f58e9d694403fa9c9b5cc7de5913c4669f5c02e9ae96f38299f45bd9ea2c609b

Sharing

Copy URL Twitter E-mail

General

Target

f58e9d694403fa9c9b5cc7de5913c4669f5c02e9ae96f38299f45bd9ea2c609b
Size

2.2MB
MD5

3ef47375019868e38707d69cb728df55
SHA1

d48daed3c1d244b183bb24245ae08845405c0e31
SHA256

f58e9d694403fa9c9b5cc7de5913c4669f5c02e9ae96f38299f45bd9ea2c609b
SHA512

8024a2708fcc230c7e6cabde05bc0244c6ce1f5feda3b392d0df31ea251b6632ef405f666bc6a5fbdf54ae61f6d36e55863f426deabaf36087f700c448d96be0
SSDEEP

49152:Dz54zMevk0wKzCRbrq1I3FnNYOf964xGoAQe44s+9GpAVXZRg4Ym+3x:Os0wKqbrq1I3ZNYOf964gQe45+9GpAVY

Score

N/A

Malware Config

Signatures

Files

f58e9d694403fa9c9b5cc7de5913c4669f5c02e9ae96f38299f45bd9ea2c609b
.exe windows x86

50b08f331da14be59c687c777ad6639f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleCP
GetStringTypeW
GetConsoleMode
CreateFileA
SetEnvironmentVariableA
GetDriveTypeW
WriteConsoleW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetTimeZoneInformation
LCMapStringW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
QueryPerformanceCounter
HeapCreate
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
SetUnhandledExceptionFilter
GetFileType
SetStdHandle
VirtualQuery
GetSystemInfo
VirtualAlloc
HeapQueryInformation
HeapSize
CreateThread
ExitThread
ExitProcess
RaiseException
RtlUnwind
HeapReAlloc
HeapAlloc
HeapFree
GetSystemTimeAsFileTime
DecodePointer
EncodePointer
HeapSetInformation
GetCommandLineW
FindResourceExW
VirtualProtect
GetUserDefaultLCID
GetProfileIntW
GetTickCount
SearchPathW
GetTempPathW
GetTempFileNameW
GetNumberFormatW
GetFileTime
GetFileSizeEx
GetFileAttributesExW
SetErrorMode
InitializeCriticalSectionAndSpinCount
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
InterlockedIncrement
GlobalGetAtomNameW
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
DeleteFileW
FileTimeToLocalFileTime
FindFirstFileW
FindNextFileW
FindClose
FileTimeToSystemTime
GetThreadLocale
WaitForSingleObject
ResumeThread
SetThreadPriority
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringA
InterlockedExchange
InterlockedDecrement
ReleaseActCtx
CreateActCtxW
GetCurrentProcessId
lstrcmpA
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
lstrcmpW
GlobalFree
CopyFileW
GlobalSize
FormatMessageW
LocalFree
lstrcmpiW
GetWindowsDirectoryW
MulDiv
WinExec
WriteFile
CreateFileW
GlobalUnlock
GlobalLock
GlobalAlloc
Sleep
GetFileAttributesW
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
SetCurrentDirectoryW
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
ReadFile
CloseHandle
CreateProcessW
GetStartupInfoW
CreatePipe
LeaveCriticalSection
EnterCriticalSection
OutputDebugStringW
FreeLibrary
LoadLibraryExW
GetVersionExW
GetCurrentDirectoryW
GetModuleFileNameW
FindResourceW
LoadResource
LockResource
SizeofResource
lstrcatW
lstrcpyW
lstrlenW
ActivateActCtx
GetProcAddress
GetModuleHandleW
LoadLibraryW
GetLastError
DeactivateActCtx
SetLastError
GetProcessHeap

