9739af497b30e3ec01567f0bdabc625e3dad8e9b9bd3ae502e36f771397a8d3f

Sharing

Copy URL Twitter E-mail

General

Target

9739af497b30e3ec01567f0bdabc625e3dad8e9b9bd3ae502e36f771397a8d3f
Size

717KB
MD5

2aa141e3d2622368c89c203d01bca2c0
SHA1

294260e60f3227d5e59a55744d47f0995cd85477
SHA256

9739af497b30e3ec01567f0bdabc625e3dad8e9b9bd3ae502e36f771397a8d3f
SHA512

56b8b877a764adb4e6638582eb3acd3f9c777436c3773c9ccdac9cc3a5b0350cd27352eff2f9ab3b4aa009a1b992bace4a389e3b58546fa8469194da504f5e9c
SSDEEP

12288:Y7/HWpJOfFD+JcviZlxvgiMeZ2AEzBZXdTn8KHdo7cTZQ4gVQUDj1REx0Lw4oUXw:Y7/H8OfFDTviTKX+gdRTdgOMj1RYuPrM

Score

N/A

Malware Config

Signatures

Files

9739af497b30e3ec01567f0bdabc625e3dad8e9b9bd3ae502e36f771397a8d3f
.exe windows x86

c5fdb8041fe18759b47fce060ab8bb51

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
GlobalFree
GlobalReAlloc
GlobalAlloc
DeleteFileA
GetVersionExW
GetLocalTime
WideCharToMultiByte
lstrlenA
GetTempFileNameW
GetTempPathW
GetProcessTimes
Process32NextW
CreateToolhelp32Snapshot
DuplicateHandle
GetCurrentThread
GetTickCount
SetUnhandledExceptionFilter
CreateDirectoryW
SetCurrentDirectoryW
GetCurrentDirectoryW
Process32FirstW
GetPrivateProfileStringW
ReadFile
GetFileSize
Sleep
CopyFileW
WritePrivateProfileStringW
WriteFile
MoveFileW
MoveFileExW
CreateThread
GetUserDefaultLangID
WaitForSingleObject
SetFilePointer
SetEndOfFile
GetFileSizeEx
SetErrorMode
RemoveDirectoryW
GetModuleFileNameW
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetDriveTypeA
GetTimeZoneInformation
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
GetLocaleInfoA
GetStringTypeW
MultiByteToWideChar
LCMapStringA
InitializeCriticalSectionAndSpinCount
GetCurrentDirectoryA
GetFullPathNameW
LCMapStringW
GetModuleHandleA
GetConsoleMode
GetConsoleCP
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
QueryPerformanceCounter
HeapCreate
GetStartupInfoA
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
ExitProcess
ExitThread
GetDriveTypeW
FileTimeToLocalFileTime
FileTimeToSystemTime
RtlUnwind
IsDebuggerPresent
UnhandledExceptionFilter
GetStartupInfoW
lstrcmpiA
lstrcmpA
GetFileType
SystemTimeToFileTime
LocalFileTimeToFileTime
GetEnvironmentVariableW
SetEnvironmentVariableW
TlsFree
TlsAlloc
OpenThread
TlsSetValue
TlsGetValue
SetFilePointerEx
OutputDebugStringW
FormatMessageW
GetSystemTime
LocalFree
CreateFileA
GetSystemTimeAsFileTime
HeapSize
HeapReAlloc
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
SetLastError
ReleaseMutex
lstrcmpiW
InterlockedDecrement
InterlockedIncrement
lstrlenW
GetCurrentThreadId
FreeResource
FreeLibrary
GetFileAttributesW
GetCurrentProcessId
CreateFileW
DeviceIoControl
LoadLibraryExW
GetCurrentProcess
FlushInstructionCache
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
FindClose
LeaveCriticalSection
EnterCriticalSection
RaiseException
InterlockedExchange
GetModuleHandleW
LoadLibraryW
GetProcAddress
CreateMutexW
GetLastError
OpenProcess
TerminateProcess
CloseHandle
FindFirstFileW
DeleteFileW
FindNextFileW
GetStringTypeA

