3018cebbab6e7458f5e27969253eb150d7ce0cf19ee8667ad14648f695d73587

Sharing

Copy URL

Twitter E-mail

General

Target

3018cebbab6e7458f5e27969253eb150d7ce0cf19ee8667ad14648f695d73587
Size

480KB
MD5

ca625ce0ff0cf44755219d340e50e55c
SHA1

8c7cd59705296667bb76574b268f6cdff0175aa3
SHA256

3018cebbab6e7458f5e27969253eb150d7ce0cf19ee8667ad14648f695d73587
SHA512

e04e77a1def40ba4df226d5fd84276425b1ca17669f67056cdcf73e200224f9d7efcbf4ca4531568ed381e74c3ff88f9445a59df8a9821f95e031ce470f62e01
SSDEEP

12288:d9imhM08V05iOaWuVNSh5FDO8hR9iC6NT3Q8oxfWpV:rGkjaWhFDO8hOZNT37oxfW

Score

N/A

Malware Config

Signatures

Files

3018cebbab6e7458f5e27969253eb150d7ce0cf19ee8667ad14648f695d73587
.exe windows x86

44dba910008dedf8c99647c602a2534a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DragAcceptFiles
ShellExecuteA
DragQueryPoint
ExtractIconA
SHChangeNotify
SHGetFileInfoA
SHFileOperationA
SHGetPathFromIDListA
ord155
SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetMalloc
SHGetFolderPathW
SHGetPathFromIDListW
ShellExecuteExA
SHFileOperationW
ShellExecuteW
DragQueryFileA
ExtractIconW

user32

IsDlgButtonChecked
SetCursor
InsertMenuA
GetSysColor
GetMessagePos
CheckMenuItem
ClientToScreen
CallWindowProcA
DrawFocusRect
ReleaseCapture
InvalidateRect
RegisterClipboardFormatA
CharUpperA
SetWindowLongA
GetWindow
GetMenuStringA
RedrawWindow
SetCursorPos
SetScrollRange
DrawTextExA
SetRectEmpty
SystemParametersInfoA
GetLastActivePopup
GetMenu
SendDlgItemMessageA
DdeConnect
GetCapture
AppendMenuA
WinHelpA
LoadMenuW
FindWindowA
ClipCursor
IsDialogMessageA
SetParent
TrackPopupMenu
GetFocus
DestroyMenu
GetKeyState
BeginDeferWindowPos
GetSysColorBrush
GetMenuState
SetDlgItemTextW
GetWindowTextW
GetWindowDC
GetUpdateRgn
ShowWindow
DeleteMenu
SetScrollInfo
UnpackDDElParam
IsClipboardFormatAvailable
LoadImageW
GetDlgItem
LoadBitmapA
HideCaret
VkKeyScanA
CharLowerA
BringWindowToTop
MoveWindow
SetWindowsHookExA
GetClassNameW
SetScrollPos
IsMenu
PtInRect
GetWindowLongA
CopyRect
EnumWindows
PostThreadMessageW
GetActiveWindow
SendNotifyMessageA
SetWindowTextA
GetMenuItemCount
SetMenuItemBitmaps
RemovePropW
DefWindowProcW
GetNextDlgTabItem
CreateDialogParamW
CallNextHookEx
ShowOwnedPopups
UnregisterClassW
UpdateWindow
GetTabbedTextExtentA
MessageBeep
CloseClipboard
GetMenuItemInfoW
SetCapture
GetDesktopWindow
DeferWindowPos
SetWindowPlacement
GetDC
EndDeferWindowPos
CreateIconFromResourceEx
LoadIconW
LoadMenuA
WaitMessage
GetNextDlgGroupItem
LoadAcceleratorsA
GetWindowTextLengthW
GetSystemMetrics
SendMessageW
CopyIcon
GetClipboardData
GetClassLongW
ModifyMenuW
SetRect
IsWindowVisible
EndPaint
SetFocus
FindWindowExA
GetMessageA
GetWindowThreadProcessId
CreateWindowExW
GetDlgItemTextA
PostMessageW
InflateRect
IsIconic
SetWindowLongW
UnregisterClassA
ModifyMenuA
SetWindowsHookExW
GetScrollPos
DestroyCursor
GetMenuCheckMarkDimensions
BeginPaint
CreateAcceleratorTableW
GetWindowPlacement
PostMessageA
CreateDialogIndirectParamA
GetMessageTime
SetClipboardData
CheckRadioButton
SetWindowRgn
MessageBoxA
GetWindowRect
DrawMenuBar
SetMenu
IsChild
RegisterClassA
SetActiveWindow
KillTimer
ScrollWindow
RegisterWindowMessageW
CopyAcceleratorTableA
DdeAccessData
PeekMessageA
SetDlgItemInt
TranslateAcceleratorW
RegisterWindowMessageA
DrawTextA
UnhookWindowsHookEx
CharLowerW
ScreenToClient
SetWindowPos
GrayStringA
GetClassNameA
SetMenuDefaultItem
MapWindowPoints
ValidateRect
LoadImageA
MapDialogRect
TranslateMessage
LockWindowUpdate
RegisterClassExA
CreateDialogParamA
WindowFromDC
DrawStateA
GetParent
GetMenuItemID
CreateIconIndirect
SetDlgItemTextA
RemoveMenu
LoadStringA
DestroyAcceleratorTable
InsertMenuItemA
SetTimer
GetTopWindow
PostQuitMessage
CharNextA
GetIconInfo
FillRect
GetMonitorInfoW
SetForegroundWindow
DispatchMessageW
FrameRect
ShowScrollBar
DrawEdge
EnumClipboardFormats
FindWindowW
SetCaretBlinkTime
DdeCreateStringHandleA
GetForegroundWindow
WindowFromPoint
SetWindowContextHelpId
DefWindowProcA
GetCursorPos
OpenClipboard
IsRectEmpty
DrawStateW
CharToOemA
DrawFrameControl
GetClassLongA
CheckDlgButton
ReleaseDC
DrawIcon
LoadIconA
EndDialog
DispatchMessageA
IntersectRect
CreateWindowExA
SetMenuItemInfoA
GetMessageW
GetClientRect
GetClassInfoExA
SendMessageA
ReuseDDElParam
SetWindowTextW
SetPropA
GetClassInfoA
SubtractRect
GetDlgCtrlID
DestroyWindow
GetPropA
OffsetRect
LoadCursorA
EnableMenuItem
MessageBoxW
GetMenuItemInfoA
CreateCaret
AdjustWindowRectEx
LoadStringW
TranslateAcceleratorA
GetAsyncKeyState
EqualRect
EnableWindow
IsWindow
CreateMenu
IsZoomed
CreateDialogIndirectParamW
GetWindowTextLengthA
GetSubMenu
MonitorFromRect
GetScrollRange
EmptyClipboard
GetWindowTextA
CharUpperW

