aa7a60de604040120304e4633eadd65e2d2d9b1872ee3fd7e06120ba493fb068

Sharing

Copy URL Twitter E-mail

General

Target

aa7a60de604040120304e4633eadd65e2d2d9b1872ee3fd7e06120ba493fb068
Size

3.7MB
MD5

219b86401b49248e1855460d7930256a
SHA1

156dedbe4bc055055da9e7e356545531c196c83f
SHA256

aa7a60de604040120304e4633eadd65e2d2d9b1872ee3fd7e06120ba493fb068
SHA512

79f0cab9f0172cb8eaed1da2c23a26ed04ea6382fabaec273acb48086feba216ff614465d698e14a4387d4785ad706f16dba86da7320acf91d3319af9d92bd68
SSDEEP

98304:dm+9vwQ0OrAYvZhw6g11r7n+m5pQhXeMpBGYhkA:1vwkrAS7whjPt5yfpBGY+

Score

N/A

Malware Config

Signatures

Files

aa7a60de604040120304e4633eadd65e2d2d9b1872ee3fd7e06120ba493fb068
.exe windows x86

7c836871b92ac2974d4aefc599e1ad1c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedDecrement
InterlockedIncrement
FindResourceExW
FindResourceW
SizeofResource
LoadResource
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
RaiseException
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
LeaveCriticalSection
lstrcmpiW
LoadLibraryExW
GetModuleFileNameW
GetModuleHandleW
MultiByteToWideChar
WideCharToMultiByte
GetShortPathNameW
LoadLibraryW
DeleteFileW
CopyFileW
MoveFileW
GetCommandLineW
GetTickCount
OpenProcess
GetCurrentProcess
GetCurrentProcessId
TerminateProcess
GetExitCodeProcess
SetLastError
EnterCriticalSection
InitializeCriticalSection
FreeLibrary
GetProcAddress
WaitForSingleObject
WriteFile
HeapAlloc
HeapDestroy
SetFilePointer
MoveFileExW
FindNextFileW
FindFirstFileW
GetFileAttributesW
SetFileAttributesW
CreateFileW
GetFullPathNameW
RemoveDirectoryW
GetCurrentThreadId
lstrlenW
CloseHandle
GetSystemWindowsDirectoryW
QueryDepthSList
InterlockedPopEntrySList
ReleaseSemaphore
VirtualFree
VirtualProtect
VirtualAlloc
GetThreadTimes
UnregisterWait
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SignalObjectAndWait
CreateTimerQueue
ReadConsoleW
SetStdHandle
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
WriteConsoleW
GetTimeZoneInformation
GetConsoleMode
GetConsoleCP
GetFileType
FreeLibraryAndExitThread
ExitThread
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
CreateFileA
lstrcmpiA
lstrcmpA
DeviceIoControl
GetTempFileNameW
SetErrorMode
LockResource
FindClose
DosDateTimeToFileTime
LocalFileTimeToFileTime
CreateDirectoryW
GetSystemDirectoryW
IsDebuggerPresent
OutputDebugStringW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
GetStringTypeW
FormatMessageW
EncodePointer
DuplicateHandle
WaitForSingleObjectEx
Sleep
SwitchToThread
GetCurrentThread
GetNativeSystemInfo
TryEnterCriticalSection
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
QueryPerformanceFrequency
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
LocalFree
ReleaseMutex
CreateMutexW
GetPrivateProfileIntW
WritePrivateProfileStringW
GetVersionExW
GetFileSizeEx
ReadFile
GetACP
FreeResource
ExitProcess
GlobalAlloc
GlobalLock
GlobalUnlock
GetFileSize
lstrcmpW
MulDiv
lstrcpynW
IsBadReadPtr
GlobalFree
SetEvent
ResetEvent
GetVersion
InterlockedExchange
InterlockedCompareExchange
ResumeThread
GetLocalTime
SetEndOfFile
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
GetTempPathW
CreateThread
SetThreadPriority
CreateIoCompletionPort
GetQueuedCompletionStatus
PostQueuedCompletionStatus
WaitForMultipleObjects
GetStdHandle
FlushFileBuffers
SetFilePointerEx
SetFileTime
GetModuleHandleA
GetModuleHandleExA
GetModuleHandleExW
OutputDebugStringA
RegisterWaitForSingleObject
UnregisterWaitEx
DecodePointer

user32

ScreenToClient
MapWindowPoints
PtInRect
LoadIconW
SystemParametersInfoW
GetDC
ReleaseDC
GetIconInfo
MoveWindow
wsprintfW
wvsprintfW
SetCursor
InflateRect
OffsetRect
LoadCursorW
GetMessageW
TranslateMessage
DispatchMessageW
SendMessageW
CreateWindowExW
IsChild
GetWindowRect
GetFocus
GetKeyState
SetCapture
ReleaseCapture
SetTimer
KillTimer
BeginPaint
EndPaint
GetUpdateRect
InvalidateRect
IsRectEmpty
GetWindowLongW
SetWindowLongW
GetParent
GetClassNameW
GetWindow
CallWindowProcW
RegisterClassW
RegisterClassExW
GetClassInfoExW
EnableWindow
GetMenu
SetPropW
GetPropW
AdjustWindowRectEx
CopyRect
IntersectRect
IsIconic
SetWindowRgn
MonitorFromWindow
GetMonitorInfoW
FindWindowExW
CharPrevW
DrawTextW
SetRect
DrawIconEx
CreateCaret
HideCaret
ShowCaret
SetCaretPos
GetCaretPos
ClientToScreen
GetSysColor
RemovePropW
GetWindowDC
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
CreateAcceleratorTableW
InvalidateRgn
FillRect
PeekMessageW
WaitMessage
CallMsgFilterW
GetQueueStatus
MsgWaitForMultipleObjectsEx
SetWindowPos
GetClientRect
SetForegroundWindow
SwitchToThisWindow
UpdateWindow
SetFocus
IsZoomed
IsWindowVisible
ShowWindow
IsWindow
PostQuitMessage
RegisterWindowMessageW
GetCursorPos
MessageBoxW
LoadImageW
DestroyIcon
PostMessageW
CharNextW
DestroyWindow
DefWindowProcW
UnregisterClassW
UpdateLayeredWindow

