ad6b609c52a26eb74a9af2cd5e14ab57e9c216e3c72f05edb32850fa6d58886b

Sharing

Copy URL Twitter E-mail

General

Target

ad6b609c52a26eb74a9af2cd5e14ab57e9c216e3c72f05edb32850fa6d58886b
Size

397KB
MD5

007dcc08f1e444be1b3a832fc09719e6
SHA1

f5b06d10ba2df5ae31c50f3e68fe12f75249571d
SHA256

ad6b609c52a26eb74a9af2cd5e14ab57e9c216e3c72f05edb32850fa6d58886b
SHA512

4debb158f16398498a4226176bd7508ec1dd325b3a169b9b2004a5c8adf7acc1df70191288682b71326ddfc0572e25cdb74108744ac1017b6201162910302a9f
SSDEEP

6144:ldmIElMpL+dW6th2VpoHxTWIhxKlLOUuNryMM4x/tCz+Zayr7w0sBl:ldmIESpLgWeepop9hxKMTM4x3nsj

Score

N/A

Malware Config

Signatures

Files

ad6b609c52a26eb74a9af2cd5e14ab57e9c216e3c72f05edb32850fa6d58886b
.exe windows x86

b70a3aff13de893e3b289b4329c477a4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoW
ExitProcess
RtlUnwind
GetModuleFileNameA
HeapAlloc
HeapFree
HeapReAlloc
TerminateProcess
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
DebugBreak
LCMapStringA
LCMapStringW
IsBadWritePtr
GetTimeZoneInformation
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetStringTypeA
GetStringTypeW
GetProcessHeap
CompareStringA
CompareStringW
SetEnvironmentVariableA
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
GlobalFlags
GetFileTime
GetFileAttributesW
SetErrorMode
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetCurrentThread
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
GetLocaleInfoW
InterlockedDecrement
MulDiv
FormatMessageW
LocalFree
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
lstrlenA
GetModuleHandleA
LoadLibraryA
lstrcatW
lstrcmpW
GetModuleHandleW
GetVersionExA
GlobalLock
GlobalUnlock
FreeResource
GetFullPathNameW
lstrcpyW
lstrcpynW
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
ReadFile
lstrcmpiW
lstrlenW
GetSystemDirectoryW
GetVolumeInformationW
LoadLibraryW
GetProcAddress
FreeLibrary
GlobalFree
GlobalAlloc
SetLastError
WaitForMultipleObjects
CreateThread
GetExitCodeThread
TerminateThread
GetTempPathW
CopyFileW
WinExec
WritePrivateProfileStringW
ReleaseMutex
CreateMutexW
DeleteFileW
MoveFileW
Sleep
SystemTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetLastError
GetPrivateProfileIntW
FindFirstFileW
FindClose
DeviceIoControl
WideCharToMultiByte
MultiByteToWideChar
CreateDirectoryW
CloseHandle
FlushFileBuffers
SetFilePointer
WriteFile
CreateFileW
GetTickCount
FindResourceW
LoadResource
LockResource
SizeofResource
GetModuleFileNameW
GetPrivateProfileStringW
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
HeapCreate
InterlockedExchange

user32

MessageBeep
GetNextDlgGroupItem
InvalidateRgn
InvalidateRect
CopyAcceleratorTableW
SetRect
IsRectEmpty
CharNextW
ReleaseCapture
SetCapture
DestroyMenu
LoadCursorW
GetSysColorBrush
SetWindowContextHelpId
MapDialogRect
GetMessageW
TranslateMessage
GetCursorPos
ValidateRect
SetCursor
PostQuitMessage
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
SetMenuItemBitmaps
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapW
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
RegisterWindowMessageW
WinHelpW
GetCapture
CreateWindowExW
SetWindowsHookExW
CallNextHookEx
GetClassInfoExW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SendDlgItemMessageW
SendDlgItemMessageA
GetFocus
SetFocus
IsChild
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
MessageBoxW
GetKeyState
UpdateWindow
GetClientRect
GetMenu
PostMessageW
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetSysColor
AdjustWindowRectEx
EqualRect
GetClassInfoW
RegisterClassW
UnregisterClassW
PostThreadMessageW
RegisterClipboardFormatW
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
CopyRect
PtInRect
GetWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
wsprintfW
CharUpperW
GetSystemMetrics
SetWindowPos
KillTimer
SetTimer
SetForegroundWindow
IsWindowVisible
SendMessageW
GetWindowLongW
SetWindowLongW
LoadIconW
EnableWindow
FindWindowW
GetDesktopWindow
GetWindowRect
GetClassLongW

gdi32

ExtTextOutW
CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
TextOutW
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject
GetStockObject
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
CreateFontW
SetMapMode
RestoreDC
SaveDC
GetDeviceCaps
CreateBitmap
GetObjectW
SetBkColor
SetTextColor
GetClipBox
Escape

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegOpenKeyW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW
RegCreateKeyExW
RegCloseKey

shell32

Shell_NotifyIconW
SHGetSpecialFolderPathW

comctl32

ord17

shlwapi

PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathFileExistsW
PathFindFileNameW

oledlg

OleUIBusyW

ole32

CoTaskMemAlloc
CoTaskMemFree
CoRegisterMessageFilter
OleFlushClipboard
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize

oleaut32

OleCreateFontIndirect
SysAllocString
SystemTimeToVariantTime
SafeArrayDestroy
VariantCopy
SysStringLen
SysFreeString
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen

urlmon

URLDownloadToFileW

wininet

InternetOpenW
InternetCloseHandle
InternetSetFilePointer
InternetReadFile
InternetOpenUrlW
HttpQueryInfoW

Sections

.text
Size: 220KB - Virtual size: 217KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b70a3aff13de893e3b289b4329c477a4

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

urlmon

wininet

Sections

.text Size: 220KB - Virtual size: 217KB

.rdata Size: 52KB - Virtual size: 51KB

.data Size: 12KB - Virtual size: 23KB

.rsrc Size: 104KB - Virtual size: 104KB

.text
Size: 220KB - Virtual size: 217KB

.rdata
Size: 52KB - Virtual size: 51KB

.data
Size: 12KB - Virtual size: 23KB

.rsrc
Size: 104KB - Virtual size: 104KB