de2a1bfb660eae1a61d31715ff6d18b412b25046bfde75b641f622c85b2667e7

Sharing

Copy URL

Twitter E-mail

General

Target

de2a1bfb660eae1a61d31715ff6d18b412b25046bfde75b641f622c85b2667e7
Size

767KB
MD5

4dc69399b42b04ff3fb36074b93ec980
SHA1

d3bec1e23b9065725bfb6d6cf5ee30d4a7a5b49c
SHA256

de2a1bfb660eae1a61d31715ff6d18b412b25046bfde75b641f622c85b2667e7
SHA512

1ca9e316c7bf540905401a3e0cbc863028d08b52e494e0f8eb80d69710b9ad5475101e853b5aed6c16d3bd7e243bdaa7dc53aae447c3871fc6287ff4a3fc54bf
SSDEEP

12288:M7TYBQ+WOXNMhRwN7dy+Aav4ODU1gSPQ6fXVXu1Wf4CccBidC:k8BNM7OxrgODU6QRfQ1WQC3idC

Score

N/A

Malware Config

Signatures

Files

de2a1bfb660eae1a61d31715ff6d18b412b25046bfde75b641f622c85b2667e7
.exe windows x64

3f7e723bd4892df7b7d3574c8cf7a040

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

gdi32

Rectangle
PathToRegion
EndPath
SetBkMode
CreatePen
BeginPath
Polygon
SetBkColor
SetTextColor
CreateSolidBrush
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
DeleteDC
GetStockObject
GetObjectW
GetDeviceCaps
CreateFontIndirectW
DeleteObject

user32

MonitorFromRect
SetCursor
IsWindowEnabled
DrawFocusRect
OffsetRect
LoadImageW
SystemParametersInfoW
EqualRect
SetForegroundWindow
PostMessageW
BringWindowToTop
GetDlgItem
SetProcessDPIAware
SetProcessDefaultLayout
GetActiveWindow
DialogBoxIndirectParamW
RegisterClassExW
LoadCursorW
DefWindowProcW
SetWindowLongW
GetWindowLongW
GetWindowLongPtrW
GetDesktopWindow
ReleaseDC
GetDC
CallWindowProcW
InvalidateRgn
GetClientRect
FillRect
ReleaseCapture
SetCapture
MoveWindow
GetMonitorInfoW
AdjustWindowRectEx
SetRectEmpty
ScreenToClient
GetParent
ClientToScreen
CreateAcceleratorTableW
CreateWindowExW
GetClassInfoExW
DestroyWindow
ValidateRect
DestroyAcceleratorTable
SetWindowPos
CharNextW
DrawEdge
GetClassLongW
SetClassLongW
GetClassLongPtrW
EnumWindows
IsWindowVisible
InternalGetWindowText
GetIconInfoExW
EndDeferWindowPos
FrameRect
PrivateExtractIconsW
FindWindowW
GetSysColor
SendMessageW
GetClassNameW
IsWindow
GetWindow
SetFocus
IsChild
EndPaint
BeginPaint
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
RegisterWindowMessageW
DialogBoxParamW
ShowWindow
MapWindowPoints
GetWindowRect
LoadStringW
GetSysColorBrush
SetDlgItemTextW
DrawTextW
InflateRect
GetSystemMetrics
CreatePopupMenu
InsertMenuItemW
CheckMenuRadioItem
GetMenuItemCount
TrackPopupMenuEx
GetMenuItemInfoW
DestroyMenu
SetWindowRgn
IntersectRect
SetWindowContextHelpId
CreateDialogIndirectParamW
MapDialogRect
InvalidateRect
GetFocus
SetWindowLongPtrW
RedrawWindow
GetDoubleClickTime
GhostWindowFromHungWindow
UnregisterClassA
DeferWindowPos
BeginDeferWindowPos
SetScrollInfo
GetScrollPos
CopyRect
CheckDlgButton
IsDlgButtonChecked
SetRect
EndDialog
EnableWindow
EnumChildWindows
DestroyIcon
CalculatePopupWindowPosition
KillTimer
SendDlgItemMessageW
GetWindowThreadProcessId
GetForegroundWindow
NotifyWinEvent
SetTimer
LoadIconW
PtInRect
SubtractRect
GetDlgCtrlID
PostQuitMessage

msvcrt

memcpy
_CxxThrowException
??_V@YAXPEAX@Z
malloc
free
_wcsicmp
_wtoi
wcstol
??2@YAPEAX_K@Z
memcpy_s
??_U@YAPEAX_K@Z
swprintf_s
_vsnwprintf
memmove_s
calloc
_onexit
_lock
__dllonexit
_unlock
_errno
realloc
??1type_info@@UEAA@XZ
?terminate@@YAXXZ
__set_app_type
_fmode
_commode
__setusermatherr
_amsg_exit
_initterm
_wcmdln
exit
_cexit
_exit
_XcptFilter
__wgetmainargs
iswspace
__C_specific_handler
memset
_isnan
_purecall
_resetstkoflw
vswprintf_s
??3@YAXPEAX@Z
__CxxFrameHandler3
_vscwprintf
memcmp

