5d874fa57245aa30b4e5253b94e3418800967e98891dd772397ec2efc7244b1a

Sharing

Copy URL

Twitter E-mail

General

Target

5d874fa57245aa30b4e5253b94e3418800967e98891dd772397ec2efc7244b1a
Size

1.5MB
MD5

9cd6e11f463cd735418df5ed96cc6f80
SHA1

8414cba7c07e9db74a64983008340559efb727ec
SHA256

5d874fa57245aa30b4e5253b94e3418800967e98891dd772397ec2efc7244b1a
SHA512

e9fd6ddb4882d9199145660fce6ebe9fe74d8761ea7d66942baf0fd51b931453a0c84b6afd81da98250159dcf9eb2a9953fce2db2e5058d34724c82b74da4688
SSDEEP

24576:Dw64nZgUOL/Rt3jzEPJNnNBRJzFvnw+caw0NIyZKj:q2HYxBRPjIL

Score

N/A

Malware Config

Signatures

Files

5d874fa57245aa30b4e5253b94e3418800967e98891dd772397ec2efc7244b1a
.exe windows x86

d74c0946b95b025c8537a8d808607af1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GetModuleFileNameW
GetCurrentDirectoryA
GlobalFlags
GetVersionExA
lstrcmpW
GlobalFindAtomA
GlobalGetAtomNameA
FreeResource
MoveFileA
GetFileSize
GetThreadLocale
DuplicateHandle
GetCurrentProcess
GetVolumeInformationA
GetFullPathNameA
GetShortPathNameA
CreateFileA
GetAtomNameA
FileTimeToSystemTime
SystemTimeToFileTime
SetErrorMode
GetCPInfo
GetOEMCP
FileTimeToLocalFileTime
LocalFileTimeToFileTime
SetFileTime
SetFileAttributesA
GetFileAttributesA
GetFileTime
HeapAlloc
HeapFree
HeapReAlloc
VirtualProtect
VirtualAlloc
VirtualQuery
RtlUnwind
GetCommandLineA
GetProcessHeap
GetStartupInfoA
GetDriveTypeA
EnterCriticalSection
GetSystemTimeAsFileTime
GetLocalTime
SetLocalTime
GetTimeFormatA
GetDateFormatA
GetFileType
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetTimeZoneInformation
ExitProcess
ExitThread
HeapSize
FatalAppExitA
VirtualFree
HeapDestroy
HeapCreate
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetTickCount
DebugBreak
SetCurrentDirectoryA
GetACP
LCMapStringA
LCMapStringW
GetConsoleCP
GetConsoleMode
SetStdHandle
SetConsoleCtrlHandler
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
GetLocaleInfoW
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetCurrentProcessId
GlobalAddAtomA
CreateEventA
SuspendThread
ResumeThread
SetThreadPriority
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
LoadLibraryA
lstrcmpA
FreeLibrary
GlobalDeleteAtom
GetModuleHandleA
GetProcAddress
GlobalFree
CopyFileA
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
LocalFree
FindResourceA
LoadResource
LockResource
SizeofResource
MulDiv
LockFile
LockFileEx
UnlockFile
GetSystemInfo
FindFirstFileW
FindNextFileW
ResetEvent
SignalObjectAndWait
ReleaseMutex
CreateMutexW
SetEvent
CreateThread
GetSystemTime
CreateFileMappingW
OpenFileMappingW
GetTempPathW
FlushFileBuffers
GetFileInformationByHandle
GetDiskFreeSpaceW
WriteFile
ReadFile
SetFilePointer
SetEndOfFile
CreateFileW
GetFileAttributesW
MoveFileW
MoveFileExW
DeleteFileW
GetCurrentThreadId
GetVersionExW
FormatMessageA
SetLastError
PulseEvent
InterlockedIncrement
WaitForSingleObject
InterlockedDecrement
CreateEventW
FindFirstFileA
FindNextFileA
FindClose
InterlockedCompareExchange
RemoveDirectoryA
OpenFileMappingA
MapViewOfFile
UnmapViewOfFile
CloseHandle
GetWindowsDirectoryA
GetModuleFileNameA
Sleep
DeleteFileA
GetStringTypeExW
GetStringTypeExA
GetEnvironmentVariableW
GetEnvironmentVariableA
lstrlenA
lstrcmpiW
lstrcmpiA
CompareStringW
CompareStringA
lstrlenW
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
CreateDirectoryA
InterlockedExchange

