f140381a4e494a8c8e45825e2004f86baa98930b1edc2c7864e2c047147c1063

Sharing

Copy URL

Twitter E-mail

General

Target

f140381a4e494a8c8e45825e2004f86baa98930b1edc2c7864e2c047147c1063
Size

276KB
MD5

5c55a8c60e4aed4b900e64dac4dbd1f4
SHA1

a1662ee2390314373d1454961a5713672b9b273d
SHA256

f140381a4e494a8c8e45825e2004f86baa98930b1edc2c7864e2c047147c1063
SHA512

afa7dcf25e9573b573b63f31bf3fb74e5a5a984b4d2226997d786d0e837b234764ce6abf11f1bec491777b57aab509142389a5c4614e83f1c5e8c2ce736014e7
SSDEEP

6144:4EHcmXQfx5yricscJEL+CfCjrEjcsBeSTF4PrGi:1HcmejyJscJ2f0oj9F4y

Score

N/A

Malware Config

Signatures

Files

f140381a4e494a8c8e45825e2004f86baa98930b1edc2c7864e2c047147c1063
.exe windows x86

c20029f6ee75fb4870895d04bc5581da

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

UrlUnescapeA
PathRenameExtensionA
PathRemoveExtensionA
PathBuildRootA
PathIsUNCA
PathFindFileNameA
PathIsUNCServerA
PathRemoveBackslashA
PathGetDriveNumberA
PathRemoveFileSpecA
PathFileExistsA
SHDeleteKeyA
PathStripToRootA
PathIsRootA
PathAddBackslashA
PathIsUNCServerShareA
PathCombineA
PathIsDirectoryA
PathFindExtensionA
PathAppendA

comdlg32

GetSaveFileNameA
PrintDlgW
ChooseFontA
PrintDlgA
GetFileTitleA
GetOpenFileNameA
GetOpenFileNameW
CommDlgExtendedError
PageSetupDlgA

