230f2a576fd0b239d0819fce03f55bf92b1d0ce00bd0a53f7402686efbe9acd6

Sharing

Copy URL Twitter E-mail

General

Target

230f2a576fd0b239d0819fce03f55bf92b1d0ce00bd0a53f7402686efbe9acd6
Size

608KB
MD5

19b5f78fcba7ccea1f897ff93cd354b0
SHA1

e71fcd73655432b05665bd705c21af8a6eca01e7
SHA256

230f2a576fd0b239d0819fce03f55bf92b1d0ce00bd0a53f7402686efbe9acd6
SHA512

79339277355d4430e489098ceaf0a606a7210f23a92a22abdb386ff1a185774e8016322b34bc26b3ad419f2966d557926e7709cfb5a1f09cb7cd8caac8c489b3
SSDEEP

12288:qbzjxDZN9Xo2R+N8mLg1qP4qPIsKTrEOYdbYBMu/NcF:E59Xo6qP4qPWTibPQNcF

Score

N/A

Malware Config

Signatures

Files

230f2a576fd0b239d0819fce03f55bf92b1d0ce00bd0a53f7402686efbe9acd6
.exe windows x86

5cd32c46fe49c4c21565f46efbc3786f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA

wininet

HttpOpenRequestA
InternetOpenA
InternetCloseHandle
InternetQueryOptionA
HttpSendRequestA
InternetSetOptionA

ws2_32

inet_ntoa
gethostbyname
WSAStartup
WSACleanup

kernel32

FindResourceExW
GetDiskFreeSpaceA
CreateFileA
DeleteFileA
FindFirstFileA
FindNextFileA
MultiByteToWideChar
WideCharToMultiByte
GetFileSize
GetFileSizeEx
WriteFile
ReadFile
FlushFileBuffers
SetEndOfFile
SetFilePointer
GetSystemTimeAsFileTime
ExpandEnvironmentStringsA
CreateDirectoryA
GetFileAttributesA
InitializeCriticalSection
DeleteCriticalSection
FreeLibrary
OpenProcess
GetCurrentProcess
TerminateProcess
GetVersion
GetModuleHandleA
GetVersionExA
ReleaseMutex
CreateMutexA
OpenMutexA
LocalFree
SetLastError
GetCurrentProcessId
GetCurrentThreadId
GlobalAlloc
GlobalFlags
GlobalLock
GlobalUnlock
GlobalFree
InitializeCriticalSectionAndSpinCount
SetEvent
WaitForMultipleObjects
lstrcpyA
lstrlenA
CreateEventA
RemoveDirectoryA
FindFirstChangeNotificationA
LocalAlloc
InterlockedIncrement
FlushInstructionCache
RaiseException
MulDiv
lstrcmpA
GetEnvironmentStringsW
lstrcmpiA
LoadLibraryExA
FindResourceA
IsDBCSLeadByte
GetTempPathA
FindResourceW
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
InterlockedCompareExchange
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
IsProcessorFeaturePresent
VirtualAlloc
VirtualFree
DecodePointer
EncodePointer
GetStringTypeW
RtlUnwind
GetSystemInfo
VirtualProtect
VirtualQuery
AreFileApisANSI
IsDebuggerPresent
ExitThread
LoadLibraryExW
GetCommandLineA
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
CompareStringW
GetModuleFileNameA
LoadLibraryA
GetMailslotInfo
PeekNamedPipe
GetTickCount
GetTimeZoneInformation
CloseHandle
FindClose
GetFileType
SizeofResource
LoadResource
Sleep
WaitForSingleObject
LeaveCriticalSection
EnterCriticalSection
GetLastError
OpenThread
CreateThread
GetProcAddress
LockResource
FreeEnvironmentStringsW
OutputDebugStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetStdHandle
GetModuleFileNameW
ExitProcess
GetModuleHandleExW
IsValidCodePage
GetACP
GetOEMCP
GetConsoleCP
GetConsoleMode
MoveFileExW
QueryPerformanceCounter
LoadLibraryW
SetFilePointerEx
SetStdHandle
WriteConsoleW
CreateFileW
ReadConsoleW
SetEnvironmentVariableA
InterlockedDecrement
GlobalHandle
HeapDestroy

