04b3f6c95c3c60da3324cf638aae0953d077030c5e342a45432f47d51e9501db

Sharing

Copy URL

Twitter E-mail

General

Target

04b3f6c95c3c60da3324cf638aae0953d077030c5e342a45432f47d51e9501db
Size

1.0MB
MD5

a5409b2503d620da4a9624093f403f91
SHA1

29bf43b1058cb3e7d9b6153bd8dc8e3badff754f
SHA256

04b3f6c95c3c60da3324cf638aae0953d077030c5e342a45432f47d51e9501db
SHA512

5353d31b92f3bf19022e58c9324d73a350d297f8d940f85b2baf404941c249f6f89cbd47d807f766d72c3d4da38142b06faf151f941fccf390001c7a0dc0c006
SSDEEP

12288:ra4JTI7kiw68K2Hgnxg0++kNFPpMQITOAy75Prvx3w15WUig+YjBa:u4J87jwdK2HgMMQIty75PjxW3a

Score

N/A

Malware Config

Signatures

Files

04b3f6c95c3c60da3324cf638aae0953d077030c5e342a45432f47d51e9501db
.exe windows x86

80debf69d4088c82a5f8820aff102941

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

penglue

PenGetAdaptationCharacter
PenDeleteAdaptationCharacter
PenGetAdaptationCharacterNumber
PenAutoLearn
PenEnd
PenInitialize
PenSelfLearnString
PenRecognize
PenSetParam

mousespy

MouseSpyGetParam
MouseSpyInstall
MouseSpyUninstall
MouseSpySetParam

libmgr

GetContent
GetContent2
??1CLibManager@@UAE@XZ
??0CLibManager@@QAE@XZ
ReadLibrary
?SetParam@CLibManager@@QAEXII@Z

lanmodel

GetBestResult

drawscript

DSExit
DSDrawNewPoint
DSClearScreen
DSInit
DSInitPen

sendfunc

Send_ComKey_ToApplication
Send_CTRL_C_ToApplication
Send_FuncKey_ToApplication
Send_IME_ToApplication
Send_CTRL_V_ToApplication

jtts_ml

jTTS_Play
jTTS_SetPlay
jTTS_GetStatus
jTTS_Stop
jTTS_End
jTTS_SetParam
jTTS_Init

kernel32

GetThreadLocale
lstrcmpiW
GetShortPathNameW
FileTimeToSystemTime
FileTimeToLocalFileTime
GlobalFlags
SizeofResource
LocalAlloc
InitializeCriticalSection
TlsAlloc
DeleteCriticalSection
GlobalHandle
TlsFree
LeaveCriticalSection
GlobalReAlloc
EnterCriticalSection
TlsSetValue
LocalReAlloc
TlsGetValue
GetProcessVersion
GlobalSize
FindResourceExW
GetFileAttributesW
GetFileSize
GetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
SetFileAttributesW
SetErrorMode
GetTempFileNameW
GetDiskFreeSpaceW
GetStartupInfoW
ExitProcess
RtlUnwind
HeapFree
HeapAlloc
GetTimeZoneInformation
GetLocalTime
RemoveDirectoryW
CreateDirectoryW
RaiseException
CreateThread
ExitThread
TerminateProcess
SetStdHandle
GetFileType
HeapReAlloc
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
SetHandleCount
GetStringTypeExW
GetStartupInfoA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
FatalAppExitA
CompareStringA
CompareStringW
SetUnhandledExceptionFilter
LCMapStringW
IsBadReadPtr
IsBadCodePtr
GetCPInfo
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeA
GetStringTypeW
GetCurrentDirectoryA
GetFullPathNameA
GetDriveTypeA
SetConsoleCtrlHandler
GetLocaleInfoW
GetACP
GetOEMCP
SetEnvironmentVariableA
FindResourceA
GlobalAddAtomA
GetProfileStringA
GetTickCount
Sleep
MultiByteToWideChar
IsDBCSLeadByte
WideCharToMultiByte
GlobalUnlock
GlobalLock
FindClose
FindNextFileW
FindFirstFileW
FreeLibrary
GetProcAddress
LoadLibraryW
CreateProcessW
GetPrivateProfileIntW
GetLastError
CreateMutexW
SetCurrentDirectoryW
GetModuleFileNameW
GetCurrentDirectoryW
CloseHandle
GetVersion
WinExec
lstrcpynA
GetSystemTime
GlobalAlloc
SearchPathW
GetStdHandle
GetFullPathNameW
GetVolumeInformationW
MoveFileW
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetCurrentProcess
DuplicateHandle
WritePrivateProfileStringW
lstrcmpW
lstrcmpiA
GetCurrentThread
VirtualProtect
lstrcmpA
CreateEventW
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
WaitForSingleObject
MulDiv
SetLastError
lstrcpynW
GlobalGetAtomNameW
FormatMessageW
LocalFree
InterlockedDecrement
InterlockedIncrement
GetModuleHandleA
LoadLibraryA
lstrlenA
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetModuleHandleW
GlobalFree
LockResource
FindResourceW
LoadResource
lstrcatW
lstrlenW
lstrcpyW
DeleteFileW
CopyFileW
GetPrivateProfileStringW
WriteFile
CreateFileW
SetFilePointer
ReadFile
LCMapStringA
GetWindowsDirectoryW
GetVersionExW
CreateFileA
DeviceIoControl
GetProfileIntW

