638ba506e5a704cad24f6bf047af0e55d9b9db627de1f3c490a480d16c3569ae

Sharing

Copy URL

Twitter E-mail

General

Target

638ba506e5a704cad24f6bf047af0e55d9b9db627de1f3c490a480d16c3569ae
Size

921KB
MD5

d8d83547a8d63273943cb78dca2f3409
SHA1

90b5d79859d09d03d72fdd93d44cb7346355fd3c
SHA256

638ba506e5a704cad24f6bf047af0e55d9b9db627de1f3c490a480d16c3569ae
SHA512

fffd6a32fcc9d42e228baf37d1f0d9d536a85caa3c7fec97e6ba2e1110ccdfe93db5967de1d8630f00df1a813988502aa0fc658ab2b26c9f51b63812d131aa49
SSDEEP

12288:NhlOUyexEhm4+lKAMap3/MFM3xxaQ1+noQqIobz7M1viTMQT3nfQ9GU+z6gz4:TKAMgMFiF16oQqIoQITMQT3nfOBuNz

Score

N/A

Malware Config

Signatures

Files

638ba506e5a704cad24f6bf047af0e55d9b9db627de1f3c490a480d16c3569ae
.exe windows x86

c3b6fd9055f7245c219b87f429ff9ce8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
InterlockedIncrement
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
SetErrorMode
GetStartupInfoW
GetDriveTypeA
FindFirstFileA
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
HeapAlloc
HeapReAlloc
RtlUnwind
RaiseException
ExitThread
CreateThread
ExitProcess
HeapSize
SetStdHandle
GetFileType
VirtualProtect
GetSystemInfo
VirtualQuery
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
HeapCreate
QueryPerformanceCounter
GetFullPathNameA
GetCurrentDirectoryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetExitCodeProcess
CreateProcessW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
SetEnvironmentVariableW
DeleteFileA
GetFileTime
GetFileSizeEx
GetFileAttributesW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
SetFilePointer
GetThreadLocale
GetModuleHandleA
InterlockedDecrement
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentProcessId
WritePrivateProfileStringW
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
FreeLibrary
lstrcmpW
GetVersionExA
GetProcAddress
GetModuleHandleW
LoadLibraryW
FreeResource
SuspendThread
GetCurrentThreadId
SetThreadPriority
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
lstrlenW
MulDiv
SetLastError
GetCommMask
WaitForMultipleObjects
GetModuleFileNameW
ResumeThread
GetVersionExW
DeleteFileW
GetCommandLineW
WideCharToMultiByte
VirtualFree
VirtualAlloc
lstrcpyW
GetPrivateProfileStringW
GetTickCount
GetExitCodeThread
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
WaitCommEvent
SetEvent
FlushFileBuffers
ResetEvent
TerminateThread
WaitForSingleObject
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetOverlappedResult
GetLastError
WriteFile
ReadFile
ClearCommError
EscapeCommFunction
Sleep
CreateEventW
SetCommState
GetCommState
SetCommTimeouts
PurgeComm
SetupComm
SetCommMask
CreateFileW
GetModuleFileNameA
CloseHandle
GetProcessHeap

user32

RegisterClipboardFormatW
PostThreadMessageW
GetDlgItemTextW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
EqualRect
GetDlgCtrlID
DefWindowProcW
SetRect
PtInRect
SetWindowLongW
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetWindow
ReleaseDC
GetDC
CopyRect
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetWindowLongW
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
SetWindowsHookExW
CallNextHookEx
GetMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
GetCursorPos
ValidateRect
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
UpdateWindow
KillTimer
InvalidateRect
wsprintfW
IsRectEmpty
CharNextW
DispatchMessageW
TranslateMessage
PeekMessageW
TranslateAcceleratorW
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
PostQuitMessage
RegisterWindowMessageW
LoadAcceleratorsW
AppendMenuW
GetSystemMenu
LoadBitmapW
LoadIconW
SendMessageW
UnregisterClassW
PostMessageW
EnableWindow
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
GetMenu
CopyAcceleratorTableW
ReleaseCapture
SetCapture
LoadCursorW
GetSysColorBrush
CharUpperW
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
DestroyMenu
GetWindowThreadProcessId
SetCursor
SetWindowContextHelpId
MapDialogRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
EnableMenuItem
CheckMenuItem
SetDlgItemTextW
MoveWindow
SetWindowTextW
IsDialogMessageW
CallWindowProcW
ShowWindow

gdi32

SetMapMode
SetTextAlign
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetBkMode
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
SaveDC
RestoreDC
ExtTextOutW
CreateBitmap
GetObjectW
SetBkColor
SetTextColor
GetClipBox
CreateRectRgnIndirect
GetDeviceCaps
GetStockObject
SetWindowExtEx
DeleteObject
CreateFontIndirectW

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegDeleteKeyW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegEnumValueW
RegOpenKeyExW
RegSetValueExW

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionW
PathRemoveFileSpecW
PathStripToRootW
PathFindFileNameW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoUninitialize
CoCreateInstance
CoInitializeEx
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

SysStringLen
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SysAllocString
SysFreeString

wininet

InternetConnectW
FtpOpenFileW
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetOpenW
InternetGetLastResponseInfoW
InternetCloseHandle
FtpGetFileW
FtpSetCurrentDirectoryW
InternetQueryDataAvailable

Sections

.text
Size: 383KB - Virtual size: 382KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 349KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 382KB - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c3b6fd9055f7245c219b87f429ff9ce8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

shlwapi

oledlg

ole32

oleaut32

wininet

Sections

.text Size: 383KB - Virtual size: 382KB

.rdata Size: 96KB - Virtual size: 95KB

.data Size: 14KB - Virtual size: 349KB

.rsrc Size: 382KB - Virtual size: 384KB

.reloc Size: 45KB - Virtual size: 44KB

.text
Size: 383KB - Virtual size: 382KB

.rdata
Size: 96KB - Virtual size: 95KB

.data
Size: 14KB - Virtual size: 349KB

.rsrc
Size: 382KB - Virtual size: 384KB

.reloc
Size: 45KB - Virtual size: 44KB