user32

SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
GetClientRect
GetMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
CopyRect
GetScrollInfo
SetScrollInfo
SetWindowPlacement
DefWindowProcA
CallWindowProcA
SetWindowLongA
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
EndPaint
BeginPaint
GetWindowDC
ScreenToClient
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
GetDesktopWindow
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameA
PtInRect
GetWindowTextA
SetWindowTextA
DeleteMenu
LoadCursorA
InflateRect
GetDC
ReleaseDC
TrackPopupMenu
GetSysColorBrush
UnhookWindowsHookEx
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
ShowOwnedPopups
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
GetParent
SendMessageA
ModifyMenuA
EnableMenuItem
CheckMenuItem
PostMessageA
UnregisterClassA
DestroyIcon
ScrollWindowEx
ShowWindow
MoveWindow
IsDialogMessageA
PostQuitMessage
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
PostThreadMessageA
MessageBoxA
CharUpperW
CharUpperA
CharLowerW
CharLowerA
TrackPopupMenuEx
GetDialogBaseUnits
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
DestroyMenu
GetSysColor
GetMenuItemInfoA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
IsWindow
SetFocus
GetWindowTextLengthA
GetForegroundWindow
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
GetSystemMetrics
ScrollWindow
SetWindowPos

gdi32

SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
LineTo
MoveToEx
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
SetArcDirection
SetColorAdjustment
SelectClipRgn
GetClipRgn
CreateRectRgn
SelectClipPath
GetObjectA
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
StartDocA
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
ModifyWorldTransform
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
DeleteDC
CreateDIBPatternBrushPt
CreatePatternBrush
CreateCompatibleDC
GetStockObject
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
GetDCOrgEx
CreateFontIndirectA
GetTextExtentPoint32A
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
PatBlt
DPtoLP
GetTextMetricsA
SetWorldTransform
SetGraphicsMode
SetTextColor
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
DeleteObject
CreateBitmap
CreateDCA
SetWindowOrgEx
GetDeviceCaps
CopyMetaFileA

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyA
RegSetValueA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyExA
RegQueryValueExA
RegDeleteValueA
RegCloseKey
RegCreateKeyA

shell32

SHGetFileInfoA
ExtractIconA

shlwapi

PathFindExtensionA
PathRemoveExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA

ole32

CoTaskMemFree
SetConvertStg
WriteFmtUserTypeStg
WriteClassStg
OleRegGetUserType
ReadFmtUserTypeStg
ReadClassStg
StringFromCLSID
CoTreatAsClass
CreateBindCtx
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CoDisconnectObject
CoCreateInstance
StringFromGUID2
CLSIDFromString

oleaut32

SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
SysStringByteLen
SysStringLen
SysAllocStringByteLen
SysFreeString
SafeArrayCreate
SafeArrayRedim
VariantCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
SysReAllocStringLen
VarDateFromStr
VarBstrFromCy
VarBstrFromDec
VarDecFromStr
VarCyFromStr
VarBstrFromDate
SafeArrayGetElemsize

ws2_32

bind
listen
htons
ntohl
accept
WSACloseEvent
setsockopt
htonl
socket
connect
closesocket
WSACreateEvent
WSAWaitForMultipleEvents
gethostbyname
inet_addr
send
WSAEnumNetworkEvents
WSACleanup
WSASetLastError
WSAGetLastError
gethostname
ntohs
ioctlsocket
WSAStartup
WSASend
WSARecv
WSAEventSelect

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 164KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didat
Size: 4KB - Virtual size: 793B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d74c0946b95b025c8537a8d808607af1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

ws2_32

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 164KB - Virtual size: 161KB

.data Size: 16KB - Virtual size: 29KB

.idata Size: 16KB - Virtual size: 15KB

.didat Size: 4KB - Virtual size: 793B

.rsrc Size: 48KB - Virtual size: 44KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 164KB - Virtual size: 161KB

.data
Size: 16KB - Virtual size: 29KB

.idata
Size: 16KB - Virtual size: 15KB

.didat
Size: 4KB - Virtual size: 793B

.rsrc
Size: 48KB - Virtual size: 44KB