user32

GetDC
SetWindowLongW
GetClientRect
SetParent
SetWindowPlacement
SetMenuItemBitmaps
GetWindow
DdeClientTransaction
GetMenuItemID
ShowWindow
IsClipboardFormatAvailable
WinHelpA
EndPaint
BeginDeferWindowPos
GetDlgItemTextW
SetWindowPos
CheckRadioButton
GetSystemMenu
MapVirtualKeyExA
LoadBitmapA
RegisterWindowMessageA
GetSysColorBrush
SetWindowLongA
GetPropW
DrawTextW
UnionRect
ValidateRect
GetActiveWindow
CallWindowProcA
TranslateAcceleratorA
WaitForInputIdle
CharNextW
SystemParametersInfoW
DestroyCaret
CharNextA
EnumWindows
WindowFromDC
DialogBoxIndirectParamA
DialogBoxIndirectParamW
GetKeyboardLayout
IsMenu
PostThreadMessageA
MessageBoxW
GetFocus
FillRect
RegisterWindowMessageW
DispatchMessageA
SetScrollInfo
LoadCursorW
RemovePropA
DestroyWindow
GetNextDlgTabItem
MapDialogRect
IsWindowEnabled
UnpackDDElParam
SetCursorPos
wvsprintfA
UnregisterClassA
InsertMenuA
DialogBoxParamW
GetSysColor
EnumChildWindows
FrameRect
GetWindowTextLengthA
GetMenuStringW
GetMenuState
CreateDialogIndirectParamA
IsRectEmpty
GetLastActivePopup
DrawIconEx
DdeDisconnect
GetWindowTextA
PeekMessageW
CopyRect
GetDesktopWindow
InvalidateRgn
GetTopWindow
IsChild
SetPropA
GetDlgCtrlID
FindWindowW
GetSubMenu
GetWindowPlacement
CloseClipboard
DestroyIcon
DefWindowProcW
UnhookWindowsHookEx
LoadIconA
AppendMenuA
GetClassLongW
AppendMenuW
DefWindowProcA
GetClassInfoExW
GetMenuItemInfoW
EnableMenuItem
BringWindowToTop
GetClassNameW
GrayStringA
DestroyMenu
EmptyClipboard
EqualRect
SetMenuDefaultItem
SendMessageW
SetWindowsHookExA
GetWindowRect
CharLowerA
wsprintfW
WindowFromPoint
SetClipboardData
SendMessageA
GetMenuItemCount
SendDlgItemMessageW
GetMessagePos
ExcludeUpdateRgn
DdeUninitialize
SetWindowTextA
CreateAcceleratorTableW
GetWindowLongW
GetClassLongA
SetRectEmpty
GetMessageW
CheckDlgButton
LoadCursorA
SetRect
ScrollWindow
GetCapture
GetPropA
MessageBoxA
SystemParametersInfoA
TabbedTextOutW
GetMenuCheckMarkDimensions
PtInRect
AdjustWindowRectEx
RedrawWindow
SetDlgItemTextA
SetForegroundWindow
DestroyCursor
MonitorFromWindow
RemovePropW
UpdateWindow
GetMessageA
LockWindowUpdate
RegisterClipboardFormatW
LoadImageA
EnableWindow
SetDlgItemInt
GetMenuItemInfoA
SetCapture
ReleaseDC
DeleteMenu
LoadMenuW
ReuseDDElParam
CharUpperA
CallWindowProcW
DrawTextA
GetScrollPos
EndDeferWindowPos
GetParent
HideCaret
SetTimer
SetActiveWindow
TranslateMessage
ModifyMenuA
DrawTextExW
MoveWindow
MapWindowPoints
ReleaseCapture
EndDialog
GetWindowTextW
BeginPaint
DrawFocusRect
UnregisterClassW
CallNextHookEx
SetPropW
wsprintfA
ShowCaret
SetMenuItemInfoA
SetFocus
IsWindowVisible
CopyAcceleratorTableA
LoadAcceleratorsW
CreateDialogIndirectParamW
GetWindowRgn
CheckMenuItem
CreateDialogParamA
GetClassNameA
GetKeyState
ShowScrollBar
GetScrollRange
TranslateMDISysAccel
IsZoomed
GetKeyNameTextW
ClientToScreen
GetWindowThreadProcessId
GetWindowDC
SetMenuItemInfoW
RegisterClassW
PostQuitMessage
TrackPopupMenuEx
ChangeClipboardChain
GetWindowLongA
GetKeyboardLayoutList
RegisterClassExA
RegisterClassA
InsertMenuW
GetCursorPos
SetDlgItemTextW
KillTimer
GetWindowTextLengthW
SetWindowsHookExW
GetDlgItem
MessageBeep
PeekMessageA
InsertMenuItemW
InvalidateRect
DrawFrameControl
IsDialogMessageW
DispatchMessageW
FlashWindow
InflateRect
SetClassLongA
SendDlgItemMessageA
CreateWindowExW
ModifyMenuW
WaitMessage
GetSystemMetrics
SetMenu
IntersectRect
GetClipboardOwner
IsIconic
GetMenuStringA
InsertMenuItemA
LoadStringA
DeferWindowPos
GrayStringW
IsWindow
SetCursor
ScreenToClient
GetCaretPos
RegisterClipboardFormatA
GetMenu
TabbedTextOutA
LoadAcceleratorsA
InvertRect

advapi32

RegDeleteKeyW
FreeSid
AllocateAndInitializeSid
SetSecurityDescriptorDacl
RegOpenKeyExW
GetFileSecurityA
RegQueryInfoKeyW
SetServiceStatus
GetFileSecurityW
ControlService
OpenProcessToken
CloseServiceHandle
SetSecurityDescriptorOwner
RegSetValueA
EqualSid
StartServiceA
DeleteService
CreateServiceW
RegQueryValueExW
StartServiceCtrlDispatcherA
RegDeleteValueA
DeleteAce
ChangeServiceConfigA
GetLengthSid
AddAccessAllowedAce
GetTokenInformation
RegCreateKeyA
AdjustTokenPrivileges
GetAce
CreateServiceA
RegEnumKeyExA
RegSetValueExW
ReportEventW
RegDeleteKeyA
RegCreateKeyExA
DeregisterEventSource
InitializeSecurityDescriptor
StartServiceCtrlDispatcherW
RegOpenKeyA
RegEnumValueA
RegQueryValueW
GetUserNameA
InitializeAcl
RegCloseKey
RegSetValueExA
RegEnumKeyA
RegQueryValueExA
QueryServiceStatus
OpenThreadToken
GetSecurityInfo
CreateProcessAsUserA
RegQueryInfoKeyA
CopySid
OpenSCManagerA
RevertToSelf
RegisterServiceCtrlHandlerW
RegQueryValueA
RegOpenKeyExA
OpenServiceA
SetSecurityDescriptorGroup
LookupPrivilegeValueA
SetFileSecurityA

