16f582a0cb6e464d757d60140fdbd8f530513329a80a537d54afaa82a3f0c1b9

Sharing

Copy URL Twitter E-mail

General

Target

16f582a0cb6e464d757d60140fdbd8f530513329a80a537d54afaa82a3f0c1b9
Size

680KB
MD5

405f1fb5f1d6d9bfc90047b5686202c0
SHA1

2f0f86d7701eeb4920bf2592f11e7003437fa913
SHA256

16f582a0cb6e464d757d60140fdbd8f530513329a80a537d54afaa82a3f0c1b9
SHA512

37c48501dbe296185bde544859f3a9fdd5aa831448785cb0d0536dc377a4ca026f55a6ceb671bdb269206fbcd39d18956f0340c4a6654a5757aa5b14d1feb7d8
SSDEEP

12288:32y+rvyN6MpOrFTBUibAKN9bdaVBLPDU:GCsMErUAAG2VlQ

Score

N/A

Malware Config

Signatures

Files

16f582a0cb6e464d757d60140fdbd8f530513329a80a537d54afaa82a3f0c1b9
.dll windows x86

926042286b76fa6c838d9922b6c4c523

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
GetShortPathNameA
GetAtomNameA
FileTimeToSystemTime
SystemTimeToFileTime
GetCPInfo
GetOEMCP
FileTimeToLocalFileTime
LocalFileTimeToFileTime
SetFileTime
SetFileAttributesA
GetFileAttributesA
GetFileTime
RtlUnwind
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapAlloc
HeapFree
HeapReAlloc
GetCommandLineA
GetProcessHeap
ExitProcess
ExitThread
CreateThread
RaiseException
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentProcess
VirtualFree
HeapDestroy
HeapCreate
GetStdHandle
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
SetConsoleCtrlHandler
GetACP
GetTimeZoneInformation
GetLocaleInfoW
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
DuplicateHandle
GetThreadLocale
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileA
MoveFileA
FreeResource
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetVersionExA
InterlockedIncrement
GlobalFlags
GetCurrentDirectoryA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedDecrement
GetModuleFileNameW
GlobalFree
CopyFileA
GlobalSize
GlobalUnlock
FormatMessageA
LocalFree
MulDiv
WaitForMultipleObjects
ReleaseMutex
CreateMutexA
ReleaseSemaphore
CreateSemaphoreA
GetCurrentProcessId
SetLastError
GlobalAddAtomA
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
GetModuleFileNameA
EnumResourceLanguagesA
GetLocaleInfoA
LoadLibraryA
FindResourceA
LoadResource
LockResource
SizeofResource
GlobalLock
lstrcmpA
GlobalAlloc
FreeLibrary
GlobalDeleteAtom
GetModuleHandleA
GetProcAddress
GetLastError
lstrlenA
lstrcmpiA
lstrcmpiW
GetStringTypeExA
GetStringTypeExW
WideCharToMultiByte
lstrlenW
CompareStringA
CompareStringW
GetEnvironmentVariableA
MultiByteToWideChar
InterlockedExchange
GetVersion
GetEnvironmentVariableW
DeviceIoControl
CreateFileA
CloseHandle
FatalAppExitA
Sleep

user32

GetSysColorBrush
ScrollWindowEx
ShowWindow
MoveWindow
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
IsWindow
SetFocus
GetWindowTextLengthA
GetForegroundWindow
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
GetClientRect
GetMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
GetDialogBaseUnits
AdjustWindowRectEx
EqualRect
DeferWindowPos
CopyRect
GetScrollInfo
SetScrollInfo
SetWindowPlacement
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ScreenToClient
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
GetDesktopWindow
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
CharLowerW
CharLowerA
CharUpperW
CharUpperA
PostQuitMessage
PostMessageA
GetClassNameA
PtInRect
GetWindowTextA
SetWindowTextA
DeleteMenu
UnregisterClassA
UnhookWindowsHookEx
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
DestroyMenu
GetMenuItemInfoA
InflateRect
DestroyIcon
RegisterClassA
LoadCursorA
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuA
SendMessageA
GetParent
GetFocus
LoadBitmapA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
GetCursorPos
PeekMessageA
GetKeyState
IsWindowVisible
GetActiveWindow
DispatchMessageA
TranslateMessage
RemoveMenu
MsgWaitForMultipleObjects
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxA
ShowOwnedPopups
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageA
OffsetRect

gdi32

ScaleWindowExtEx
GetCurrentPositionEx
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
DeleteDC
CreateDIBPatternBrushPt
CreatePatternBrush
StartDocA
CreateCompatibleDC
GetStockObject
SelectPalette
PlayMetaFileRecord
GetObjectType
SetWindowExtEx
PlayMetaFile
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
GetDCOrgEx
CreateFontIndirectA
GetTextExtentPoint32A
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
PatBlt
DPtoLP
GetTextMetricsA
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
EnumMetaFile
CreateBitmap
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
GetObjectA
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetTextColor
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
DeleteObject
CreateDCA
CopyMetaFileA
GetDeviceCaps
PtVisible

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegSetValueA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyA

shell32

SHGetFileInfoA
ExtractIconA

shlwapi

PathFindExtensionA
PathRemoveExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA

ole32

ReleaseStgMedium
CreateBindCtx
CoTreatAsClass
StringFromCLSID
ReadClassStg
CoTaskMemAlloc
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
OleDuplicateData
CoDisconnectObject
CoCreateInstance
StringFromGUID2
CLSIDFromString
ReadFmtUserTypeStg

oleaut32

SysFreeString
SysStringLen
SysAllocStringByteLen
SysStringByteLen
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
VariantCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
SysReAllocStringLen
VarDateFromStr
VarBstrFromCy
VarBstrFromDec
VarDecFromStr
VarCyFromStr
VarBstrFromDate

Exports

Exports

EMSCEvaluate
EMSCEvaluateEx

Sections

.text
Size: 412KB - Virtual size: 410KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didat
Size: 4KB - Virtual size: 793B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

926042286b76fa6c838d9922b6c4c523

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

Exports

Exports

Sections

.text Size: 412KB - Virtual size: 410KB

.rdata Size: 72KB - Virtual size: 70KB

.data Size: 12KB - Virtual size: 27KB

.idata Size: 16KB - Virtual size: 13KB

.didat Size: 4KB - Virtual size: 793B

.rsrc Size: 20KB - Virtual size: 16KB

.reloc Size: 24KB - Virtual size: 21KB

.rmnet Size: 116KB - Virtual size: 116KB

.text
Size: 412KB - Virtual size: 410KB

.rdata
Size: 72KB - Virtual size: 70KB

.data
Size: 12KB - Virtual size: 27KB

.idata
Size: 16KB - Virtual size: 13KB

.didat
Size: 4KB - Virtual size: 793B

.rsrc
Size: 20KB - Virtual size: 16KB

.reloc
Size: 24KB - Virtual size: 21KB

.rmnet
Size: 116KB - Virtual size: 116KB