7217d219132519fab981a28f7b6e59ab864ae2044624cf369852f60b6a168031

Sharing

Copy URL

Twitter E-mail

General

Target

7217d219132519fab981a28f7b6e59ab864ae2044624cf369852f60b6a168031
Size

1.4MB
MD5

1517d03ce13976eb47b5c2deaa46c920
SHA1

30bd6cf091e506efdbb3d0f80fcf8f7e5d731126
SHA256

7217d219132519fab981a28f7b6e59ab864ae2044624cf369852f60b6a168031
SHA512

78bc41adc7a17e469006c1f5a8a18e520d5a33f392747345c77547f3103b3b30ebd9f261b6f8b03f9073858ac8d2037ab6f400ae8026078b645754f1800ac730
SSDEEP

24576:NnlLEC08YKaYmSY3/wMC1BhUowRcfX5rvY5ZpDce3a7sDaM6yJSN32xoDumlZpxc:NnN+oaYhE/khFgFDce3a7sDaM6yJSN3u

Score

N/A

Malware Config

Signatures

Files

7217d219132519fab981a28f7b6e59ab864ae2044624cf369852f60b6a168031
.exe windows x86

3de0694757984ed749f6484b1cbd20bf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Remove
ord8
ImageList_GetImageCount
FlatSB_SetScrollProp
InitCommonControlsEx
ImageList_Draw
CreatePropertySheetPageW
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_GetIconSize
PropertySheetW
DestroyPropertySheetPage
ImageList_EndDrag
ImageList_DragMove
ImageList_BeginDrag
ImageList_DragLeave
ImageList_DragEnter
ImageList_Destroy
ImageList_DragShowNolock
ImageList_Create
ImageList_AddMasked
ImageList_LoadImageW
_TrackMouseEvent

winmm

waveOutClose
waveOutGetDevCapsW
waveOutWrite
waveOutPause
waveOutGetVolume
waveOutGetPosition
timeGetTime
waveOutPrepareHeader
waveOutOpen
waveOutUnprepareHeader
waveOutSetVolume
waveOutReset
waveOutRestart
waveOutGetNumDevs

wininet

InternetGetCookieW
InternetReadFile
HttpQueryInfoW
InternetSetOptionW
InternetReadFileExA
InternetCloseHandle
HttpOpenRequestW
InternetSetStatusCallbackW
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetConnectW
HttpSendRequestW
InternetCrackUrlW
InternetOpenW

msvcrt

__wgetmainargs
_wcmdln
exit
_XcptFilter
_exit
??1type_info@@UAE@XZ
_onexit
_stricmp
_itoa
_wcsupr
_wmkdir
fflush
fwrite
fread
ftell
fseek
fclose
_wfopen
_strnicmp
_endthreadex
_errno
_wsplitpath
_initterm
_mbsupr
_ultoa
_strlwr
_snprintf
isalpha
isalnum
log10
strstr
remove
_CxxThrowException
isspace
isdigit
strpbrk
strncmp
strncpy
toupper
strcat
__CxxFrameHandler
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_itow
_controlfp
sin
towupper
tan
atof
wcsncat
_ui64toa
_except_handler3
?terminate@@YAXXZ
__dllonexit
memcpy
wcschr
wcscat
sscanf
memmove
free
malloc
strlen
wcslen
wcsrchr
_clearfp
memset
??3@YAXPAX@Z
realloc
wcscmp
wcscpy
labs
memcmp
wcsncpy
cos
sqrt
_mbschr
fabs
wcspbrk
swprintf
strcpy
sprintf
_wcsdup
log
pow
isleadbyte
iswalnum
time
srand
rand
swscanf
_mbsinc
floor
strchr
strcmp
_mbsicmp
_wcslwr
vsprintf
_mbslwr
_mbsstr
_mbscmp
atoi
calloc
_wtoi
_wcsnicmp
iswspace
strrchr
wcsstr
vswprintf
wcsncmp
_beginthreadex
_wcsicmp
??2@YAPAXI@Z
abs
_purecall

