4419de377efd1cc8cd4a40ab194ae8363b4b54f91bcc70b76ff72db9f7e118cc

Sharing

Copy URL

Twitter E-mail

General

Target

4419de377efd1cc8cd4a40ab194ae8363b4b54f91bcc70b76ff72db9f7e118cc
Size

640KB
MD5

38d36183afc8d76d6ae2bcc0a86c6b60
SHA1

68753fb554f5e5ae96e45070fe8bfd0f95cb1235
SHA256

4419de377efd1cc8cd4a40ab194ae8363b4b54f91bcc70b76ff72db9f7e118cc
SHA512

1845b5d61616470bff68824644ca8d4290960fa7dccd06fad97713498fb938e34af260694ee3bce7f41f1d8949c2cd1b043fcefe1d63740e1423997835b58fa2
SSDEEP

12288:+wVeDyVflsxkHWziKXxLZuQIS28WUjBPFapl8ND:w2Blsxk2rXd6XqBPFoMD

Score

N/A

Malware Config

Signatures

Files

4419de377efd1cc8cd4a40ab194ae8363b4b54f91bcc70b76ff72db9f7e118cc
.exe windows x86

d0b2730e67c25d49a26a934fab607b26

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
FreeResource
GetLocaleInfoA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThread
GetFileAttributesA
GlobalFindAtomA
GetFileTime
GetTempFileNameA
GetFullPathNameA
GetDiskFreeSpaceA
InterlockedIncrement
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GetThreadLocale
SystemTimeToFileTime
GlobalFlags
GetCPInfo
GetOEMCP
GetCurrentDirectoryA
MoveFileA
DeleteFileA
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
GetVolumeInformationA
GetShortPathNameA
LocalFileTimeToFileTime
SetErrorMode
GetTickCount
RtlUnwind
HeapFree
GetSystemTimeAsFileTime
HeapAlloc
HeapReAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
ExitProcess
GetCommandLineA
GetProcessHeap
GetStartupInfoA
RaiseException
HeapSize
GetACP
IsValidCodePage
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
GetWindowsDirectoryA
GlobalDeleteAtom
lstrcmpW
GetCurrentProcessId
GlobalGetAtomNameA
GlobalAddAtomA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
InterlockedDecrement
GetModuleFileNameW
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
MulDiv
CreateMutexA
LocalAlloc
LocalFree
GetVersionExA
GetStringTypeExA
lstrcmpiA
CompareStringW
CompareStringA
MultiByteToWideChar
InterlockedExchange
GetVersion
GetSystemDefaultLangID
GetModuleFileNameA
FindFirstFileA
FindClose
GetSystemDirectoryA
lstrcpyA
lstrcatA
CreateProcessA
Sleep
lstrcmpA
ReadFile
CreateFileA
WriteFile
CloseHandle
SetLastError
GetModuleHandleA
GetLastError
LoadLibraryA
GetProcAddress
FreeLibrary
FileTimeToLocalFileTime
FileTimeToSystemTime
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
SetFileTime
lstrlenA

user32

BeginPaint
EndPaint
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamA
InflateRect
RedrawWindow
SetCapture
SetCursorPos
DestroyCursor
LoadCursorA
GetMenuItemInfoA
IsZoomed
SetRect
SetTimer
KillTimer
WindowFromPoint
PostQuitMessage
ShowOwnedPopups
MapDialogRect
SetWindowContextHelpId
GetSysColorBrush
UnregisterClassA
IsRectEmpty
DeleteMenu
GetSystemMenu
SetParent
UnionRect
GetDCEx
LockWindowUpdate
DestroyIcon
CharNextA
CopyAcceleratorTableA
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatA
PostThreadMessageA
DrawStateA
DrawIconEx
DrawFrameControl
IsMenu
CopyIcon
IsDialogMessageA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
EnableMenuItem
CheckMenuItem
SendDlgItemMessageA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
FillRect
TrackPopupMenuEx
TrackPopupMenu
GetWindowDC
SetScrollPos
GetScrollPos
MessageBoxA
CreateWindowExA
GetClassInfoExA
RegisterClassA
ScreenToClient
DeferWindowPos
PtInRect
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetSystemMetrics
ReleaseDC
GetDC
GetClientRect
IsChild
AdjustWindowRectEx
RegisterWindowMessageA
GetClassNameA
UnpackDDElParam
ReuseDDElParam
DestroyMenu
WinHelpA
SetFocus
GetWindowThreadProcessId
GetActiveWindow
IsWindowEnabled
GetFocus
EqualRect
GetDlgItem
SetWindowLongA
GetDlgCtrlID
GetMenu
SetCursor
PeekMessageA
GetCapture
ReleaseCapture
LoadAcceleratorsA
GetParent
SetActiveWindow
IsIconic
InsertMenuItemA
CreatePopupMenu
IntersectRect
OffsetRect
SetRectEmpty
CopyRect
GetLastActivePopup
BringWindowToTop
SetMenu
GetDesktopWindow
GetWindow
GetWindowLongA
IsWindow
TranslateAcceleratorA
UnhookWindowsHookEx
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
RemoveMenu
DefFrameProcA
DrawMenuBar
ClientToScreen
GrayStringA
DrawTextExA
GetMessageA
TranslateMessage
ValidateRect
MoveWindow
DrawTextA
TabbedTextOutA
SetWindowTextA
SetWindowPos
ShowWindow
CharUpperA
RegisterDeviceNotificationA
GetCursorPos
GetClassInfoA
SetForegroundWindow
IsWindowVisible
InvalidateRect
UpdateWindow
LoadMenuA
GetSubMenu
PostMessageA
FindWindowA
GetSysColor
SendMessageA
LoadIconA
EnableWindow
LoadBitmapA
GetKeyState
TranslateMDISysAccel

