9031eb69ebe220731221e2ee541f197afbeebddf492266c04585cf8529851b4b

Sharing

Copy URL Twitter E-mail

General

Target

9031eb69ebe220731221e2ee541f197afbeebddf492266c04585cf8529851b4b
Size

6.8MB
MD5

257728f8776556c4adf06c5258a3b9f2
SHA1

e10f18d1caf0ef7cfd58fa851f6d6db628854f56
SHA256

9031eb69ebe220731221e2ee541f197afbeebddf492266c04585cf8529851b4b
SHA512

c4a512ca38eee59e094eca8b9ac4c1d81da85ef1adcbe7191aaa31bcfdb1baecac4c0c323785bad562b05b25dd5cb95cca85e533c62d730e4ec1ac5bb257f1d9
SSDEEP

196608:epKxFeYeei2B284i9eJUilQ24zkLAxX1VU4:zxFteenB284LU5cKa4

Score

N/A

Malware Config

Signatures

Files

9031eb69ebe220731221e2ee541f197afbeebddf492266c04585cf8529851b4b
.exe windows x86

422d2a9a772509f16737605501d21afc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoW
Sleep
ExitProcess
HeapFree
HeapAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
RaiseException
HeapReAlloc
SetStdHandle
GetFileType
HeapSize
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
InterlockedExchange
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
InitializeCriticalSectionAndSpinCount
VirtualAlloc
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
CreateFileA
LCMapStringA
GetStringTypeA
GetStringTypeW
GetCurrentDirectoryA
GetDriveTypeA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
GlobalFindAtomW
GlobalDeleteAtom
LoadLibraryA
GetVersionExA
GetModuleHandleA
GlobalAddAtomW
GetCurrentThreadId
GlobalFlags
lstrcmpW
CompareStringW
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
GetCurrentProcessId
lstrlenA
lstrcmpA
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetLocaleInfoA
CompareStringA
GetFileTime
GetFileSizeEx
WaitForSingleObject
InterlockedDecrement
GetModuleFileNameW
GetModuleHandleW
FindNextFileW
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
LocalAlloc
FreeLibrary
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
SetLastError
FileTimeToLocalFileTime
FindClose
FindFirstFileW
FileTimeToSystemTime
UnmapViewOfFile
GetFileSize
LocalFileTimeToFileTime
GetCurrentDirectoryW
ReadFile
SetFileTime
SystemTimeToFileTime
SetFilePointer
SetFileAttributesW
DeleteFileW
CloseHandle
RemoveDirectoryW
lstrlenW
CreateFileW
TerminateProcess
GetFileAttributesW
GetVersionExW
OpenProcess
WriteFile
CreateDirectoryW
GetCurrentProcess
WideCharToMultiByte
GetProcAddress
LoadLibraryW
GetTickCount
LockResource
GetLastError
MultiByteToWideChar
SizeofResource
LoadResource
GetSystemTimeAsFileTime
FindResourceW

user32

DestroyMenu
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
WinHelpW
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
GetClientRect
PostMessageW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
CallWindowProcW
CopyRect
GetMenu
SystemParametersInfoA
IsIconic
GetWindowPlacement
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
SetWindowsHookExW
CallNextHookEx
GetKeyState
PeekMessageW
ValidateRect
SetWindowPos
SetWindowLongW
IsWindow
GetDlgItem
GetFocus
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameW
PtInRect
SetWindowTextW
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
GetWindowThreadProcessId
SendMessageW
GetParent
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxW
GetWindowTextW
CharUpperW
GetSystemMetrics
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
EndPaint
DestroyWindow
PostQuitMessage
DialogBoxParamW
LoadCursorW
BeginPaint
wsprintfW
RegisterClassExW
LoadIconW
EndDialog
LoadStringW
DefWindowProcW
DispatchMessageW

gdi32

GetStockObject
SelectObject
CreateBitmap
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
GetDeviceCaps
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
DeleteObject
SetViewportOrgEx

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegSetValueExW
RegCloseKey
AdjustTokenPrivileges
RegOpenKeyExW
LookupPrivilegeValueW
RegQueryValueExW
RegCreateKeyExW
OpenProcessToken

shell32

SHGetSpecialFolderLocation
ShellExecuteW
SHGetPathFromIDListW

shlwapi

PathStripToRootW
PathIsUNCW
PathFindFileNameW
UrlUnescapeW

ole32

CoCreateInstance
CoUninitialize
CoInitialize
CoTaskMemFree

oleaut32

VariantInit
VariantClear
VariantChangeType

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

iphlpapi

GetAdaptersInfo
GetAdaptersAddresses

netapi32

Netbios

snmpapi

SnmpUtilOidNCmp
SnmpUtilVarBindFree
SnmpUtilOidCpy

psapi

EnumProcessModules
EnumProcesses
GetModuleBaseNameW

ws2_32

WSAStartup

wininet

InternetConnectW
HttpSendRequestW
InternetReadFile
InternetWriteFile
InternetSetFilePointer
HttpOpenRequestW
InternetCanonicalizeUrlW
InternetSetStatusCallbackW
InternetOpenW
InternetGetLastResponseInfoW
InternetCloseHandle
HttpQueryInfoW
HttpAddRequestHeadersW
InternetCrackUrlW
InternetQueryDataAvailable

Sections

.text
Size: 189KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6.5MB - Virtual size: 6.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

422d2a9a772509f16737605501d21afc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

version

iphlpapi

netapi32

snmpapi

psapi

ws2_32

wininet

Sections

.text Size: 189KB - Virtual size: 188KB

.rdata Size: 48KB - Virtual size: 48KB

.data Size: 9KB - Virtual size: 24KB

.rsrc Size: 6.5MB - Virtual size: 6.5MB

.reloc Size: 47KB - Virtual size: 47KB

.text
Size: 189KB - Virtual size: 188KB

.rdata
Size: 48KB - Virtual size: 48KB

.data
Size: 9KB - Virtual size: 24KB

.rsrc
Size: 6.5MB - Virtual size: 6.5MB

.reloc
Size: 47KB - Virtual size: 47KB