user32

PostQuitMessage
ShowOwnedPopups
SetWindowContextHelpId
RegisterClipboardFormatW
CharUpperW
GetDialogBaseUnits
GetSysColorBrush
GetDCEx
LockWindowUpdate
InsertMenuW
GetMenuStringW
RemoveMenu
DeleteMenu
CharNextW
CopyAcceleratorTableW
GetNextDlgGroupItem
MessageBeep
PostThreadMessageW
SetParent
IsRectEmpty
GetSystemMenu
DestroyIcon
ReuseDDElParam
SetMenu
DestroyMenu
TranslateAcceleratorW
LoadAcceleratorsW
wvsprintfW
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
CheckMenuItem
IsDialogMessageW
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
GetDlgItemTextW
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SendDlgItemMessageW
SendDlgItemMessageA
MapWindowPoints
GetSysColor
PeekMessageW
DispatchMessageW
GetFocus
SetFocus
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
MessageBoxW
IsChild
WinHelpW
wsprintfW
GetClassInfoW
GetMenu
GetMenuItemCount
SetWindowPlacement
GetWindowTextLengthW
CreateWindowExW
SetWindowsHookExW
CallNextHookEx
SetPropW
UnhookWindowsHookEx
GetPropW
CallWindowProcW
RemovePropW
DefWindowProcW
GetMessageTime
GetLastActivePopup
SetWindowLongW
MapDialogRect
IsIconic
GetWindowPlacement
GetNextDlgTabItem
EndDialog
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetWindowLongW
GetDlgItem
GetWindow
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetMenuItemID
WaitForInputIdle
EnumWindows
FindWindowExW
IsWindowEnabled
GetWindowTextW
GetClassNameW
CharNextA
EnableMenuItem
SetClipboardData
SetWindowTextW
ShowWindow
MoveWindow
SetWindowRgn
CheckMenuRadioItem
GetDlgCtrlID
SetWindowPos
GetParent
GetDC
InvertRect
IsClipboardFormatAvailable
UnregisterClassW
GetWindowTextLengthA
HideCaret
ShowCaret
ExcludeUpdateRgn
GetWindowTextA
SetCursorPos
SetMenuDefaultItem
TrackPopupMenu
CopyIcon
SetSystemCursor
SetCapture
LoadMenuW
GetSubMenu
GetForegroundWindow
SetForegroundWindow
GetCapture
ReleaseCapture
OffsetRect
IsWindowVisible
GetClipboardData
SetRect
WaitMessage
LoadStringW
GetMessageW
TranslateMessage
ValidateRect
GrayStringW
DrawTextW
TabbedTextOutW
EndPaint
BeginPaint
GetWindowDC
OpenClipboard
EmptyClipboard
CloseClipboard
GetWindowThreadProcessId
GetCursorPos
ScreenToClient
SetCursor
InSendMessage
ReplyMessage
PostMessageW
ClientToScreen
WindowFromPoint
InvalidateRect
GetDesktopWindow
DrawTextA
GetClassInfoA
DefDlgProcA
DefWindowProcA
CallWindowProcA
RemovePropA
SetWindowsHookExA
GetWindowLongA
SendMessageA
IsWindowUnicode
GetClassNameA
SetWindowLongA
SetPropA
GetPropA
ReleaseDC
BringWindowToTop
IntersectRect
UnpackDDElParam
EnableWindow
PtInRect
InflateRect
SystemParametersInfoW
GetSystemMetrics
SetRectEmpty
IsWindow
CopyRect
GetKeyState
GetWindowRect
UpdateWindow
EqualRect
RegisterWindowMessageW
LoadCursorW
SetTimer
KillTimer
GetMessagePos
GetActiveWindow
GetClientRect
GetAsyncKeyState
AdjustWindowRectEx
AdjustWindowRect
CreatePopupMenu
AppendMenuW
FillRect
FrameRect
DrawFocusRect
SendMessageW
LoadIconW
LoadBitmapW
DrawIcon
RegisterClassW