user32

LoadIconA
ValidateRect
UpdateLayeredWindow
GetClassInfoA
UnregisterClassA
IsWindowVisible
SetActiveWindow
SetMenuDefaultItem
SetMenuItemInfoA
GetMenuItemInfoA
EnableWindow
RegisterClassA
ShowWindow
CreateDialogIndirectParamA
PeekMessageA
DispatchMessageA
TranslateMessage
GetMessageA
KillTimer
SetTimer
GetMonitorInfoA
MonitorFromWindow
MapDialogRect
IsDialogMessageA
LoadCursorA
GetWindow
GetDesktopWindow
SetWindowLongA
GetWindowLongA
FillRect
GetSysColor
MapWindowPoints
ScreenToClient
ClientToScreen
SetWindowContextHelpId
GetClientRect
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
RedrawWindow
InvalidateRgn
EndPaint
BeginPaint
CreateAcceleratorTableA
ReleaseCapture
SetCapture
GetFocus
SetFocus
CharNextA
SendDlgItemMessageA
GetDlgItem
EndDialog
MoveWindow
DestroyWindow
IsChild
CreateWindowExA
GetClassInfoExA
RegisterClassExA
CallWindowProcA
PostQuitMessage
DefWindowProcA
RegisterWindowMessageA
DestroyIcon
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
FindWindowExA
GetWindowRect
InvalidateRect
ReleaseDC
GetDC
SendMessageA
SystemParametersInfoA
GetWindowThreadProcessId
GetClassNameA
FindWindowA
GetParent
MessageBoxA
AllowSetForegroundWindow
SetForegroundWindow
GetForegroundWindow
keybd_event
GetKeyboardState
BringWindowToTop
SetWindowPos
IsWindow
AttachThreadInput
PostMessageA
SendMessageTimeoutA
DestroyAcceleratorTable

gdi32

CreateCompatibleDC
CreateSolidBrush
CreateCompatibleBitmap
GetDeviceCaps
GetStockObject
BitBlt
GetObjectA
SelectObject
GetTextExtentPoint32A
DeleteObject
CreateFontA
DeleteDC
CreateDIBSection

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey
GetSidSubAuthorityCount
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegQueryInfoKeyW
RegSetValueExA
RegEnumValueA
GetTokenInformation
LookupPrivilegeValueA
AdjustTokenPrivileges
GetSidSubAuthority

ole32

CreateStreamOnHGlobal
CLSIDFromProgID
CoCreateInstance
CoInitializeEx
CoGetClassObject
CLSIDFromString
StringFromGUID2
CoTaskMemAlloc
CoTaskMemFree
OleInitialize
OleUninitialize
OleLockRunning
CoInitialize
CoTaskMemRealloc
CoUninitialize

oleaut32

SysStringLen
VariantInit
VariantClear
VariantChangeType
LoadTypeLi
LoadRegTypeLi
SysFreeString
OleCreateFontIndirect
VarUI4FromStr
VariantCopy
SysAllocStringLen
DispCallFunc
SysAllocString

comctl32

ImageList_Remove
ImageList_ReplaceIcon
ImageList_GetImageCount
InitCommonControlsEx

gdiplus

GdipDeleteFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipDrawImageRectI
GdipFillPath
GdipGraphicsClear
GdipDrawPath
GdipSetInterpolationMode
GdipDeleteGraphics
GdipCloneBitmapAreaI
GdipCreateHICONFromBitmap
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipDrawString
GdipDeletePen
GdipCreatePen1
GdipSetPathGradientFocusScales
GdipGetPathGradientPointCount
GdipSetPathGradientSurroundColorsWithCount
GdipSetPathGradientCenterColor
GdipCreatePathGradientFromPath
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdipWindingModeOutline
GdipAddPathEllipseI
GdipAddPathRectangleI
GdipDeletePath
GdipCreatePath
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc
GdipMeasureString
GdipDrawLineI
GdipSetSmoothingMode
GdipReleaseDC
GdipCreateFromHDC
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipSetPenMode
GdipSetStringFormatTrimming
GdipSetStringFormatAlign
GdipDeleteStringFormat
GdipCloneImage
GdipCreateStringFormat

Sections

.text
Size: 418KB - Virtual size: 418KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5cd32c46fe49c4c21565f46efbc3786f

Headers

DLL Characteristics

File Characteristics

Imports

version

wininet

ws2_32

kernel32

user32

gdi32

advapi32

ole32

oleaut32

comctl32

gdiplus

Sections

.text Size: 418KB - Virtual size: 418KB

.rdata Size: 101KB - Virtual size: 100KB

.data Size: 7KB - Virtual size: 20KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 76KB - Virtual size: 76KB

.text
Size: 418KB - Virtual size: 418KB

.rdata
Size: 101KB - Virtual size: 100KB

.data
Size: 7KB - Virtual size: 20KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 76KB - Virtual size: 76KB