kernel32

SetFileAttributesA
lstrcpyA
lstrcatA
SearchPathW
QueryPerformanceCounter
FlushFileBuffers
SetEndOfFile
SetFileTime
GetFileTime
GetFileType
CreateFileA
GetStdHandle
IsDBCSLeadByte
GetCPInfo
LocalFileTimeToFileTime
GetLocaleInfoA
GetDriveTypeW
FindResourceW
LoadResource
InterlockedIncrement
InterlockedDecrement
GetLogicalDriveStringsW
CreateDirectoryW
InitializeCriticalSection
WideCharToMultiByte
SizeofResource
GetVersionExW
GetFileAttributesW
GetModuleFileNameW
GetACP
lstrlenW
RaiseException
InterlockedExchange
GetLastError
GetThreadLocale
LockResource
DeleteCriticalSection
GetWindowsDirectoryW
SetErrorMode
HeapAlloc
GetCurrentProcess
HeapFree
GlobalLock
GetModuleHandleW
GetTickCount
GetProcessHeap
GlobalAlloc
LoadLibraryW
Sleep
LeaveCriticalSection
MulDiv
lstrcmpW
MultiByteToWideChar
GlobalUnlock
FlushInstructionCache
GetProcAddress
EnterCriticalSection
GlobalFree
GetCurrentThreadId
GetCurrentProcessId
lstrcpyW
WaitForSingleObject
SetEvent
VirtualFree
TlsSetValue
TerminateThread
VirtualAlloc
ResetEvent
CreateEventW
GetSystemInfo
CloseHandle
DeleteFileW
SuspendThread
ResumeThread
ExitProcess
GetFileSize
SetFilePointer
TlsGetValue
MapViewOfFile
UnmapViewOfFile
FreeLibrary
CreateProcessW
SetUnhandledExceptionFilter
IsBadReadPtr
VirtualQueryEx
WriteFile
CreateFileW
CreateFileMappingW
GetModuleFileNameA
WaitForMultipleObjects
ReadDirectoryChangesW
GetOverlappedResult
DosDateTimeToFileTime
FindFirstFileW
CopyFileExW
FileTimeToSystemTime
ReadFile
FindClose
GetLocalTime
GetSystemTime
GetFullPathNameW
GetEnvironmentVariableW
SetEnvironmentVariableW
IsBadWritePtr
SetLastError
GetFileAttributesA
FindNextFileW
lstrcpynW
HeapReAlloc
FreeResource
GetCPInfoExW
EnumSystemCodePagesW
lstrcmpiW
EnumResourceLanguagesW
SetFileAttributesW
CreateThread
MoveFileW
LoadLibraryExW
CopyFileW
SetThreadPriority
SetCurrentDirectoryW
GetTempFileNameW
GetTempPathW
InterlockedExchangeAdd
CompareFileTime
InterlockedCompareExchange
GetThreadSelectorEntry
ReadProcessMemory
lstrlenA
GetCurrentThread
GetCommandLineA
TlsAlloc
TlsFree
SystemTimeToFileTime
FormatMessageW
FileTimeToLocalFileTime
LocalFree
LCMapStringW
GetStartupInfoW
VirtualQuery
GetVolumeInformationW
GetVersion
CreateFileMappingA
GetSystemTimeAsFileTime
FindFirstFileA
FindNextFileA
MoveFileA
GetVersionExA
CreateDirectoryA
DeviceIoControl
GetFullPathNameA
lstrcatW

