d6cafd48a2084f266b9be823184594b0f572de7b30206e594d291d7b0f798ba5

Sharing

Copy URL Twitter E-mail

General

Target

d6cafd48a2084f266b9be823184594b0f572de7b30206e594d291d7b0f798ba5
Size

173KB
MD5

29c62e259f8c2000a84dbd15df598137
SHA1

8b30d89ee039223a9175b1bbf675bd13b1d9a48e
SHA256

d6cafd48a2084f266b9be823184594b0f572de7b30206e594d291d7b0f798ba5
SHA512

8bb8b792cf2368786a8985feb52211798273a4648a98d97c505542c4783aed04ac0e3f261753d17f4c02f0c4e61faaa6321166a0a079dc96ee9a8cf3c98e3993
SSDEEP

3072:MAAgOkCpsAGY+ZohLGuj/vGcM1tScGW0T4JgcVkBHgIoEL1SWXXvWTrsjxqtNo8y:SzsHohLHvGOcGW0T4JjYAIoE5Rn+TwWq

Score

N/A

Malware Config

Signatures

Files

d6cafd48a2084f266b9be823184594b0f572de7b30206e594d291d7b0f798ba5
.exe windows x86

84690f6f853a37fd0a3b1c53fa63471b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
BackupRead
AddAtomA
GetLastError

shlwapi

PathRemoveFileSpecW

secur32

InitializeSecurityContextW
FreeCredentialsHandle
DeleteSecurityContext
DecryptMessage
GetUserNameExW
QuerySecurityPackageInfoW
EncryptMessage
AcquireCredentialsHandleW
FreeContextBuffer

user32

DefWindowProcW
GetAsyncKeyState
OpenClipboard
CloseWindow
DlgDirListW
CallWindowProcW
UpdateWindow
GetCapture
SendInput
UnionRect
SetWindowPos
CallNextHookEx
EndPaint
SendMessageW
DefDlgProcW
SetWindowTextW
ShowCursor
ClientToScreen
GetLastInputInfo
CountClipboardFormats
IsChild
RegisterHotKey
GetKeyboardType
KillTimer
EnumClipboardFormats
LoadStringW
PtInRect
FindWindowW
IsZoomed
GetDlgItem
IsClipboardFormatAvailable
RegisterClipboardFormatW
CharNextW
GetClipboardData
RegisterDeviceNotificationW
FillRect
SetClipboardData
LockWindowUpdate
GetMessageExtraInfo
GetMessageW
IsWindowEnabled
GetKeyboardLayoutNameW
CreateCursor
IsWindow
EndDialog
OffsetRect
GetClipboardViewer
LoadCursorW
UnregisterDeviceNotification
AttachThreadInput
CreateWindowExW
SetCursorPos
GetActiveWindow
CharLowerW
SetCapture
CopyIcon
AdjustWindowRect
IsWindowVisible
MapVirtualKeyW
SetWindowRgn
EmptyClipboard
GetWindowRect
MessageBeep
SystemParametersInfoW
EnableWindow
SetRect
DialogBoxParamW
GetRawInputData
DrawTextW
DestroyWindow
PostQuitMessage
GetLastActivePopup
RedrawWindow
EnumPropsA
CreateDialogParamW
SetScrollInfo
PostThreadMessageW
GetFocus
GetWindowThreadProcessId
SetScrollPos
BeginDeferWindowPos
CheckDlgButton
GetClientRect
GetKeyboardLayoutNameA
ReleaseCapture
keybd_event
CharPrevW
SetClipboardViewer
ShowScrollBar
SetTimer
RegisterWindowMessageW
EnableMenuItem
DrawIconEx
RegisterClassExW
GetClassInfoW
ShowWindow
GetSysColor
DispatchMessageW
CreateIconIndirect
EndDeferWindowPos
SetForegroundWindow
SetRectEmpty
GetSysColorBrush
GetKeyState
DestroyCursor
GetParent
GetWindow
MapWindowPoints
SystemParametersInfoA
GetDesktopWindow
SetWindowLongW
SetCursor
BeginPaint
GetWindowPlacement
FindWindowExW
GetWindowLongW
InvalidateRect
SetActiveWindow
GetMonitorInfoW
GetSystemMetrics
wsprintfW
GetSystemMenu
GetWindowTextW
GetKeyboardLayout
SetParent
SetDlgItemTextW
GetClassNameW
ScreenToClient
LoadImageW
DeferWindowPos
GetForegroundWindow
MonitorFromWindow
SetWindowPlacement
FlashWindow
EqualRect
PeekMessageW
GetWindowDC
BringWindowToTop
SetWindowsHookExW
GetClassInfoExW
IntersectRect
DestroyAcceleratorTable
GetKeyboardState
ReleaseDC
DestroyIcon
RegisterRawInputDevices
ChangeClipboardChain
RegisterClassW
MsgWaitForMultipleObjectsEx
GetGUIThreadInfo
PostMessageW
CloseClipboard
IsDlgButtonChecked
InflateRect
LoadIconW
GetClipboardFormatNameW
SetFocus
MoveWindow
UnregisterClassW
UnhookWindowsHookEx
GetCursorPos
GetDC
CopyRect

