571c420ae06b64b3a2b4a04ee60505a69c133de55e469266638543718f5d072e

Sharing

Copy URL Twitter E-mail

General

Target

571c420ae06b64b3a2b4a04ee60505a69c133de55e469266638543718f5d072e
Size

1013KB
MD5

29435233b31af91df6ad417bc62908f5
SHA1

9b8b7338709887a6fc490cd2857e58e25d63cac8
SHA256

571c420ae06b64b3a2b4a04ee60505a69c133de55e469266638543718f5d072e
SHA512

8b1b3ef8d403660f2a44d10177101971eccc9aa23435ab57c54f391399c0ed71856174c82c9fb184097817fb2e40facf8457cd6bfc9dfd0cc99d94f4d202be58
SSDEEP

12288:kydKimm510NAFvikd+3RVWY0vTT1RU3lHMbIwlIp:JdKimm513FvM3RVWvT7U9MbNe

Score

N/A

Malware Config

Signatures

Files

571c420ae06b64b3a2b4a04ee60505a69c133de55e469266638543718f5d072e
.exe windows x86

ee15d89cc6228ade8ab31ad8b54b0a69

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupFindFirstLineW
SetupCloseInfFile
SetupOpenInfFileW
CMP_WaitNoPendingInstallEvents
SetupGetFieldCount
SetupGetLineTextW
SetupDiOpenDevRegKey
SetupDiOpenDeviceInfoW
SetupDiCreateDeviceInfoList
SetupDiGetDeviceInstanceIdW
SetupDiGetDeviceRegistryPropertyW
SetupDiEnumDeviceInfo
SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList
SetupFindNextLine
SetupGetStringFieldW

iphlpapi

GetAdaptersInfo

kernel32

GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetDriveTypeW
RtlUnwind
ExitProcess
RaiseException
HeapReAlloc
ExitThread
CreateThread
HeapSize
VirtualProtect
VirtualAlloc
VirtualQuery
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetCurrentDirectoryA
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
EnumSystemLocalesA
IsValidLocale
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetDriveTypeA
CreateFileA
SetEnvironmentVariableA
SetEnvironmentVariableW
InterlockedCompareExchange
FreeLibrary
OutputDebugStringA
LoadLibraryW
GetLastError
GetProcAddress
Sleep
LoadLibraryExW
OutputDebugStringW
FindResourceW
GetSystemDirectoryW
SizeofResource
LockResource
LoadResource
GetModuleFileNameW
MultiByteToWideChar
GetFullPathNameW
GetCurrentThread
WideCharToMultiByte
GetCurrentProcess
CreateProcessW
WaitForSingleObject
GetExitCodeProcess
CloseHandle
GetModuleHandleW
FormatMessageW
LocalFree
InitializeCriticalSection
GetWindowsDirectoryW
DeleteFileW
GetLocalTime
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetUserDefaultLangID
GetSystemDefaultLangID
GetFileTime
GetFileAttributesW
FileTimeToLocalFileTime
SetErrorMode
GetVolumeInformationW
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
MoveFileW
FileTimeToSystemTime
GetThreadLocale
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalFlags
GetModuleHandleA
GlobalFindAtomW
CompareStringW
GetVersionExA
GetCurrentProcessId
WritePrivateProfileStringW
GlobalAddAtomW
CreateEventW
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
InterlockedDecrement
lstrlenA
lstrlenW
GlobalUnlock
FreeResource
GlobalDeleteAtom
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
GlobalLock
lstrcmpW
MulDiv
ReadFile
CreateFileW
GetTickCount
GetSystemInfo
FindClose
FindFirstFileW
GetProcessHeap
HeapAlloc
HeapFree
GlobalFree
GlobalAlloc
LoadLibraryA
GetSystemDirectoryA
VerifyVersionInfoW
VerSetConditionMask
SetLastError
GetUserDefaultLCID