advapi32

CryptExportKey
RegOpenKeyA
RegSetValueA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
SetFileSecurityA
GetFileSecurityA
RegCreateKeyA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
QueryServiceStatus
StartServiceA
QueryServiceConfigA
ChangeServiceConfigA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
CryptGetUserKey
CryptGetKeyParam
CryptSetKeyParam
CryptDestroyKey
CryptSetProvParam
RegCreateKeyExA
CryptGetProvParam
CryptAcquireContextA
CryptReleaseContext

shell32

Shell_NotifyIconA
ShellExecuteA
SHGetFileInfoA
ExtractIconA
DragQueryFileA
DragFinish

oleaut32

OleCreateFontIndirect
SysAllocString
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
SysAllocStringByteLen
SysFreeString
SysStringLen

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA

oledlg

ord8

crypt32

CertFreeCertificateChain
CertNameToStrA
CertDuplicateCertificateContext
CertDeleteCertificateFromStore
CertSetCertificateContextProperty
CertAddCertificateContextToStore
CertCreateCertificateContext
CertOpenStore
CertEnumCertificatesInStore
CertCompareCertificate
CertFreeCertificateContext
CertCloseStore
CertGetCertificateChain

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

oleacc

LresultFromObject
CreateStdAccessibleObject

gdi32

CreateCompatibleBitmap
CreateCompatibleDC
CreateRectRgnIndirect
PatBlt
GetClipBox
SetTextColor
SetBkColor
GetObjectA
CreateBitmap
SaveDC
RestoreDC
SetBkMode
SetMapMode
ExcludeClipRect
RectVisible
CreateSolidBrush
CreatePen
GetStockObject
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
IntersectClipRect
LineTo
MoveToEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
StretchDIBits
CreateFontA
GetCharWidthA
GetMapMode
CombineRgn
SetRectRgn
GetBkColor
GetTextMetricsA
GetTextExtentPoint32A
CreateFontIndirectA
SelectObject
DeleteObject
SelectClipRgn
CreateRectRgn
GetTextColor
GetRgnBox
SetPixel
CreateDIBitmap
EnumFontFamiliesA
PtVisible
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
Escape
ExtTextOutA
GetDeviceCaps
TextOutA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

comdlg32

GetFileTitleA

ole32

CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleUninitialize
CoTaskMemFree
OleInitialize
CoFreeUnusedLibraries
CoRevokeClassObject
CoRegisterMessageFilter
OleFlushClipboard
CoTaskMemAlloc
OleIsCurrentClipboard

Sections

.text
Size: 396KB - Virtual size: 393KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d0b2730e67c25d49a26a934fab607b26

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

oleaut32

shlwapi

oledlg

crypt32

version

oleacc

gdi32

winspool.drv

comdlg32

ole32

Sections

.text Size: 396KB - Virtual size: 393KB

.rdata Size: 104KB - Virtual size: 101KB

.data Size: 16KB - Virtual size: 27KB

.rsrc Size: 120KB - Virtual size: 120KB

.text
Size: 396KB - Virtual size: 393KB

.rdata
Size: 104KB - Virtual size: 101KB

.data
Size: 16KB - Virtual size: 27KB

.rsrc
Size: 120KB - Virtual size: 120KB