2d0088939f9b188030a8e048c3925819a902875201e70760d55bc3acc53b9ec2

Sharing

Copy URL Twitter E-mail

General

Target

2d0088939f9b188030a8e048c3925819a902875201e70760d55bc3acc53b9ec2
Size

926KB
MD5

30dc38401219edaf02c5f47e04baecc0
SHA1

adbe434846a15073293fc140531f4b68766a813b
SHA256

2d0088939f9b188030a8e048c3925819a902875201e70760d55bc3acc53b9ec2
SHA512

c6c1cf38eb83699c1b167f625280a5e79382227a62e2992e278b9e9d74619801611d03d044841ca8dae1dbed27883ec23d9a4440251a84f2c34453e3206f2d4c
SSDEEP

24576:KbOpASGKVgbyUt5xOsvjJTIiBFw9VXyKdNxbn8Jajl:OOpAS1VgGUjvVTIiE7ymxbn8Jajl

Score

N/A

Malware Config

Signatures

Files

2d0088939f9b188030a8e048c3925819a902875201e70760d55bc3acc53b9ec2
.exe windows x86

1210f7d328128d148d5bd82aefef0e8c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
Module32FirstW
GetCurrentProcessId
CreateEventW
CreateThread
SetEvent
ResetEvent
SetFilePointer
WaitForMultipleObjects
RaiseException
FindFirstFileW
FindNextFileW
FindClose
RemoveDirectoryW
GetDiskFreeSpaceExW
GetExitCodeThread
SetLastError
FlushInstructionCache
GetCurrentDirectoryA
GetFullPathNameA
FindFirstFileA
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
FormatMessageW
TerminateThread
ReleaseMutex
DuplicateHandle
SleepEx
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
CreateFileA
GetTimeZoneInformation
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
GetLocaleInfoW
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
EnterCriticalSection
FreeEnvironmentStringsA
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetConsoleMode
GetConsoleCP
GetStartupInfoA
GetFileType
SetHandleCount
GetModuleFileNameA
GetStdHandle
ExitProcess
HeapCreate
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleA
IsValidCodePage
GetOEMCP
GetCPInfo
LCMapStringW
LCMapStringA
RtlUnwind
GetStartupInfoW
ExitThread
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InterlockedDecrement
InterlockedIncrement
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
InterlockedCompareExchange
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
OpenProcess
DeleteCriticalSection
MoveFileW
GetPrivateProfileIntW
InitializeCriticalSection
GetPrivateProfileStringW
DeleteFileW
Process32NextW
CreateDirectoryW
Process32FirstW
CreateToolhelp32Snapshot
SetFileAttributesW
GetFileAttributesW
QueryDosDeviceW
GetLogicalDriveStringsW
GetCurrentThreadId
WriteFile
WaitForSingleObject
Sleep
CreateProcessW
MoveFileExW
GetCurrentProcess
CopyFileW
TerminateProcess
GetSystemDirectoryW
WritePrivateProfileStringW
ExpandEnvironmentStringsW
Module32NextW
FreeResource
GlobalFree
GlobalUnlock
GlobalLock
GetFileSize
GlobalAlloc
FreeLibrary
ReadFile
CreateFileW
GetModuleFileNameW
lstrlenW
GetLocalTime
GetTickCount
LoadLibraryW
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
CloseHandle
GetModuleHandleW
GetCommandLineW
LockResource
GetLastError
LoadResource
SizeofResource
FindResourceW
GetProcAddress
FindResourceExW
CreateMutexW
GetEnvironmentStrings