user32

MessageBeep
RedrawWindow
IsZoomed
PostQuitMessage
IntersectRect
EndPaint
BeginPaint
GetWindowDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
MoveWindow
IsDialogMessageW
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
DestroyMenu
GetMenuItemInfoW
InflateRect
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
SetWindowsHookExW
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetWindowTextLengthW
GetForegroundWindow
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
PeekMessageW
MonitorFromWindow
GetMonitorInfoW
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
IsWindowVisible
CreateWindowExW
GetClassInfoExW
RegisterClassW
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
CallWindowProcW
GetMenu
GetWindow
MapVirtualKeyW
GetKeyNameTextW
GetMenuStringW
MapDialogRect
RemoveMenu
GetMenuState
GetMenuItemID
GetWindowRgn
GetMenuItemCount
IsRectEmpty
IsWindowEnabled
ChildWindowFromPoint
WindowFromPoint
SetWindowRgn
EqualRect
GetCursorPos
DefWindowProcW
GetClassInfoW
SetRectEmpty
LoadCursorW
SetCursor
LoadImageW
DestroyCursor
DestroyIcon
CopyIcon
CreateIconIndirect
GetIconInfo
SetWindowPos
SystemParametersInfoW
SetWindowLongW
SetActiveWindow
SetFocus
SetForegroundWindow
GetWindowThreadProcessId
GetWindowLongW
GetClassNameW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
MessageBoxW
ShowWindow
GetDoubleClickTime
CreateMenu
BringWindowToTop
CallNextHookEx
ClientToScreen
GetSubMenu
GetParent
SendMessageW
EnableWindow
SetWindowTextW
GetWindowTextW
SetRect
SetParent
TranslateAcceleratorW
DrawIcon
IsIconic
GetWindowRect
AppendMenuW
GetSystemMenu
LoadAcceleratorsW
LoadMenuW
LoadIconW
PtInRect
IsWindow
SetWindowContextHelpId
ValidateRect
GetActiveWindow
GetMessageW
ShowOwnedPopups
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamW
GetDesktopWindow
DrawStateW
CharUpperW
GetSysColorBrush
RealChildWindowFromPoint
UnregisterClassW
ScreenToClient
GetMessagePos
SetTimer
MapWindowPoints
ReleaseCapture
GetCapture
KillTimer
ReleaseDC
GetDC
OffsetRect
SetCapture
GetFocus
WaitMessage
DeleteMenu
EnumDisplayMonitors
SetLayeredWindowAttributes
InsertMenuW
SubtractRect
CharUpperBuffW
GetUpdateRect
FrameRect
TranslateMessage
DispatchMessageW
PostMessageW
GetKeyState
GetClientRect
RegisterWindowMessageW
CopyRect
GetSysColor
FillRect
DrawFocusRect
GetSystemMetrics
DrawFrameControl
InvalidateRect
UpdateWindow
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
IsClipboardFormatAvailable
MapVirtualKeyExW
IsCharLowerW
SetCursorPos
DrawEdge
DrawIconEx
HideCaret
InvertRect
GetMenuDefaultItem
PostThreadMessageW
UpdateLayeredWindow
EnableScrollBar
UnionRect
GetNextDlgGroupItem
InvalidateRgn
CharNextW
CopyImage
RegisterClipboardFormatW
EnumChildWindows
LockWindowUpdate
IsMenu
MonitorFromPoint
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
SetClassLongW
CreatePopupMenu
NotifyWinEvent
CreateAcceleratorTableW
DestroyAcceleratorTable
GetAsyncKeyState
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
CopyAcceleratorTableW
SetMenuDefaultItem