user32

SetWindowsHookExW
UnhookWindowsHookEx
CloseClipboard
TranslateAcceleratorW
GetDlgItemInt
SetActiveWindow
SetParent
GetMenuItemInfoW
IsDialogMessageW
BringWindowToTop
EmptyClipboard
OpenClipboard
SetClipboardData
DrawFrameControl
MoveWindow
DrawTextA
ModifyMenuW
DestroyCursor
IsRectEmpty
GetSysColorBrush
GetDlgItemTextW
PostQuitMessage
EqualRect
DialogBoxIndirectParamW
MessageBeep
IsWindowEnabled
DrawFocusRect
LoadIconW
TrackPopupMenuEx
AppendMenuW
DrawStateW
EndDialog
SendDlgItemMessageW
LoadStringW
CheckDlgButton
CreatePopupMenu
FindWindowExW
IsDlgButtonChecked
AdjustWindowRectEx
FindWindowW
InvertRect
GetWindowDC
GetKeyState
DialogBoxParamW
OemToCharBuffW
DrawEdge
LockWindowUpdate
UnionRect
EnableMenuItem
FrameRect
GetActiveWindow
WindowFromDC
SetClassLongW
IntersectRect
CheckMenuRadioItem
GetMenuItemRect
CharLowerW
EnumWindows
GetClassLongW
ExitWindowsEx
WindowFromPoint
CallNextHookEx
OpenIcon
IsMenu
GetSystemMenu
InsertMenuItemW
GetMenuStringW
CheckRadioButton
GetKeyNameTextW
CharToOemBuffA
OemToCharBuffA
CharUpperA
CharLowerA
CharToOemA
OemToCharA
CopyRect
MapVirtualKeyW
DestroyIcon
CharNextA
GetSystemMetrics
SystemParametersInfoW
SetRect
OffsetRect
InflateRect
SetRectEmpty
UnregisterClassW
LoadImageW
RegisterWindowMessageW
GetWindow
GetWindowThreadProcessId
GetMessagePos
DefWindowProcW
CallWindowProcW
EndDeferWindowPos
ShowScrollBar
SetMenuDefaultItem
UpdateWindow
TrackPopupMenu
IsIconic
GetMenuItemID
GetSubMenu
DrawIconEx
SetForegroundWindow
DeleteMenu
GetIconInfo
SetCursorPos
LoadMenuW
GetMenuItemCount
InsertMenuW
DestroyMenu
SetMenuItemInfoW
CheckMenuItem
GetMessageA
GetMessageW
MsgWaitForMultipleObjects
TranslateMessage
PeekMessageW
IsWindowUnicode
SetWindowTextW
GetDlgCtrlID
EnableWindow
MapWindowPoints
SendMessageW
RegisterClipboardFormatW
IsWindowVisible
BeginDeferWindowPos
ReleaseCapture
MessageBoxW
DeferWindowPos
CreateWindowExW
IsWindow
ShowWindow
GetCursorPos
SetWindowPos
GetSysColor
GetDesktopWindow
RedrawWindow
GetWindowRgn
SetWindowLongW
GetDlgItem
ReleaseDC
GetClassNameW
GetWindowTextW
GetWindowLongW
InvalidateRect
RegisterClassExW
GetForegroundWindow
GetCapture
GetDC
wsprintfW
GetClassInfoExW
PtInRect
BeginPaint
SetFocus
CreateAcceleratorTableW
GetClientRect
LoadCursorW
SetDlgItemInt
InvalidateRgn
CreateCursor
GetParent
GetFocus
KillTimer
DrawTextW
PostMessageW
SetCapture
IsChild
FillRect
CharNextW
GetWindowRect
ScreenToClient
SetTimer
SetWindowRgn
DestroyAcceleratorTable
GetWindowTextLengthW
SetCursor
DestroyWindow
RegisterHotKey
MessageBoxA
ClientToScreen
EndPaint
DispatchMessageW
UnregisterHotKey
SetDlgItemTextW
DispatchMessageA
CreateDialogParamW
LoadBitmapW

gdi32

ExtTextOutW
CreateCompatibleBitmap
DPtoLP
CreateCompatibleDC
PtInRegion
SelectObject
DeleteObject
ExtCreateRegion
CreateBitmap
SetBkColor
GetDIBits
StretchBlt
GetDeviceCaps
CreateFontIndirectW
CreateDIBSection
SetTextColor
LPtoDP
SetDIBitsToDevice
BitBlt
SetWindowOrgEx
SelectClipRgn
GetCurrentObject
CreateBrushIndirect
CreatePen
CreatePatternBrush
Polygon
PatBlt
GetTextExtentPoint32W
GetWindowOrgEx
SetPixel
GetPixel
LineTo
MoveToEx
CreateRoundRectRgn
OffsetRgn
CombineRgn
CreateRectRgnIndirect
GetRegionData
ExcludeClipRect
SetBrushOrgEx
FrameRgn
GetTextMetricsW
SaveDC
RealizePalette
OffsetWindowOrgEx
StretchDIBits
SelectPalette
GetObjectW
SetStretchBltMode
CreateRectRgn
GetClipBox
IntersectClipRect
GetStockObject
RestoreDC
CreateSolidBrush
SetBkMode
DeleteDC