winmm

timeBeginPeriod
timeSetEvent
waveOutPrepareHeader
mixerGetLineInfoA
waveInReset
waveOutRestart
waveOutUnprepareHeader
waveOutReset
timeKillEvent
mmioDescend
waveInAddBuffer
mixerGetNumDevs
waveOutSetPlaybackRate
waveInStart
waveOutWrite
mmioRead
waveInClose
waveInUnprepareHeader
waveOutGetNumDevs
waveOutOpen
mixerGetControlDetailsA
waveOutClose
waveInStop
waveInGetNumDevs
waveOutGetDevCapsA
timeGetTime
waveInOpen
mixerClose
mixerGetLineControlsA
timeEndPeriod
mixerOpen
timeGetDevCaps
mixerSetControlDetails
mixerGetDevCapsA
waveInPrepareHeader

kernel32

GlobalDeleteAtom
lstrcmpiA
TerminateProcess
FatalAppExitA
WriteConsoleW
HeapCreate
WaitForSingleObject
DeviceIoControl
VirtualQuery
CreateMutexA
lstrlenA
FindResourceExA
GlobalFindAtomA
GlobalUnlock
GetLocaleInfoA
SetEnvironmentVariableA
GetFileType
GetCurrentProcessId
GetFileTime
GetPrivateProfileStringA
GetTickCount
VirtualAlloc
lstrcpyW
GetConsoleMode
MapViewOfFile
GetProfileIntW
lstrlenW
ReadFile
CompareStringA
GetConsoleOutputCP
CreateEventA
SuspendThread
SetFileTime
GetProcessHeap
GetVersionExW
GetDriveTypeA
OpenMutexA
SetEvent
MoveFileExA
GlobalLock
CopyFileA
SystemTimeToFileTime
GetProcAddress
GetSystemDirectoryA
Thread32First
DeleteCriticalSection
GetLastError
GlobalFree
HeapAlloc
InterlockedExchange
GetConsoleCP
CreateToolhelp32Snapshot
ResetEvent
GetTimeZoneInformation
IsBadReadPtr
IsBadWritePtr
GetACP
FreeResource
FormatMessageA
FindClose
GetStartupInfoW
LCMapStringW
WaitForMultipleObjects
GetFileSize
HeapDestroy
lstrcmpiW
GetModuleHandleA
GetModuleFileNameA
EnumResourceLanguagesW
TerminateThread
LockFile
GetStringTypeW
SetFilePointer
GetCommandLineW
GetEnvironmentStrings
GetVolumeInformationW
LoadResource
GlobalSize
GetDiskFreeSpaceA
GetPrivateProfileIntA
HeapFree
LeaveCriticalSection
SetUnhandledExceptionFilter
IsBadCodePtr
FlushFileBuffers
CreateMutexW
SetStdHandle
OpenEventA
RaiseException
lstrcpyA
GetFullPathNameA
TlsSetValue
WritePrivateProfileStringA
lstrcpynA
FindFirstFileW
GetShortPathNameA
UnmapViewOfFile
UnlockFile
LCMapStringA
SetThreadPriority
SetFileAttributesA
OutputDebugStringA
CreateSemaphoreA
GetTempFileNameW
HeapSize
FindFirstFileA
GetStartupInfoA
RtlUnwind
SetLastError
LockResource
SetHandleCount
UnhandledExceptionFilter
GetTimeFormatA
CompareStringW
GetLocaleInfoW
GetVersionExA
MultiByteToWideChar
lstrcatA
InterlockedDecrement
GetEnvironmentVariableA
GetLocalTime
GetSystemInfo
FreeEnvironmentStringsW
GlobalAddAtomW
CreateFileW
LocalAlloc
GetOEMCP
_lcreat
CreateFileA
GetCPInfo
ResumeThread
LocalReAlloc
EnterCriticalSection
CreateEventW
GetFileAttributesA
GlobalAlloc
DuplicateHandle
GetCommandLineA
GetLongPathNameW
GetSystemTimeAsFileTime
WriteFile
GetSystemTime
GetThreadLocale
SetErrorMode
GetCurrentThread
GetTempFileNameA
GetStringTypeA
GetFileAttributesW
ExitProcess
InterlockedIncrement
FreeEnvironmentStringsA
GetEnvironmentStringsW
HeapReAlloc
GetCurrentDirectoryA
LoadLibraryA
GetPrivateProfileSectionNamesA
GetNumberFormatW
Sleep
ExitThread
SizeofResource
DeleteFileW
CreateThread
GetStringTypeExA
GetStdHandle
LoadLibraryW
GlobalHandle
GetModuleFileNameW
FreeLibrary
SearchPathA
FindResourceW
GetProcessVersion
FindNextFileA
DeleteFileA
GetUserDefaultLCID
MoveFileA
GetProfileStringA
TlsAlloc
ConvertDefaultLocale
GetCurrentProcess
FileTimeToLocalFileTime
GlobalReAlloc
lstrcmpA
lstrcmpW
QueryPerformanceCounter
VirtualFree
Thread32Next
LocalFileTimeToFileTime
FileTimeToSystemTime
CloseHandle
GetVersion
WideCharToMultiByte
LocalFree
LoadLibraryExA
IsValidLocale
GlobalAddAtomA
MulDiv
GetCurrentThreadId
TlsFree
GlobalFlags
CreateProcessA
InitializeCriticalSection
TlsGetValue
CreateDirectoryA