gdi32

BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontIndirectW
CreatePen
DeleteDC
GetStockObject
GetTextExtentPoint32W
Rectangle
RestoreDC
SaveDC
SelectObject
GetTextMetricsW
GetObjectW
SetWindowOrgEx
CreateRoundRectRgn
CombineRgn
CreateRectRgnIndirect
GetCharABCWidthsW
GetClipBox
LineTo
RoundRect
SelectClipRgn
ExtSelectClipRgn
SetBkColor
SetBkMode
StretchBlt
SetStretchBltMode
SetTextColor
CreateDIBSection
MoveToEx
TextOutW
ExtTextOutW
GetDeviceCaps
CreateDCW
SetDIBitsToDevice
CreateSolidBrush
GetDIBits
DeleteObject

advapi32

OpenProcessToken
RegCreateKeyW
RegQueryValueExW
LookupPrivilegeValueW
AdjustTokenPrivileges
RegSetValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
GetTokenInformation
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA

shell32

SHCreateDirectoryExW
SHChangeNotify
Shell_NotifyIconW
SHFileOperationW
ShellExecuteExW
ord165
SHGetSpecialFolderPathW
ShellExecuteW

ole32

CoCreateGuid
OleLockRunning
CLSIDFromProgID
CLSIDFromString
CreateStreamOnHGlobal
CoTaskMemFree
CoTaskMemRealloc
CoInitialize
CoUninitialize
CoCreateInstance
CoTaskMemAlloc

oleaut32

SysAllocStringLen
SafeArrayCreate
VarUI4FromStr
SysFreeString
SysAllocString
SafeArrayPutElement
VariantInit
VariantClear

shlwapi

SHSetValueA
StrCmpIW
StrCmpNIW
StrTrimA
StrCpyW
AssocQueryStringW
SHGetValueW
PathFindFileNameW
PathAppendW
PathFileExistsW
PathCombineW
SHDeleteKeyW
PathRemoveFileSpecW
SHGetValueA
StrStrIA
StrStrIW
SHSetValueW
PathIsDirectoryW

comctl32

InitCommonControlsEx
ord17
_TrackMouseEvent

gdiplus

GdipImageSelectActiveFrame
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipGraphicsClear
GdipDrawImageRectI
GdipCreatePath
GdipDeletePath
GdipClosePathFigure
GdipAddPathArcI
GdipCreateTexture
GdipSaveImageToFile
GdipGetImageGraphicsContext
GdipImageGetFrameCount
GdipCreateBitmapFromFile
GdipCreateBitmapFromScan0
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipGetImageHeight
GdipGetImageWidth
GdiplusStartup
GdipFillEllipseI
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateHBITMAPFromBitmap
GdipCloneBitmapAreaI
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipSetInterpolationMode
GdipFillPath
GdipDrawImagePointsI
GdipDrawImageRectRectI
GdipGetImageEncodersSize
GdipGetImageEncoders
ord1
GdipCreatePen1
GdipDeletePen
GdipDrawPath
GdipDrawEllipseI
GdipCreateFromHDC
GdipDisposeImage
GdipCloneImage
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdipFree
GdipAlloc
GdiplusShutdown
GdipCreateBitmapFromStream

psapi

EnumProcesses
EnumProcessModules
GetModuleFileNameExW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

wininet

InternetGetCookieExW
InternetSetCookieW
InternetGetConnectedState
InternetCrackUrlW

iphlpapi

GetAdaptersInfo

crypt32

CertGetNameStringW

wintrust

WinVerifyTrust
WTHelperProvDataFromStateData

winmm

timeBeginPeriod
timeEndPeriod
timeGetTime

msimg32

GradientFill
AlphaBlend

urlmon

URLDownloadToFileW
URLDownloadToCacheFileW

imm32

ImmReleaseContext
ImmSetCompositionWindow
ImmGetContext

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 286KB - Virtual size: 286KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7c836871b92ac2974d4aefc599e1ad1c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

gdiplus

psapi

version

wininet

iphlpapi

crypt32

wintrust

winmm

msimg32

urlmon

imm32

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 286KB - Virtual size: 286KB

.data Size: 27KB - Virtual size: 41KB

.rsrc Size: 2.1MB - Virtual size: 2.1MB

.reloc Size: 68KB - Virtual size: 68KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 286KB - Virtual size: 286KB

.data
Size: 27KB - Virtual size: 41KB

.rsrc
Size: 2.1MB - Virtual size: 2.1MB

.reloc
Size: 68KB - Virtual size: 68KB