api-ms-win-core-localregistry-l1-1-0

RegGetValueW
RegCreateKeyExW
RegSetValueExW
RegCloseKey

comctl32

ImageList_ReplaceIcon
ord17
ImageList_Destroy
ImageList_Create
ImageList_SetBkColor
ord381
ImageList_Draw
ImageList_Remove

ole32

PropVariantClear
OleInitialize
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
CoCreateInstance
CreateStreamOnHGlobal
OleLockRunning
StringFromGUID2
OleUninitialize
CoTaskMemAlloc
CoUninitialize
CoInitialize
CoTaskMemFree
CoCreateGuid

oleaut32

SysStringLen
VarBstrCmp
VariantInit
VariantClear
SysAllocString
OleCreateFontIndirect
LoadRegTypeLi
LoadTypeLi
SysStringByteLen
SysAllocStringLen
SysFreeString

shell32

Shell_NotifyIconGetRect
ShellExecuteW
SHGetFileInfoW
CommandLineToArgvW

gdiplus

GdipFillRectangle
GdipCreateFromHDC
GdipDrawLine
GdipFillPath
GdipCreatePath
GdiplusShutdown
GdiplusStartup
GdipDeleteBrush
GdipCreatePen1
GdipDeletePath
GdipAddPathLine
GdipSetSmoothingMode
GdipCreateLineBrush
GdipDeleteGraphics
GdipCreateSolidFill
GdipDeletePen

ntdll

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
EtwEventWrite
EtwTraceMessage
EtwUnregisterTraceGuids
EtwRegisterTraceGuidsW
EtwGetTraceEnableFlags
EtwGetTraceEnableLevel
EtwGetTraceLoggerHandle
EtwEventUnregister
EtwEventRegister

uxtheme

DrawThemeText
BeginBufferedPaint
BufferedPaintSetAlpha
GetThemeColor
DrawThemeParentBackground
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor
DrawThemeParentBackgroundEx
GetThemeTextExtent
SetWindowTheme
IsThemeActive
CloseThemeData
DrawThemeTextEx
DrawThemeBackground
OpenThemeData
BufferedPaintUnInit
BufferedPaintInit
EndBufferedPaint

dwmapi

DwmRegisterThumbnail
DwmIsCompositionEnabled
DwmUpdateThumbnailProperties
DwmSetWindowAttribute
DwmUnregisterThumbnail
DwmQueryThumbnailSourceSize

shlwapi

ord348
PathFindFileNameW
PathParseIconLocationW
ord487
StrTrimW
PathFindExtensionW

imm32

ImmDisableIME

kernel32

GetStartupInfoW
InterlockedPushEntrySList
VirtualAlloc
InterlockedPopEntrySList
VirtualFree
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
DelayLoadFailureHook
LoadLibraryExA
GetProcAddress
FreeLibrary
QueryFullProcessImageNameW
UnregisterWaitEx
GetTickCount
GetExitCodeProcess
OpenProcess
QueueUserWorkItem
LocalFree
FormatMessageW
ResetEvent
WaitForSingleObject
SetUnhandledExceptionFilter
SetThreadPriority
CreateThread
CreateEventW
GetCurrentProcessId
CreateProcessW
QueryPerformanceCounter
MultiByteToWideChar
lstrlenA
FindResourceExW
SizeofResource
Sleep
lstrcmpW
MulDiv
GlobalLock
GlobalUnlock
DeleteCriticalSection
InitializeCriticalSection
lstrlenW
GetModuleFileNameW
FindResourceW
LoadResource
LockResource
GlobalAlloc
GlobalHandle
SetLastError
RaiseException
HeapSetInformation
GlobalFree
CloseHandle
GetLastError
CreateMutexW
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
SetEvent
GetModuleHandleW
ExpandEnvironmentStringsW
LoadLibraryExW
FreeResource
GetUserDefaultUILanguage
EnumUILanguagesW
GetLocaleInfoW
OutputDebugStringA
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
RegisterWaitForSingleObject

Sections

.text
Size: 187KB - Virtual size: 187KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.vmp0
Size: 500KB - Virtual size: 1.8MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3f7e723bd4892df7b7d3574c8cf7a040

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

user32

msvcrt

api-ms-win-core-localregistry-l1-1-0

comctl32

ole32

oleaut32

shell32

gdiplus

ntdll

uxtheme

dwmapi

shlwapi

imm32

kernel32

Sections

.text Size: 187KB - Virtual size: 187KB

.data Size: 2KB - Virtual size: 7KB

.pdata Size: 8KB - Virtual size: 8KB

.rsrc Size: 65KB - Virtual size: 65KB

.reloc Size: 2KB - Virtual size: 1KB

.vmp0 Size: 500KB - Virtual size: 1.8MB

.text
Size: 187KB - Virtual size: 187KB

.data
Size: 2KB - Virtual size: 7KB

.pdata
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 65KB - Virtual size: 65KB

.reloc
Size: 2KB - Virtual size: 1KB

.vmp0
Size: 500KB - Virtual size: 1.8MB