7024b31b86339a886054517e4887f1b45cf2b783d6971afa05426889c2a8377b

Sharing

Copy URL Twitter E-mail

General

Target

7024b31b86339a886054517e4887f1b45cf2b783d6971afa05426889c2a8377b
Size

8.7MB
MD5

9722a6de42f64f96bc90dbb478e3f7fa
SHA1

a046d18be0041af9ccaf3a6b3d01f4ce029803b2
SHA256

7024b31b86339a886054517e4887f1b45cf2b783d6971afa05426889c2a8377b
SHA512

c7349152a086f29ce0e061819dab78c0b5df2bf4838b16d84113d44205b29a3309cee2ecef2ac54677243bf96add3eddcc8061a97020b4055fd5841437d1858c
SSDEEP

196608:AuXu7R6DZZJ9MXuLFEO2wM57PqUFaIFaVdMi1RM8KvS:a4D7HMeLFEO2wM57KyiLMu

Score

N/A

Malware Config

Signatures

Files

7024b31b86339a886054517e4887f1b45cf2b783d6971afa05426889c2a8377b
.exe windows x86

cf55049bcdd0af426af9913d8367607d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThread
GetProcessAffinityMask
GetCurrentProcessId
SetUnhandledExceptionFilter
OutputDebugStringA
SetLastError
ReadProcessMemory
GetEnvironmentVariableA
GetFileAttributesA
GetModuleFileNameA
GetCurrentDirectoryA
ResumeThread
GetThreadContext
SuspendThread
IsBadReadPtr
ResetEvent
GetTickCount
CopyFileW
MoveFileExW
FileTimeToDosDateTime
FileTimeToLocalFileTime
lstrlenA
GetFileTime
VirtualQuery
GlobalMemoryStatus
GetSystemTimeAsFileTime
CreateProcessW
IsDebuggerPresent
SetErrorMode
WritePrivateProfileStringW
HeapValidate
TerminateThread
WaitForMultipleObjects
GlobalUnlock
FindFirstFileW
FindNextFileW
RemoveDirectoryW
DeleteFileW
FindClose
WriteFile
GetFileAttributesW
GetConsoleOutputCP
WriteConsoleA
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoW
GetProcessHeap
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
SetFileAttributesW
GetConsoleCP
SetStdHandle
InitializeCriticalSectionAndSpinCount
SetHandleCount
IsValidCodePage
GetOEMCP
GetACP
HeapSize
HeapCreate
GetCPInfo
LCMapStringW
LCMapStringA
GetTimeZoneInformation
GetConsoleMode
SetConsoleMode
ReadConsoleInputA
GetDriveTypeA
PeekNamedPipe
GetTempPathW
FileTimeToSystemTime
WriteConsoleW
GetStartupInfoA
SetThreadAffinityMask
DuplicateHandle
ExitThread
TerminateProcess
ExitProcess
UnhandledExceptionFilter
SetConsoleCtrlHandler
RtlUnwind
HeapFree
HeapReAlloc
HeapAlloc
InterlockedDecrement
InterlockedIncrement
CreateSemaphoreW
CreateMutexW
GetModuleHandleW
SignalObjectAndWait
GetThreadLocale
FlushConsoleInputBuffer
FindFirstFileA
GetStdHandle
GetFileType
GetVersion
GetSystemDirectoryA
OpenEventA
VirtualAlloc
VirtualFree
UnmapViewOfFile
CreateFileA
CreateFileMappingA
MapViewOfFile
GetFileSize
GetLastError
ReadFile
CreateFileW
SetEndOfFile
SetFilePointer
GetCurrentThreadId
SleepEx
CreateThread
SetThreadPriority
RaiseException
ReleaseMutex
WaitForSingleObject
CreateMutexA
TryEnterCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
SetEvent
CreateEventA
QueryPerformanceFrequency
QueryPerformanceCounter
FormatMessageA
LocalFree
GetFullPathNameW
ReleaseSemaphore
WaitForSingleObjectEx
Sleep
CloseHandle
CreateSemaphoreA
LoadLibraryW
LoadLibraryA
GetProcAddress
FreeLibrary
WideCharToMultiByte
CreateDirectoryW
MultiByteToWideChar
TlsSetValue
lstrcmpiA
GetFullPathNameA
InterlockedExchange
InterlockedCompareExchange
GetUserDefaultLangID
GlobalMemoryStatusEx
GetSystemInfo
GetVersionExA
GetModuleHandleA
GetCurrentProcess
ExpandEnvironmentStringsA
CreateEventW
GetOverlappedResult
CancelIo
GetCommandLineA
GetComputerNameW
TlsGetValue
TlsFree
TlsAlloc
lstrlenW
GetCommandLineW
lstrcpynW
lstrcpyA
lstrcpynA
GetModuleFileNameW
GlobalAlloc
GetFileInformationByHandle
GlobalLock
FlushFileBuffers
InterlockedExchangeAdd
HeapWalk