user32

DestroyMenu
GetNextDlgGroupItem
InvalidateRgn
SetRect
IsRectEmpty
CopyAcceleratorTableW
CharNextW
CharUpperW
UnregisterClassW
GetSysColorBrush
EndPaint
BeginPaint
GetWindowDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
GetDlgItemTextW
CheckDlgButton
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetClassLongW
GetClassNameW
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetTopWindow
GetMessageTime
MapWindowPoints
UpdateWindow
GetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
GetDlgCtrlID
DefWindowProcW
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowThreadProcessId
GetLastActivePopup
GetWindow
SetWindowContextHelpId
MapDialogRect
GetMessageW
TranslateMessage
DispatchMessageW
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
GetMenuItemID
GetMenuItemCount
GetSubMenu
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetFocus
ModifyMenuW
RegisterClipboardFormatW
PostThreadMessageW
GetMenuState
EnableMenuItem
CheckMenuItem
GetClientRect
CopyRect
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
PostQuitMessage
SetPropW
GetParent
SetCursor
LoadCursorW
ReleaseCapture
PtInRect
ClientToScreen
SetCapture
InvalidateRect
GetCapture
RemovePropW
GetPropW
GetSysColor
SetProcessDefaultLayout
ReleaseDC
IsIconic
SetForegroundWindow
GetDC
KillTimer
SetTimer
GetWindowLongW
MessageBeep
EnableWindow
SendMessageW
LoadStringW
UnhookWindowsHookEx
MessageBoxW
SetWindowsHookExW
CallNextHookEx
SetWindowLongW
SetWindowPos
GetWindowRect
GetSystemMetrics
CallWindowProcW
LoadBitmapW
PostMessageW
GetMessagePos
UnregisterClassA

gdi32

GetMapMode
GetBkColor
GetTextColor
GetRgnBox
GetWindowExtEx
CreateFontW
CreateBrushIndirect
GetDeviceCaps
SetTextColor
DeleteObject
GetObjectW
CreateFontIndirectW
CreateRectRgnIndirect
CreateBitmap
GetClipBox
GetStockObject
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetViewportExtEx
SetBkColor
SaveDC
RestoreDC
SetBkMode
SetMapMode

comdlg32

GetFileTitleW

winspool.drv

EnumPrintersW
OpenPrinterW
ClosePrinter
AddPrinterW
AddPrintProcessorW
DocumentPropertiesW

advapi32

RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegCloseKey
RegQueryValueExW

shell32

ord680

shlwapi

PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathAppendW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CoTaskMemFree
CoCreateInstance
CoInitialize
CoTaskMemAlloc
CLSIDFromProgID
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CLSIDFromString

oleaut32

SysAllocString
OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
SysStringLen
SysFreeString
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
VariantCopy

ws2_32

WSAStartup
WSAGetLastError
inet_addr
htons
ntohs
WSAStringToAddressW
gethostname
WSASetLastError
WSAAddressToStringW
WSAEnumProtocolsW
gethostbyname
getservbyname
htonl
inet_ntoa
getservbyport
gethostbyaddr
WSACleanup

Sections

.text
Size: 412KB - Virtual size: 409KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 116KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 20KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 320KB - Virtual size: 317KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.grdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ee15d89cc6228ade8ab31ad8b54b0a69

Headers

File Characteristics

Imports

setupapi

iphlpapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

ws2_32

Sections

.text Size: 412KB - Virtual size: 409KB

.rdata Size: 116KB - Virtual size: 113KB

.data Size: 20KB - Virtual size: 41KB

.rsrc Size: 320KB - Virtual size: 317KB

.grdata Size: 68KB - Virtual size: 68KB

.text
Size: 412KB - Virtual size: 409KB

.rdata
Size: 116KB - Virtual size: 113KB

.data
Size: 20KB - Virtual size: 41KB

.rsrc
Size: 320KB - Virtual size: 317KB

.grdata
Size: 68KB - Virtual size: 68KB