shell32

SHGetPathFromIDListA
DragFinish
SHBrowseForFolderA
SHGetFolderPathW
ShellExecuteW
ShellExecuteA
SHFileOperationA
Shell_NotifyIconA
SHGetSpecialFolderPathA
SHGetDesktopFolder
SHGetMalloc
ExtractIconExW
SHGetSpecialFolderPathW
SHGetPathFromIDListW
ShellExecuteExW
ShellExecuteExA
SHGetFileInfoA
SHBrowseForFolderW
ord155

winspool.drv

DeletePrinter
GetPrinterDriverDirectoryA
AddPrinterA
ClosePrinter
DeviceCapabilitiesA
DeletePrintProcessorA
EnumPrintersA
GetPrinterA
DeletePrinterDriverA
DocumentPropertiesA
OpenPrinterA
AddPrinterDriverA
EnumPrinterDriversA
EnumJobsA
SetPrinterA
ord204

comctl32

ImageList_Add
ImageList_GetIconSize
ImageList_Merge
_TrackMouseEvent
ImageList_ReplaceIcon
ImageList_Draw
ImageList_LoadImageW
ImageList_DragShowNolock
ImageList_Replace
ImageList_GetIcon
ImageList_GetImageInfo
ImageList_SetBkColor
DestroyPropertySheetPage
ImageList_Read
ImageList_DragEnter
ImageList_BeginDrag
ImageList_GetImageCount
ord17
ImageList_SetImageCount
ImageList_DragLeave
ImageList_Destroy
ImageList_Remove
ImageList_Create
ImageList_SetDragCursorImage
ImageList_SetOverlayImage
ImageList_LoadImageA
ImageList_GetDragImage
ImageList_EndDrag
ImageList_AddMasked
PropertySheetA
ImageList_DragMove
ImageList_Write
InitCommonControlsEx

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c20029f6ee75fb4870895d04bc5581da

Headers

File Characteristics

Imports

shlwapi

comdlg32

user32

advapi32

winmm

kernel32

shell32

winspool.drv

comctl32

Sections

.text Size: 60KB - Virtual size: 57KB

.rdata Size: 108KB - Virtual size: 105KB

.data Size: 72KB - Virtual size: 98KB

.rsrc Size: 32KB - Virtual size: 31KB

.text
Size: 60KB - Virtual size: 57KB

.rdata
Size: 108KB - Virtual size: 105KB

.data
Size: 72KB - Virtual size: 98KB

.rsrc
Size: 32KB - Virtual size: 31KB