ole32

SetConvertStg
GetRunningObjectTable
CoGetClassObject
CoDisconnectObject
OleIsRunning
ReadFmtUserTypeStg
CLSIDFromString
CoRevokeClassObject
CoRegisterMessageFilter
StringFromCLSID
CoCreateInstance
CoMarshalInterThreadInterfaceInStream
CoUninitialize
CreateGenericComposite
CoTaskMemAlloc
OleFlushClipboard
OleSetContainedObject
StgOpenStorage
CoTreatAsClass
StringFromGUID2
CoTaskMemFree
CreateILockBytesOnHGlobal
OleDestroyMenuDescriptor
OleDuplicateData
OleGetClipboard
ReleaseStgMedium
OleRun
CreateStreamOnHGlobal
CreateItemMoniker
ReadClassStg
WriteClassStg
OleSaveToStream
OleRegGetMiscStatus
GetHGlobalFromILockBytes
OleUninitialize
ProgIDFromCLSID
CreateFileMoniker
OleQueryCreateFromData
CLSIDFromProgID
CoInitializeEx
CreateDataAdviseHolder
StgCreateDocfile
WriteFmtUserTypeStg
StgIsStorageFile
OleLockRunning
OleInitialize
StgOpenStorageOnILockBytes
OleRegGetUserType
IsAccelerator
OleSetClipboard
GetClassFile
CreateBindCtx
CoInitialize
CreateOleAdviseHolder
OleTranslateAccelerator
OleLoad
CoLockObjectExternal
WriteClassStm
OleCreateFromData
OleCreateStaticFromData
RevokeDragDrop
OleQueryLinkFromData
CoGetMalloc
OleIsCurrentClipboard
CoFreeUnusedLibraries
RegisterDragDrop
OleRegEnumVerbs
StgIsStorageILockBytes
OleCreateMenuDescriptor
DoDragDrop
StgCreateDocfileOnILockBytes
CoRegisterClassObject