user32

SetDlgItemTextW
GetWindowTextLengthW
MoveWindow
IsWindowEnabled
EnableWindow
PostMessageW
SetForegroundWindow
ShowWindow
UnregisterClassA
GetWindowThreadProcessId
IsHungAppWindow
FindWindowW
SetWindowLongW
GetClassInfoExW
LoadCursorW
DispatchMessageW
TranslateMessage
GetMessageW
PeekMessageW
LoadImageW
CharNextW
ReleaseDC
GetDC
DestroyWindow
RegisterClassExW
CreateWindowExW
LockSetForegroundWindow
DefWindowProcW
SendMessageW
GetWindowLongW
SetWindowTextW
SetWindowPos
GetClientRect
EnableScrollBar
GetWindowTextW
IsDlgButtonChecked
GetDlgItemTextW
CheckDlgButton
GetSystemMenu
DeleteMenu
DialogBoxParamW
TrackPopupMenu
MonitorFromPoint
AppendMenuW
DestroyMenu
CreatePopupMenu
SendMessageTimeoutW
DestroyIcon
SetFocus
IsWindowVisible
TrackMouseEvent
GetDlgCtrlID
SetWindowRgn
SetCursor
EndDialog
GetClassLongW
SetTimer
EndPaint
BeginPaint
KillTimer
GetCursorPos
ScreenToClient
OffsetRect
InvalidateRect
UpdateWindow
ReleaseCapture
GetCapture
SetCapture
CallWindowProcW
GetDlgItem
IntersectRect
PtInRect
GetActiveWindow
PostQuitMessage
DialogBoxIndirectParamW
DrawTextW
SetRect
FillRect
FrameRect
DrawIconEx
WindowFromPoint
GetAsyncKeyState
MessageBoxW
SystemParametersInfoW
GetParent
GetWindow
GetWindowRect
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
IsWindow
IsChild
RedrawWindow

gdi32

SetTextColor
GetTextExtentPoint32W
GetStockObject
SetViewportOrgEx
CreateFontIndirectW
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
GetTextColor
SetStretchBltMode
StretchBlt
DeleteObject
GetObjectW
IntersectClipRect
CreateRectRgn
CombineRgn
CreateRoundRectRgn
SetBkMode
ExcludeClipRect
BitBlt
OffsetViewportOrgEx
GetClipBox
TextOutW
DeleteDC

advapi32

RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyExA
RegQueryValueExA
RegOpenKeyW
RegQueryValueExW
RegEnumKeyExW
RegOpenKeyExA

shell32

SHGetFolderPathW
Shell_NotifyIconW
ExtractIconExW
ShellExecuteW
SHGetSpecialFolderPathW

ole32

CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoInitialize
CLSIDFromProgID
CoCreateInstance

oleaut32

VariantClear
SysStringByteLen
SysAllocStringByteLen
SysStringLen
VariantInit
VarUI4FromStr
SysAllocString
SysFreeString

shlwapi

PathCombineW
PathAppendW
PathFindFileNameW
PathIsRelativeW
SHGetValueW
wvnsprintfW
PathFileExistsW
SHGetValueA
SHSetValueA
PathRemoveFileSpecW

comctl32

ImageList_Create
InitCommonControlsEx
ImageList_Destroy

msimg32

AlphaBlend

psapi

GetProcessMemoryInfo
EnumProcessModules
GetModuleFileNameExW

version

VerQueryValueA
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

ws2_32

socket
ioctlsocket
setsockopt
htonl
gethostbyname
bind
WSAStartup
recvfrom
closesocket
sendto
inet_addr
htons

wininet

HttpSendRequestW
InternetSetOptionW
InternetReadFile
InternetQueryOptionW
HttpOpenRequestW
InternetCloseHandle
InternetConnectW
InternetOpenW
HttpQueryInfoW

netapi32

Netbios

Sections

.text
Size: 388KB - Virtual size: 388KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 244KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c5fdb8041fe18759b47fce060ab8bb51

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msimg32

psapi

version

ws2_32

wininet

netapi32

Sections

.text Size: 388KB - Virtual size: 388KB

.rdata Size: 60KB - Virtual size: 60KB

.data Size: 16KB - Virtual size: 29KB

.rsrc Size: 244KB - Virtual size: 244KB

.text
Size: 388KB - Virtual size: 388KB

.rdata
Size: 60KB - Virtual size: 60KB

.data
Size: 16KB - Virtual size: 29KB

.rsrc
Size: 244KB - Virtual size: 244KB