gdi32

CombineRgn
OffsetRgn
CreateRoundRectRgn
CreatePolygonRgn
CopyMetaFileW
CreateDCW
CreateRectRgnIndirect
PatBlt
SaveDC
RestoreDC
SetPolyFillMode
SetROP2
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
SetTextAlign
GetLayout
SetLayout
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
GetStockObject
SelectPalette
CreateRectRgn
GetObjectType
CreateHatchBrush
SetRectRgn
GetMapMode
DPtoLP
CreateEllipticRgn
LPtoDP
Ellipse
GetBkColor
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetRgnBox
GetTextColor
SetDIBColorTable
GetDIBits
RealizePalette
SetPixel
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
Polyline
Polygon
EnumFontFamiliesExW
GetWindowOrgEx
PtInRegion
GetBoundsRect
GetViewportOrgEx
ExtFloodFill
SetPaletteEntries
GetTextFaceW
SetPixelV
FillRgn
SelectClipRgn
FrameRgn
GetDeviceCaps
TextOutW
SetTextJustification
SetBkColor
SetBkMode
CreateFontIndirectW
LineTo
MoveToEx
SetTextColor
StretchBlt
CreateBitmap
GetObjectW
BitBlt
SelectObject
CreateDIBSection
DeleteObject
DeleteDC
Rectangle
CreateCompatibleBitmap
CreateCompatibleDC
GetTextMetricsW
ExtTextOutW
CreateSolidBrush
CreatePen
GetTextExtentPoint32W

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegQueryValueW
RegCloseKey
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyW
RegEnumValueW
RegOpenKeyExW
RegEnumKeyExW

shell32

SHAppBarMessage
SHGetPathFromIDListW
ShellExecuteW
SHGetFileInfoW
SHGetDesktopFolder
SHGetMalloc
SHGetSpecialFolderLocation
DragQueryFileW
DragFinish
SHBrowseForFolderW

comctl32

ImageList_GetIconSize
ImageList_DrawEx
InitCommonControlsEx
ord17
ImageList_GetImageCount
ImageList_GetIcon

shlwapi

PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFileExistsA
PathRemoveFileSpecW

ole32

OleCreateMenuDescriptor
CoInitializeEx
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleGetClipboard
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleDestroyMenuDescriptor
OleLockRunning
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
RevokeDragDrop
OleRun
CLSIDFromString
CoLockObjectExternal
OleTranslateAccelerator
IsAccelerator
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CLSIDFromProgID
CoUninitialize
CoInitialize
CoTaskMemFree
CoCreateInstance
CoRegisterMessageFilter
CoRevokeClassObject
CreateStreamOnHGlobal
RegisterDragDrop

oleaut32

SysAllocString
VariantCopy
SysAllocStringLen
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
VarBstrFromDate
OleCreateFontIndirect
VariantChangeType
SysFreeString
GetActiveObject
VariantClear
VariantInit

oledlg

OleUIBusyW

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipCloneImage
GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdiplusShutdown
GdipDrawImageRectI

jsqlitevs9

?getTable@CppSQLite3DB@@QAE?AVCppSQLite3Table@@PBD@Z
?numRows@CppSQLite3Table@@QAEHXZ
?setRow@CppSQLite3Table@@QAEXH@Z
?numFields@CppSQLite3Table@@QAEHXZ
?fieldIsNull@CppSQLite3Table@@QAE_NH@Z
?fieldValue@CppSQLite3Table@@QAEPBDH@Z
?tableExists@CppSQLite3DB@@QAE_NPBD@Z
?execDML@CppSQLite3DB@@QAEHPBD@Z
??0CppSQLite3DB@@QAE@XZ
??1CppSQLite3DB@@UAE@XZ
?close@CppSQLite3DB@@QAEXXZ
?open@CppSQLite3DB@@QAEXPBD@Z
??1CppSQLite3Table@@UAE@XZ

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 384KB - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

50b08f331da14be59c687c777ad6639f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

jsqlitevs9

oleacc

imm32

winmm

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 384KB - Virtual size: 384KB

.data Size: 27KB - Virtual size: 62KB

.rsrc Size: 97KB - Virtual size: 97KB

.reloc Size: 192KB - Virtual size: 191KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 384KB - Virtual size: 384KB

.data
Size: 27KB - Virtual size: 62KB

.rsrc
Size: 97KB - Virtual size: 97KB

.reloc
Size: 192KB - Virtual size: 191KB