user32

ReleaseDC
SetWindowPos
IsWindowEnabled
RegisterWindowMessageW
PostMessageW
MapWindowPoints
InflateRect
LoadBitmapW
LoadImageW
UnregisterClassA
GetDC
FindWindowW
FindWindowExW
SendMessageW
ExitWindowsEx
GetWindowRect
InvalidateRect
GetForegroundWindow
GetWindowThreadProcessId
GetDesktopWindow
AttachThreadInput
CreateWindowExW
SetForegroundWindow
DrawTextW
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
PostThreadMessageW
SystemParametersInfoW
IsWindowVisible
EnumWindows
GetWindowLongW
DestroyWindow
GetFocus
SetTimer
IsChild
DefWindowProcW
GetDlgCtrlID
RegisterClassExW
IsDialogMessageW
UpdateLayeredWindow
EndPaint
SetWindowLongW
DrawIconEx
SetFocus
BeginPaint
GetClientRect
GetParent
GetNextDlgTabItem
DrawFrameControl
SetWindowTextW
CopyRect
SetClassLongW
CallWindowProcW
SetRectEmpty
GetClassLongW
GetDlgItem
BringWindowToTop
MonitorFromWindow
GetActiveWindow
GetMonitorInfoW
LoadCursorW
ReleaseCapture
SetRect
PostQuitMessage
EqualRect
ShowWindow
IsWindow
DestroyIcon
SetActiveWindow
OffsetRect
KillTimer
SetCapture
LoadIconW
DeleteMenu
PtInRect
GetScrollPos
MoveWindow
WindowFromPoint
GetWindow
GetClassInfoExW
GetSystemMenu
SetCursor
GetKeyState
EnableWindow

gdi32

SetBkMode
LineTo
MoveToEx
RectInRegion
CreateRectRgnIndirect
GetCurrentObject
DeleteDC
SaveDC
ExtTextOutW
SetBkColor
SelectObject
CreateCompatibleDC
CreateFontIndirectW
GetStockObject
SetTextColor
CreateBitmap
CreateCompatibleBitmap
CreatePen
CreateDIBSection
Rectangle
GetObjectW
SelectClipRgn
CreateRectRgn
DeleteObject
StretchBlt
SetStretchBltMode
BitBlt
RestoreDC
GetTextColor
GetClipRgn
RoundRect
GetTextExtentPoint32W
CombineRgn
TextOutW

advapi32

SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegDeleteValueW
RegDeleteKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
CloseServiceHandle
StartServiceW
OpenServiceW
OpenSCManagerW
RegSetValueExW
RegQueryValueExW
RegCloseKey
RegCreateKeyExW
RegOpenKeyW
RegOpenKeyExW
RegQueryValueExA
RegOpenKeyExA

shell32

ShellExecuteW
Shell_NotifyIconW

ole32

CreateStreamOnHGlobal

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime

shlwapi

StrToIntW
StrToIntA
PathFileExistsW

comctl32

_TrackMouseEvent

msimg32

AlphaBlend

gdiplus

GdipSetStringFormatAlign
GdipDeleteStringFormat
GdipCreateStringFormat
GdipCreateSolidFill
GdipDeleteGraphics
GdipImageRotateFlip
GdipCreateFromHDC
GdipSetStringFormatLineAlign
GdipDisposeImageAttributes
GdipCreateFontFromDC
GdipDisposeImage
GdipGetImageHeight
GdipGetImageWidth
GdipAlloc
GdipFree
GdipCloneImage
GdipDrawImagePointsRectI
GdipLoadImageFromStream
GdipDrawImageRectRectI
GdipLoadImageFromFile
GdiplusShutdown
GdiplusStartup
GdipDrawImageRectI
GdipCreateFontFromLogfontW
GdipDrawString
GdipResetWorldTransform
GdipSetStringFormatTrimming
GdipTranslateWorldTransform
GdipDeleteFont
GdipRotateWorldTransform
GdipDeleteBrush
GdipCloneBrush
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromStream
GdipSetImageAttributesColorMatrix
GdipCreateImageAttributes

iphlpapi

IcmpSendEcho
IcmpCloseHandle
IcmpCreateFile

ws2_32

inet_ntoa
WSACleanup
closesocket
socket
WSAStartup
inet_addr
gethostbyname
WSASetLastError
ioctlsocket
select
connect
setsockopt
getsockopt
htons
bind
ntohs
getsockname
send
recv
WSAGetLastError
__WSAFDIsSet

psapi

GetModuleFileNameExW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

Sections

.text
Size: 472KB - Virtual size: 470KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 316KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1210f7d328128d148d5bd82aefef0e8c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msimg32

gdiplus

iphlpapi

ws2_32

psapi

version

Sections

.text Size: 472KB - Virtual size: 470KB

.rdata Size: 116KB - Virtual size: 115KB

.data Size: 12KB - Virtual size: 19KB

.rsrc Size: 316KB - Virtual size: 316KB

.text
Size: 472KB - Virtual size: 470KB

.rdata
Size: 116KB - Virtual size: 115KB

.data
Size: 12KB - Virtual size: 19KB

.rsrc
Size: 316KB - Virtual size: 316KB