kernel32

GetStringTypeA
UnlockFile
GetLocaleInfoW
WriteConsoleW
GetConsoleOutputCP
GetEnvironmentVariableA
WriteConsoleA
ResetEvent
RemoveDirectoryA
GetFileType
DebugBreak
GetStartupInfoA
HeapFree
WinExec
GlobalHandle
SuspendThread
OutputDebugStringW
IsBadWritePtr
MultiByteToWideChar
GetLastError
MoveFileExW
ReadFile
GetModuleFileNameA
lstrcmpA
GetTimeZoneInformation
GetCommandLineA
QueryPerformanceFrequency
FileTimeToSystemTime
GetCurrentDirectoryW
GetModuleHandleW
GetEnvironmentStrings
CreateMutexA
SetStdHandle
GetFileTime
SetFileAttributesA
GetSystemInfo
IsValidLocale
GlobalAddAtomA
lstrcmpW
Sleep
SetFileTime
GetThreadLocale
MoveFileExA
GlobalFree
CreateProcessA
GetLocalTime
GlobalUnlock
CreateEventA
GetCurrentThreadId
ResumeThread
FindClose
GetModuleHandleA
GetWindowsDirectoryA
SetUnhandledExceptionFilter
DeleteCriticalSection
SetConsoleCtrlHandler
LoadLibraryA
MoveFileW
TerminateProcess
lstrcatA
ExitProcess
HeapDestroy
LCMapStringA
GetStdHandle
SetFilePointer
lstrcpynA
GetPrivateProfileIntA
lstrlenA
EnumSystemLocalesA
GlobalDeleteAtom
WritePrivateProfileStringA
LocalReAlloc
TlsGetValue
EnterCriticalSection
FormatMessageA
FindNextFileA
lstrcpyA
GetEnvironmentStringsW
FreeLibrary
FindFirstFileA
LoadLibraryW
_lwrite
GetVersion
InitializeCriticalSectionAndSpinCount
DuplicateHandle
CopyFileA
GetACP
GetLocaleInfoA
VirtualProtect
GetSystemTime
TlsSetValue
GetCurrentProcess
GetCurrentDirectoryA
HeapSize
InterlockedIncrement
SetHandleCount
lstrlenW
MoveFileA
GetSystemDirectoryA
InterlockedDecrement
IsDBCSLeadByte
FileTimeToLocalFileTime
GetLogicalDrives
LeaveCriticalSection
GetTempPathA
GetCurrentThread
SetEvent
IsDebuggerPresent
TlsAlloc
DeviceIoControl
WritePrivateProfileStringW
GetOEMCP
GetDateFormatA
GetTickCount
VirtualQuery
InterlockedExchange
IsBadReadPtr
WriteFile
GetTimeFormatA
GetFileAttributesA
LocalFree
VirtualFree
HeapAlloc
GetModuleFileNameW
MapViewOfFile
GlobalAlloc
GetStringTypeW
LocalAlloc
SetThreadPriority
GlobalGetAtomNameA
OpenProcess
GetVersionExA
ExpandEnvironmentStringsW
MulDiv
SetLastError
LockFile
FlushFileBuffers
LCMapStringW
GetProcAddress
FreeEnvironmentStringsA
SetCurrentDirectoryA
HeapValidate
SetEnvironmentVariableA
GetFileSize
GetFullPathNameA
HeapReAlloc
SizeofResource
GetSystemTimeAsFileTime
CreateDirectoryA
SetEndOfFile
CreateFileA
GlobalFlags
UnmapViewOfFile
OpenMutexA
GetConsoleMode
GetProfileStringA
GetCurrentProcessId
GetWindowsDirectoryW
GlobalReAlloc
GetProcessHeap
lstrcpyW
LockResource
IsValidCodePage
WritePrivateProfileSectionA
FreeResource
GetDriveTypeA
FatalAppExitA
EnumResourceLanguagesA
TlsFree
CloseHandle
GetTempFileNameA
OutputDebugStringA
WaitForSingleObject
FreeEnvironmentStringsW
GetVolumeInformationA
LoadLibraryExA
CreateDirectoryW
QueryPerformanceCounter
UnhandledExceptionFilter
GetUserDefaultLCID
HeapCreate
CreateFileMappingA
InitializeCriticalSection
_lread
GetCPInfo
GetConsoleCP
FindResourceA
GetProcessVersion
GetUserDefaultLangID
CompareStringA
WideCharToMultiByte
VirtualAlloc
LoadResource
CreateThread
PeekNamedPipe
RtlUnwind
GetProfileIntA
DeleteFileA
lstrcmpiA
SearchPathA
RaiseException
FindResourceExA
CompareStringW

