6fae81a8285c5d8c94702962a872b053e292d1256e0ebda4c7dced0d56a100ae

Sharing

Copy URL Twitter E-mail

General

Target

6fae81a8285c5d8c94702962a872b053e292d1256e0ebda4c7dced0d56a100ae
Size

912KB
MD5

1e23c55642a91aff423ba573f46a6700
SHA1

679cb7ab8ff34462f93b0ec0b4f8919abb3bc218
SHA256

6fae81a8285c5d8c94702962a872b053e292d1256e0ebda4c7dced0d56a100ae
SHA512

27d3efddc1fd0333042fe784dfaba8144882ed6e03ef74b178ffeaf29a8d0e404cad891a5bcb511f38a20409eed807c405fd306f9ab4cb46d3be38495309a918
SSDEEP

24576:Mh9zCUM5u+iNWITlnkKwetvlz28X/i/Hk7j577LlzRqY:M/zrMuTlkKtvlz28K/H0RqY

Score

N/A

Malware Config

Signatures

Files

6fae81a8285c5d8c94702962a872b053e292d1256e0ebda4c7dced0d56a100ae
.exe windows x86

636f3c76e030532f9fd5fbcf245a46be

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
InterlockedExchange
CompareStringA
GetLocaleInfoW
lstrcmpA
EnumResourceLanguagesW
ConvertDefaultLocale
GetCurrentThread
GetCurrentProcessId
SetErrorMode
GlobalFlags
GetStartupInfoW
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
HeapAlloc
HeapFree
HeapReAlloc
VirtualProtect
GetSystemInfo
VirtualQuery
HeapSize
SetStdHandle
GetModuleHandleA
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapCreate
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetCurrentDirectoryA
GetDriveTypeA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
GetCurrentThreadId
GlobalAddAtomW
GetProcessHeap
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
FreeResource
InterlockedIncrement
GetFileTime
GetFileSizeEx
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameW
GetVolumeInformationW
SetEndOfFile
UnlockFile
LockFile
SetFilePointer
GetThreadLocale
GlobalFree
FormatMessageW
LocalFree
MulDiv
SetLastError
CreateThread
lstrlenA
ExitProcess
GlobalAlloc
GlobalLock
GlobalUnlock
FlushFileBuffers
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringW
GetPrivateProfileStringW
InterlockedDecrement
CreateEventW
GetSystemDirectoryW
SetFilePointerEx
lstrlenW
SetEvent
Sleep
OutputDebugStringW
CreateFileMappingW
GetModuleHandleW
MapViewOfFile
UnmapViewOfFile
DuplicateHandle
CreateMutexW
GetCurrentProcess
OpenProcess
LoadLibraryW
GetProcAddress
CreateRemoteThread
WaitForSingleObject
WideCharToMultiByte
GetFileSize
ReadFile
GetModuleFileNameW
GetTempPathW
GetTickCount
GetTempFileNameW
VirtualAlloc
MoveFileExW
CreateFileW
WriteFile
VirtualFree
RemoveDirectoryW
FindFirstFileW
SetFileAttributesW
DeleteFileW
FindNextFileW
FindClose
CreateDirectoryW
GetFileAttributesW
Process32FirstW
Process32NextW
CreateToolhelp32Snapshot
Module32FirstW
GetLastError
CloseHandle
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FindResourceW
LoadResource
LockResource
GetFileType
SizeofResource

user32

DestroyMenu
UnregisterClassW
RegisterClipboardFormatW
GetSysColorBrush
GetMessageW
TranslateMessage
ValidateRect
PostQuitMessage
MessageBeep
GetNextDlgGroupItem
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
GetKeyState
SetMenu
SetForegroundWindow
UpdateWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
RegisterWindowMessageW
GetParent
SendMessageW
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
SetWindowContextHelpId
MapDialogRect
UnhookWindowsHookEx
ReleaseCapture
SetFocus
GetDesktopWindow
GetFocus
PostThreadMessageW
GetClassNameW
EnableWindow
LoadCursorW
LoadIconW
GetWindowThreadProcessId
CharNextW
GetShellWindow
PtInRect
GetCursorPos
SetCursor
PostMessageW
MessageBoxW
SetWindowLongW
GetWindowLongW
GetWindowRect
GetClientRect
SetWindowPos
SystemParametersInfoW
AdjustWindowRect
GetDC
LoadBitmapW
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
GetSystemMetrics
CharUpperW
CopyRect
IsRectEmpty
SetRect
CopyAcceleratorTableW
OffsetRect
SetCapture
InvalidateRgn
InvalidateRect
ReleaseDC
IsWindowEnabled
IsWindowVisible
EqualRect
IntersectRect
IsWindow

gdi32

ExtSelectClipRgn
GetStockObject
GetTextColor
GetMapMode
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetBkColor
CreateSolidBrush
GetWindowExtEx
GetViewportExtEx
SetMapMode
RestoreDC
SaveDC
CreateBitmap
GetObjectW
SetBkColor
SetTextColor
GetClipBox
GetRgnBox
CreateRectRgnIndirect
GetDeviceCaps
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
CreateDIBSection
DeleteObject
DeleteDC

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegOpenKeyExW
RegSetValueExW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
AdjustTokenPrivileges
RegOpenKeyW
RegCreateKeyExW
RegQueryValueExW
RegCloseKey
OpenProcessToken
LookupPrivilegeValueW

shell32

ShellExecuteW

shlwapi

PathFindExtensionW
PathFindFileNameW
UrlUnescapeW
PathStripToRootW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CoTaskMemFree
CoTaskMemAlloc
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoDisconnectObject
CLSIDFromProgID
CLSIDFromString
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

SysStringLen
SysFreeString
VariantTimeToSystemTime
SystemTimeToVariantTime
VariantClear
SafeArrayDestroy
SysAllocString
SysAllocStringLen
VariantChangeType
VariantInit
VariantCopy
OleCreateFontIndirect
LoadTypeLi
GetErrorInfo

gdiplus

GdipLoadImageFromFile
GdipLoadImageFromFileICM
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipCloneImage
GdipCreateFromHDC
GdipReleaseDC
GdipSetSmoothingMode
GdipDrawImageRectI
GdipAlloc
GdipFree
GdiplusStartup
GdiplusShutdown
GdipDeleteGraphics

ws2_32

ntohl

wininet

InternetOpenUrlW
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetOpenW
InternetGetLastResponseInfoW
InternetCloseHandle
InternetQueryOptionW
InternetCanonicalizeUrlW
InternetCrackUrlW
InternetQueryDataAvailable

Sections

.text
Size: 283KB - Virtual size: 282KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 502KB - Virtual size: 502KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 13KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 107KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

636f3c76e030532f9fd5fbcf245a46be

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

gdiplus

ws2_32

wininet

Sections

.text Size: 283KB - Virtual size: 282KB

.rdata Size: 502KB - Virtual size: 502KB

.data Size: 13KB - Virtual size: 32KB

.rsrc Size: 107KB - Virtual size: 108KB

.text
Size: 283KB - Virtual size: 282KB

.rdata
Size: 502KB - Virtual size: 502KB

.data
Size: 13KB - Virtual size: 32KB

.rsrc
Size: 107KB - Virtual size: 108KB