comdlg32

GetOpenFileNameW
GetSaveFileNameW
ChooseFontW
ChooseColorW

advapi32

RegOpenKeyExW
RegCloseKey
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumValueW
LookupPrivilegeValueA
SetFileSecurityA
SetFileSecurityW
RegEnumKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegQueryValueExW

shell32

SHGetPathFromIDListW
SHGetFolderPathW
ord155
ShellExecuteExW
SHAddToRecentDocs
SHGetFileInfoW
SHChangeNotify
Shell_NotifyIconW
DragQueryFileW
SHGetMalloc
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetDesktopFolder
SHGetSpecialFolderPathW
ExtractIconExW

ole32

CoFreeUnusedLibraries
CoCreateGuid
ProgIDFromCLSID
StringFromCLSID
CoTaskMemFree
CoCreateInstance
OleLockRunning
CLSIDFromProgID
CLSIDFromString
CreateStreamOnHGlobal
StringFromGUID2
OleInitialize
OleUninitialize
ReleaseStgMedium
OleDuplicateData
CoGetClassObject
CoTaskMemAlloc
CoUninitialize
CoInitialize
OleSetContainedObject
OleCreate
OleDraw
RevokeDragDrop
RegisterDragDrop
DoDragDrop
OleSetClipboard
OleGetClipboard
CoTaskMemRealloc

oleaut32

SysStringLen
VariantClear
SafeArrayCreateVector
SafeArrayAccessData
LoadTypeLi
VariantInit
SysAllocStringLen
SafeArrayUnaccessData
OleCreateFontIndirect
DispCallFunc
LoadRegTypeLi
OleLoadPicture
VarDateFromStr
VarI4FromStr
VarR8FromStr
VarDecCmp
VarDecFromStr
VarUI4FromStr
SysAllocString
SysStringByteLen
SysFreeString
GetErrorInfo
SafeArrayDestroy

ttpcomm

ord204
ord82
ord205
ord81
ord80
ord202
ord206
ord93
ord4
ord90
ord400
ord91
ord92
ord101
ord105
ord102
ord100
ord103
ord104
ord1
ord200
ord3
ord201
ord302
ord10
ord70
ord65
ord66
ord57
ord74
ord69
ord72
ord56
ord67
ord55
ord14
ord11
ord52
ord13
ord51
ord78
ord76
ord64
ord71
ord50
ord58
ord61
ord73
ord59
ord106
ord75
ord60
ord62
ord53
ord54
ord68
ord12
ord79

shlwapi

wnsprintfW

bdaucommon

?StartAutoUpdate@AU@@YAJH@Z
?GetAutoUpdateMessageID@AU@@YAIW4AuNotifyType@1@@Z
?InitAutoUpdate@AU@@YAJPAUHWND__@@PB_W11@Z
?UnInitAutoUpdate@AU@@YAJXZ
?InstallUpdate@AU@@YAJXZ

imagehlp

SymSetOptions
SymLoadModule
SymGetModuleInfo
SymInitialize
SymGetModuleBase
SymFunctionTableAccess
SymGetSymFromAddr
StackWalk
SymGetLineFromAddr

msvfw32

DrawDibDraw
DrawDibClose
DrawDibOpen

psapi

GetProcessMemoryInfo

ws2_32

gethostbyname
inet_ntoa
WSAStartup
gethostname
WSACleanup

iphlpapi

GetNetworkParams

msacm32

acmStreamUnprepareHeader
acmStreamClose
acmStreamPrepareHeader
acmStreamConvert
acmStreamOpen
acmStreamReset
acmStreamSize

Exports

Exports

CreateSoundBuffer
CreateStdContent
CreateStreamOnFile
CreateStreamOnInet
GetSoundCodecName
_set_security_error_handler

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 147KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 30KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 111KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3de0694757984ed749f6484b1cbd20bf

Headers

File Characteristics

Imports

comctl32

winmm

wininet

msvcrt

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

ttpcomm

shlwapi

bdaucommon

imagehlp

msvfw32

psapi

ws2_32

iphlpapi

msacm32

Exports

Exports

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 147KB - Virtual size: 147KB

.data Size: 30KB - Virtual size: 61KB

.rsrc Size: 111KB - Virtual size: 112KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 147KB - Virtual size: 147KB

.data
Size: 30KB - Virtual size: 61KB

.rsrc
Size: 111KB - Virtual size: 112KB