gdi32

SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
MoveToEx
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetCurrentPositionEx
ArcTo
SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
SetBkMode
DeleteObject
GetClipRgn
SelectPalette
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
ExtCreatePen
CreateHatchBrush
CreatePatternBrush
CreateDIBPatternBrushPt
PtVisible
RectVisible
TextOutW
Escape
GetMapMode
SetRectRgn
CombineRgn
CreateRectRgnIndirect
CreateFontIndirectW
DPtoLP
StretchDIBits
GetCharWidthW
CopyMetaFileW
CreateDCW
EnumFontFamiliesExW
GetTextColor
GetBkColor
LPtoDP
SelectObject
ExtTextOutA
GetTextExtentPointA
CreateRectRgn
RestoreDC
SaveDC
StartDocW
DeleteDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
GetTextMetricsW
ExtTextOutW
Rectangle
PatBlt
GetTextExtentPoint32W
CreateEllipticRgn
CreateCompatibleBitmap
CreateSolidBrush
CreatePen
CreateFontW
StretchBlt
GetObjectW
CreateCompatibleDC
BitBlt
PolyBezierTo
CreateDIBitmap
GetStockObject

comdlg32

GetOpenFileNameW
GetSaveFileNameW
GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegCreateKeyW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
RegQueryValueW
RegDeleteValueW
RegDeleteKeyW
RegOpenKeyW
RegSetValueW
SetFileSecurityW
GetFileSecurityW
RegEnumKeyW
RegCloseKey

shell32

DragFinish
ShellExecuteW
Shell_NotifyIconW
ExtractIconW
SHGetFileInfoW
DragQueryFileW
SHAppBarMessage
DragAcceptFiles
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc

comctl32

ImageList_ReplaceIcon
ord17
ord13
ord14
ImageList_Destroy
ImageList_Create
ImageList_LoadImageW
ImageList_Merge
ImageList_Read
ImageList_Write
PropertySheetW
DestroyPropertySheetPage
CreatePropertySheetPageW

oledlg

OleUIBusyW

ole32

OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
ReadFmtUserTypeStg
ReadClassStg
StringFromCLSID
CoTreatAsClass
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CreateBindCtx
CoTaskMemAlloc
OleDuplicateData
CreateStreamOnHGlobal
CoDisconnectObject
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CLSIDFromString
CLSIDFromProgID
OleGetClipboard
ReleaseStgMedium
CoTaskMemFree
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleRun
CoCreateInstance
CoRegisterMessageFilter
CoRegisterClassObject
CoRevokeClassObject
OleSetClipboard
OleFlushClipboard
OleIsCurrentClipboard

olepro32

ord253

oleaut32

SafeArrayCreate
SafeArrayRedim
SysAllocStringByteLen
VarCyFromStr
VarBstrFromCy
SafeArrayGetLBound
VarDateFromStr
VarBstrFromDate
SafeArrayCopy
SafeArrayGetDim
SafeArrayAllocDescriptor
SafeArrayGetElement
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayAccessData
LoadTypeLi
SafeArrayGetUBound
SafeArrayGetElemsize
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnaccessData
SysAllocString
SysReAllocStringLen
VariantChangeType
VariantCopy
SysStringByteLen
VariantTimeToSystemTime
VariantClear
SysAllocStringLen
SysFreeString
SafeArrayAllocData
SysStringLen

netapi32

Netbios

Sections

.text
Size: 760KB - Virtual size: 760KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

80debf69d4088c82a5f8820aff102941

Headers

File Characteristics

Imports

penglue

mousespy

libmgr

lanmodel

drawscript

sendfunc

jtts_ml

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

netapi32

Sections

.text Size: 760KB - Virtual size: 760KB

.rdata Size: 132KB - Virtual size: 131KB

.data Size: 40KB - Virtual size: 63KB

.idata Size: 20KB - Virtual size: 19KB

.rsrc Size: 24KB - Virtual size: 20KB

.reloc Size: 76KB - Virtual size: 76KB

.text
Size: 760KB - Virtual size: 760KB

.rdata
Size: 132KB - Virtual size: 131KB

.data
Size: 40KB - Virtual size: 63KB

.idata
Size: 20KB - Virtual size: 19KB

.rsrc
Size: 24KB - Virtual size: 20KB

.reloc
Size: 76KB - Virtual size: 76KB