comctl32

CreatePropertySheetPageW
ImageList_Add
ImageList_GetIcon
ImageList_GetImageCount
ImageList_GetIconSize
ImageList_ReplaceIcon
_TrackMouseEvent
ImageList_AddMasked
ImageList_EndDrag
ImageList_Destroy
InitCommonControlsEx
ImageList_SetImageCount
DestroyPropertySheetPage
CreateStatusWindowW
ImageList_LoadImageA
ImageList_DragLeave
ImageList_Replace
ImageList_DragMove
PropertySheetW
ImageList_GetDragImage
ImageList_SetDragCursorImage
ImageList_LoadImageW
ImageList_Merge
ImageList_GetImageInfo
ImageList_SetOverlayImage
ImageList_Draw
ImageList_Duplicate
ImageList_BeginDrag
ord17
ImageList_Create
PropertySheetA
ImageList_DrawEx
CreatePropertySheetPageA
ImageList_SetBkColor

advapi32

AccessCheck
RegQueryValueExW
InitializeSecurityDescriptor
RegEnumKeyExA
GetUserNameA
RegEnumValueW
GetAce
StartServiceCtrlDispatcherA
RegSetValueExA
DeleteService
RegCreateKeyA
AddAccessAllowedAce
RegSetValueA
RegDeleteValueA
RegQueryInfoKeyA
RegEnumKeyA
RegQueryInfoKeyW
GetFileSecurityA
RegOpenKeyExW
CreateServiceA
OpenServiceA
CryptDestroyKey
InitializeAcl
ReportEventA
RegEnumValueA
RegCloseKey
CryptAcquireContextA
RegCreateKeyExA
IsValidSecurityDescriptor
StartServiceA
RegQueryValueA
LookupPrivilegeValueA
GetTokenInformation
AddAce
RegEnumKeyExW
StartServiceCtrlDispatcherW
CryptGenRandom
QueryServiceConfigW
CryptReleaseContext
RegSetValueExW
OpenProcessToken
AdjustTokenPrivileges
RegCreateKeyExW
SetSecurityDescriptorDacl
GetLengthSid
AllocateAndInitializeSid
MapGenericMask
EqualSid
RegOpenKeyExA
SetFileSecurityA
GetFileSecurityW
GetSecurityDescriptorDacl
OpenSCManagerA
RegisterServiceCtrlHandlerW
GetAclInformation
RegDeleteKeyA
GetSecurityInfo
OpenThreadToken
CopySid
ControlService
RegOpenKeyA
RegQueryValueExA

comdlg32

GetOpenFileNameA
ChooseColorW
GetSaveFileNameW
GetFileTitleW
PrintDlgA
GetOpenFileNameW
PageSetupDlgW
CommDlgExtendedError
PrintDlgW

winspool.drv

DeviceCapabilitiesA
DeletePrintProcessorA
GetJobW
OpenPrinterW
ClosePrinter
EnumPrintersA
DocumentPropertiesW
SetPrinterA
OpenPrinterA
DeletePrinterDriverA
DocumentPropertiesA
GetPrinterDriverA
ord204
DeletePrinter
GetPrinterA

Sections

.text
Size: 212KB - Virtual size: 209KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

44dba910008dedf8c99647c602a2534a

Headers

File Characteristics

Imports

shell32

user32

ole32

kernel32

comctl32

advapi32

comdlg32

winspool.drv

Sections

.text Size: 212KB - Virtual size: 209KB

.rdata Size: 124KB - Virtual size: 120KB

.data Size: 92KB - Virtual size: 110KB

.rsrc Size: 48KB - Virtual size: 47KB

.text
Size: 212KB - Virtual size: 209KB

.rdata
Size: 124KB - Virtual size: 120KB

.data
Size: 92KB - Virtual size: 110KB

.rsrc
Size: 48KB - Virtual size: 47KB