wtsapi32

WTSRegisterSessionNotification
WTSUnRegisterSessionNotification

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

netapi32

NetApiBufferFree
NetGetJoinInformation

urlmon

CopyStgMedium

cryptui

CryptUIDlgViewCertificateW

ole32

ReleaseStgMedium
OleRegGetUserType
StringFromCLSID
OleSaveToStream
CLSIDFromString
OleGetClipboard
CoGetMalloc
OleLoadFromStream
CoTaskMemRealloc
OleRegEnumVerbs
CoTaskMemFree
CoInitializeEx
CoCreateInstance
OleInitialize
CoTaskMemAlloc
CoInitialize
WriteClassStm
OleRegGetMiscStatus
CoUninitialize
CreateOleAdviseHolder
OleUninitialize
OleIsCurrentClipboard
CreateDataAdviseHolder
OleSetClipboard

crypt32

CryptStringToBinaryW
CertFindExtension
CryptMsgUpdate
CertGetEnhancedKeyUsage
CryptDecodeObject
CertFreeCertificateContext
CertFindCertificateInStore
CertVerifyCertificateChainPolicy
CryptMsgOpenToDecode
CryptBinaryToStringW
CertFreeCertificateChain
CertDuplicateCertificateChain
CertOpenStore
CertCreateCertificateContext
CertGetNameStringW
CryptProtectData
CertGetCertificateChain
CertCloseStore
CertGetCertificateContextProperty
CertVerifySubjectCertificateContext
CertDuplicateCertificateContext
CertCompareCertificate
CryptMsgClose
CertAddCertificateContextToStore
CryptVerifyDetachedMessageSignature
CryptSignMessage

winmm

waveOutGetVolume
waveOutSetVolume
waveOutReset
waveOutUnprepareHeader
waveOutOpen
waveOutPrepareHeader
waveOutGetPitch
waveOutClose
waveOutWrite

rpcrt4

CStdStubBuffer_QueryInterface
CStdStubBuffer_Connect
IUnknown_Release_Proxy
IUnknown_QueryInterface_Proxy
MesEncodeDynBufferHandleCreate
NdrDllCanUnloadNow
CStdStubBuffer_Invoke
IUnknown_AddRef_Proxy
MesDecodeBufferHandleCreate
MesHandleFree
CStdStubBuffer_AddRef
CStdStubBuffer_CountRefs
NdrMesTypeDecode2
NdrOleFree
CStdStubBuffer_DebugServerRelease
NdrCStdStubBuffer_Release
NdrOleAllocate
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_Disconnect
CStdStubBuffer_IsIIDSupported
NdrDllGetClassObject
NdrMesTypeFree2
NdrDllRegisterProxy
NdrDllUnregisterProxy
NdrMesTypeEncode2

verifier

VerifierSetFlags

msimg32

GradientFill

wininet

InternetGetCookieW

advapi32

SetFileSecurityW
RegFlushKey
TraceMessage
RegOpenKeyExA
CredWriteW
RegCloseKey
CryptGenRandom
GetTraceLoggerHandle
CredUnmarshalCredentialW
RegEnumKeyExA
RegOpenKeyExW
UnregisterTraceGuids
RegConnectRegistryW
RegCreateKeyExA
CredReadDomainCredentialsW
RegQueryValueExA
RegEnumKeyExW
GetTraceEnableLevel
CredGetSessionTypes
GetSecurityDescriptorLength
RegDeleteValueW
RegSetValueExW
RegQueryInfoKeyW
RegDeleteKeyW
RegDeleteValueA
CryptAcquireContextW
GetUserNameW
RegOpenKeyA
RegCreateKeyExW
GetUserNameA
GetTraceEnableFlags
RegCreateKeyW
RegisterTraceGuidsW
RegQueryInfoKeyA
CryptReleaseContext
CredDeleteW
RegSetValueExA
RegEnumValueW
CredReadW
RegOpenKeyW
GetFileSecurityW
CredFree
RegQueryValueExW
CredWriteDomainCredentialsW

credui

CredUIParseUserNameW
CredUIPromptForCredentialsW

shell32

Shell_NotifyIconW
DragQueryFileW
SHFileOperationW
ExtractIconW
SHAppBarMessage

setupapi

SetupDiGetClassDevsW
SetupDiGetDeviceRegistryPropertyW
SetupDiOpenClassRegKeyExW
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiOpenDeviceInfoW
SetupDiGetDeviceInstanceIdW
SetupDiDestroyDeviceInfoList
SetupDiOpenDevRegKey
SetupDiCreateDeviceInfoList
SetupDiEnumDeviceInfo

ws2_32

freeaddrinfo
WSALookupServiceNextW
WSANSPIoctl
WSALookupServiceBeginW
WSAIoctl
WSALookupServiceEnd
getaddrinfo

iphlpapi

GetBestInterfaceEx

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 382KB - Virtual size: 382KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

84690f6f853a37fd0a3b1c53fa63471b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shlwapi

secur32

user32

wtsapi32

version

netapi32

urlmon

cryptui

ole32

crypt32

winmm

rpcrt4

verifier

msimg32

wininet

advapi32

credui

shell32

setupapi

ws2_32

iphlpapi

Sections

.text Size: 1KB - Virtual size: 1KB

.data Size: 43KB - Virtual size: 1.9MB

.idata Size: 10KB - Virtual size: 10KB

.reloc Size: 512B - Virtual size: 28B

.rdata Size: 13KB - Virtual size: 12KB

.rsrc Size: 382KB - Virtual size: 382KB

.text
Size: 1KB - Virtual size: 1KB

.data
Size: 43KB - Virtual size: 1.9MB

.idata
Size: 10KB - Virtual size: 10KB

.reloc
Size: 512B - Virtual size: 28B

.rdata
Size: 13KB - Virtual size: 12KB

.rsrc
Size: 382KB - Virtual size: 382KB