user32

CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetClipboardData
IsClipboardFormatAvailable
SetCapture
GetProcessWindowStation
GetUserObjectInformationW
ReleaseCapture
RegisterDeviceNotificationW
UnregisterDeviceNotification
SystemParametersInfoW
ClientToScreen
DefWindowProcW
DestroyWindow
ReleaseDC
GetDC
CreateWindowExW
MessageBoxW
GetAsyncKeyState
GetKeyState
wsprintfA
RegisterRawInputDevices
GetRawInputData
GetRawInputDeviceList
GetRawInputDeviceInfoW
SendMessageTimeoutA
EnumWindows
SendMessageA
SetForegroundWindow
ShowWindow
IsIconic
RegisterWindowMessageA
GetUserObjectInformationA
GetThreadDesktop
GetParent
GetWindowRect
GetWindowLongA
SetWindowPos
GetClientRect
CreateDialogParamA
IsWindowVisible
GetCursorPos
WindowFromPoint
ScreenToClient
wvsprintfA
MonitorFromWindow
EnumDisplayDevicesA
GetCaretBlinkTime
PeekMessageA
GetMessageA
DispatchMessageA
ValidateRect
LoadImageA
DialogBoxParamA
IsDlgButtonChecked
CheckDlgButton
CreateDialogParamW
EnableWindow
PeekMessageW
IsDialogMessageW
TranslateMessage
DispatchMessageW
MsgWaitForMultipleObjects
SetWindowTextW
RegisterClassW
PostQuitMessage
SetWindowLongW
GetWindowLongW
SetFocus
SetCursorPos
ClipCursor
ShowCursor
GetFocus
LoadCursorA
RegisterClassExW
DialogBoxParamW
EndDialog
LoadIconA
SendDlgItemMessageW
SetDlgItemTextA
SetDlgItemTextW
MessageBoxA
CopyRect
OffsetRect
GetAncestor
UnregisterClassW
GetDesktopWindow
EnumDisplaySettingsA
AdjustWindowRectEx
GetSystemMetrics
ChangeDisplaySettingsA
GetDlgItem
SetWindowLongA

gdi32

GetDeviceCaps
ChoosePixelFormat
SetPixelFormat
GetObjectW
GetGlyphOutlineW
AddFontMemResourceEx
CreateCompatibleDC
GetFontUnicodeRanges
GetObjectA
SetTextAlign
SetTextColor
CreateFontIndirectW
SelectObject
GetTextFaceW
EnumFontFamiliesExW
DeleteDC
DeleteObject
RemoveFontMemResourceEx
SetBkMode
GetBitmapBits
BitBlt
CreateCompatibleBitmap
CreateDCA
SwapBuffers

advapi32

RegisterEventSourceA
ReportEventA
DeregisterEventSource
CryptImportKey
CryptVerifySignatureA
CryptDestroyKey
RegDeleteValueA
GetUserNameA
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
CryptAcquireContextA
CryptCreateHash
CryptReleaseContext
CryptHashData
CryptDestroyHash
CryptGetHashParam

shell32

ShellExecuteW
CommandLineToArgvW
SHGetFolderPathW

ole32

CoUninitialize
CoInitialize
CoCreateGuid
StringFromGUID2
CoSetProxyBlanket
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

