupMenu
EnumDisplaySettingsW
GetWindow
GetDesktopWindow
wsprintfW
CopyRect
GetWindowTextLengthW
GetWindowTextW
DrawTextW
RegisterClassW
DefWindowProcW
BeginPaint
EndPaint
IsRectEmpty
GetDlgCtrlID
LoadBitmapW
SendMessageW
GetWindowRect
InvalidateRect
EnableWindow
UnregisterClassW
PostMessageW
PtInRect
DrawFrameControl
SetWindowRgn
GetClientRect
IsWindowVisible
RedrawWindow
SetTimer
GetDlgItem
SetWindowPos
GetWindowLongW
IntersectRect
CreateWindowExW
GetParent
UpdateWindow
TrackMouseEvent
SetCursor
GetSystemMetrics
DestroyIcon
CreateDialogParamW
WinHelpW
GetDC
ReleaseDC
GetDialogBaseUnits
IsDialogMessageW
MoveWindow
ShowWindow
SetWindowLongW
ShowOwnedPopups
PostQuitMessage
IsZoomed
UnpackDDElParam
ReuseDDElParam
LoadAcceleratorsW
InsertMenuItemW
BringWindowToTop
CharNextW
DestroyWindow
LoadIconW
DrawIconEx
UnhookWindowsHookEx
LoadCursorW
GetSysColorBrush
RegisterClassExW
GetSysColor
SetWindowsHookExW
IsWindow
CallNextHookEx
ClientToScreen
KillTimer
TranslateAcceleratorW
SetRectEmpty
CharUpperW
GetMenuStringW
SetRect
InsertMenuW

gdi32

SetDIBitsToDevice
CreateDIBSection
LineTo
MoveToEx
SetTextAlign
SelectClipRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutW
Escape
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ExtSelectClipRgn
CreatePatternBrush
SetViewportOrgEx
CreatePen
CreateDCW
CreateRectRgnIndirect
SetRectRgn
CreateEllipticRgn
LPtoDP
Ellipse
StretchDIBits
GetCharWidthW
CreateFontW
SetAbortProc
AbortDoc
GetViewportOrgEx
Rectangle
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextExtentPoint32A
GetWindowOrgEx
IntersectClipRect
ExcludeClipRect
GetTextColor
EnumFontFamiliesW
ExtTextOutW
StartDocW
StartPage
EndPage
EndDoc
CreateCompatibleBitmap
OffsetWindowOrgEx
DeleteDC
GetClipBox
BitBlt
CreateCompatibleDC
SetBkMode
SetTextColor
GetTextFaceW
GetTextMetricsW
GetTextExtentPointW
DeleteObject
GetCurrentObject
GetDeviceCaps
FrameRgn
GetRgnBox
CombineRgn
CreateRoundRectRgn
CreatePolygonRgn
CreateRectRgn
GetObjectW
CreateFontIndirectW
CreateSolidBrush
GetTextExtentPoint32W
SelectObject
GetStockObject
SetStretchBltMode
SetROP2
SetPolyFillMode
RestoreDC
SaveDC
GetBkColor
DPtoLP
CreateBitmap
GetMapMode
SetMapMode
SetBkColor
PatBlt

msimg32

AlphaBlend

comdlg32

PrintDlgW
GetOpenFileNameW
GetSaveFileNameW
CommDlgExtendedError
GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW
GetJobW

advapi32

RegEnumKeyW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegQueryValueExW
RegEnumValueW
RegQueryValueExA
RegOpenKeyExA
SetFileSecurityW
RegCreateKeyW
RegQueryValueW
RegDeleteKeyW
RegOpenKeyW
RegSetValueW
GetFileSecurityW

shell32

ShellExecuteW
ShellExecuteExW
SHGetFileInfoW
DragFinish
DragQueryFileW
ExtractIconW
ExtractAssociatedIconW

comctl32

ImageList_ReplaceIcon
ImageList_Draw
ImageList_Add
ImageList_Create
ord17
ImageList_Destroy
ImageList_GetImageInfo

shlwapi

PathFindFileNameW
SHGetValueW
SHSetValueW
PathStripToRootW
PathIsUNCW
PathFindExtensionW

oledlg

OleUIBusyW

ole32

CoTaskMemRealloc
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromProgID
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
StringFromCLSID
StringFromGUID2
CoRegisterClassObject
CoRevokeClassObject
CLSIDFromString
CoGetMalloc
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance

oleaut32

SysFreeString
VarUI4FromStr
SysAllocString
SysAllocStringLen
SysStringLen
LoadRegTypeLi
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
VariantClear
VariantChangeType
VariantInit
VariantCopy
SafeArrayDestroy
SystemTimeToVariantTime
OleCreateFontIndirect

Sections

.text
Size: 400KB - Virtual size: 397KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 292KB - Virtual size: 292KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4c23c4f0b1e179d7ed50086327e8c068

Headers

File Characteristics

Imports

rpcrt4

version

gdiplus

nvexpbar

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 400KB - Virtual size: 397KB

.rdata Size: 108KB - Virtual size: 107KB

.data Size: 16KB - Virtual size: 28KB

.rsrc Size: 292KB - Virtual size: 292KB

.text
Size: 400KB - Virtual size: 397KB

.rdata
Size: 108KB - Virtual size: 107KB

.data
Size: 16KB - Virtual size: 28KB

.rsrc
Size: 292KB - Virtual size: 292KB