opengl32

glStencilMask
glStencilOp
glStencilFunc
glIsEnabled
glClear
glClearStencil
glClearDepth
glClearColor
glFrontFace
glLoadMatrixf
glMatrixMode
glMultMatrixf
glGetFloatv
glColorMaterial
glLightModeli
glMaterialf
glMaterialfv
glColor4fv
glViewport
glScissor
glTexEnvfv
glBindTexture
glTexGenfv
glTexGeni
glLightfv
glLightf
glLightModelfv
glFogfv
glFogf
glFogi
glDeleteTextures
glFinish
glDepthFunc
glNormal3f
glColor4f
glTexCoord3f
glBegin
glEnd
glReadPixels
glLoadIdentity
glLightModelf
glHint
glTexParameteri
wglDeleteContext
glGenTextures
glTexImage2D
glDrawArrays
glReadBuffer
glDrawBuffer
glCopyTexSubImage2D
glPixelStorei
glTexSubImage2D
glIsTexture
glDrawElements
glGetString
glDepthMask
glCullFace
glPolygonOffset
glColorMask
glDisable
glBlendFunc
glAlphaFunc
glNormalPointer
wglCreateContext
wglMakeCurrent
glGetIntegerv
glEnable
wglGetCurrentContext
wglGetCurrentDC
wglShareLists
wglGetProcAddress
glGetError
glTexEnvi
glTexEnvf
glDisableClientState
glEnableClientState
glColorPointer
glVertexPointer
glVertex3f
glTexCoordPointer

winmm

waveInReset
waveInClose
waveInOpen
waveInStart
waveInGetDevCapsW
waveInGetDevCapsA
waveInUnprepareHeader
waveInPrepareHeader
waveInAddBuffer
waveOutPrepareHeader
waveOutReset
waveOutWrite
waveOutUnprepareHeader
waveOutOpen
waveOutClose
waveOutGetDevCapsW
waveOutGetNumDevs
waveOutGetDevCapsA
waveInGetNumDevs
timeGetTime
timeEndPeriod
timeBeginPeriod
waveOutGetPosition

ws2_32

htonl
inet_ntoa
WSAStartup
getsockname
gethostname
WSACleanup
freeaddrinfo
closesocket
getaddrinfo
connect
htons
WSAGetLastError
socket
inet_addr

shlwapi

PathIsDirectoryW
PathFileExistsW
SHDeleteKeyA

oleaut32

SysStringLen
SysAllocString
SysFreeString
VariantInit
VariantChangeType
VariantClear

imm32

ImmGetContext
ImmAssociateContext
ImmAssociateContextEx
ImmGetCompositionStringW
ImmGetConversionStatus
ImmSetOpenStatus
ImmReleaseContext
ImmSetCompositionStringW

dnsapi

DnsFree
DnsQuery_A

iphlpapi

GetIpAddrTable

hid

HidP_GetData
HidD_GetPreparsedData
HidD_GetProductString
HidP_GetCaps
HidP_GetButtonCaps
HidP_GetValueCaps
HidP_MaxDataListLength
HidD_FreePreparsedData
HidD_GetHidGuid

wsock32

inet_ntoa
gethostbyaddr
gethostbyname
recv
send
select
WSACancelAsyncRequest
WSAAsyncGetHostByName
listen
bind
accept
ntohs
getsockopt
getpeername
setsockopt
recvfrom
WSASetLastError
__WSAFDIsSet
shutdown
sendto

msacm32

acmStreamSize
acmStreamPrepareHeader
acmStreamConvert
acmStreamUnprepareHeader
acmFormatSuggest
acmStreamOpen

Exports

Exports

AgPmDestroySourceConnection
AgPmEventEnabled
AgPmEventLoggingEnabled
AgPmSubmitEvent
NxCreateCoreSDK

Sections

.text
Size: 7.1MB - Virtual size: 7.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 154KB - Virtual size: 698KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.trace
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 365KB - Virtual size: 368KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cf55049bcdd0af426af9913d8367607d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

version

opengl32

winmm

ws2_32

shlwapi

oleaut32

imm32

dnsapi

iphlpapi

hid

wsock32

msacm32

Exports

Exports

Sections

.text Size: 7.1MB - Virtual size: 7.1MB

.rdata Size: 1.1MB - Virtual size: 1.1MB

.data Size: 154KB - Virtual size: 698KB

.trace Size: 25KB - Virtual size: 24KB

.rsrc Size: 365KB - Virtual size: 368KB

.text
Size: 7.1MB - Virtual size: 7.1MB

.rdata
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 154KB - Virtual size: 698KB

.trace
Size: 25KB - Virtual size: 24KB

.rsrc
Size: 365KB - Virtual size: 368KB