7435105aec655a494f65351ce4e8d55d9db5c20bd27a003dd8c694d71abf08b8

Sharing

Copy URL

Twitter E-mail

General

Target

7435105aec655a494f65351ce4e8d55d9db5c20bd27a003dd8c694d71abf08b8
Size

4.1MB
MD5

141b7122a1d414677e11e8c702aee431
SHA1

dee8fb536fb3f386e536a0326f8c9e786c4f5dae
SHA256

7435105aec655a494f65351ce4e8d55d9db5c20bd27a003dd8c694d71abf08b8
SHA512

e554a8afbc85be16a7452285c7b9feeec115a23f302c69ccfdae6070d907fa16841b7706d22a7fbce2af150d426f5b037d53c4d74aaf26b872e828a37880c32e
SSDEEP

98304:M1wrPDPnWKw6ki4JNHrotxdJP2jTqmuX3O2HChZy7hN:M1Iu5cUpoXdJuSmyOXo77

Score

N/A

Malware Config

Signatures

Files

7435105aec655a494f65351ce4e8d55d9db5c20bd27a003dd8c694d71abf08b8
.exe windows x86

6faf96dbfed72d012b1d01f103666fa5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetKBCodePage
SetScrollInfo
SetRect
ShowWindow
VkKeyScanExW
DestroyCaret
EndDialog
GetScrollPos
TranslateAcceleratorA
DdeNameService
mouse_event
DestroyIcon
CreateIcon
DdeClientTransaction
OpenClipboard
GetClassInfoExA
RegisterClassW
CreateIconFromResourceEx
DefMDIChildProcA
EnumWindowStationsW
PostThreadMessageA
DdeEnableCallback
CreateCursor
SetDebugErrorLevel
LoadKeyboardLayoutW
SetKeyboardState
EnableMenuItem
LoadBitmapA
GetDC
GetWindow
GetKeyboardType
CallMsgFilterA
RegisterHotKey
SetLastErrorEx
IsDialogMessageW
DdeFreeStringHandle
CreateWindowExW
DdeQueryNextServer
EnumChildWindows
CreateDialogParamA
MapDialogRect
AdjustWindowRect
LoadAcceleratorsW
GetClipboardOwner
WINNLSEnableIME
MessageBoxA
GetSystemMenu
SetWindowTextA
DestroyWindow
BringWindowToTop
GetMenuDefaultItem
DefFrameProcW
IsCharLowerA
RedrawWindow
DeferWindowPos
GetClipboardViewer
DrawEdge
GetClassLongW
SetCapture
ValidateRgn
UnregisterClassA
SetClassLongA
GetClassNameA
DdeUninitialize
SetClassWord

gdi32

CreateFontIndirectA
GetDeviceCaps
EnumICMProfilesA
SelectClipPath
GetBoundsRect
GetTextCharacterExtra
DeleteObject
DPtoLP
CloseEnhMetaFile
GetClipRgn
CheckColorsInGamut
SetArcDirection
GetTextFaceA
ScaleViewportExtEx
ExtEscape
SetSystemPaletteUse
CopyMetaFileW
CombineTransform
GetTextExtentExPointA
ExtSelectClipRgn
GetOutlineTextMetricsW
GetObjectType
UpdateICMRegKeyW
PolyDraw
ResetDCA
CreateMetaFileA
GetViewportExtEx
SetAbortProc
SetBitmapBits
CreateDIBPatternBrush
ArcTo
GetObjectW
UpdateICMRegKeyA
AngleArc
GetKerningPairsW
SetDeviceGammaRamp
GetCharABCWidthsW
EnumFontsA
Escape
CreateBitmap
GetDCOrgEx
EndPage
ExtTextOutW

winspool.drv

AdvancedDocumentPropertiesA
EnumPrintersW
FindClosePrinterChangeNotification
EnumJobsA
SetPortW
EnumPrinterKeyW
DeletePrinterDriverW
GetPrinterDriverW
EnumFormsW
DeletePrinterKeyW
SetPrinterDataA
AddPrinterConnectionW
AddPrinterDriverA
DeletePrinter
DeleteFormA
SetJobA
GetPrinterDriverDirectoryA
AddPortA
GetJobA
SetPrinterDataW
EnumFormsA
DeviceCapabilitiesA
DeletePrintProcessorW
GetPrinterDriverDirectoryW
DeleteMonitorA

resutils

ResUtilSetPropertyParameterBlock
ResUtilStopService
ResUtilAddUnknownProperties
ResUtilGetPropertySize
ResUtilGetPrivateProperties
ResUtilVerifyPropertyTable
ResUtilGetBinaryProperty
ResUtilGetDwordProperty
ResUtilVerifyResourceService

clusapi

CreateClusterNotifyPort
SetClusterResourceName
CanResourceBeDependent
GetClusterKey
CreateClusterResourceType
AddClusterResourceNode
ClusterRegOpenKey
GetClusterNetInterface
FailClusterResource
GetClusterNetInterfaceKey
AddClusterResourceDependency
ClusterEnum
ClusterResourceTypeControl
OpenClusterNetInterface
GetClusterNodeId
OpenClusterNode

imm32

ImmIsIME
ImmSetCompositionStringW
ImmRegisterWordA
ImmGetGuideLineA
ImmEscapeW
ImmGetConversionListA

pdh

PdhGetDefaultPerfObjectA
PdhOpenQueryA
PdhCollectQueryDataEx
PdhGetCounterInfoA
PdhParseInstanceNameA
PdhEnumObjectsA
PdhGetRawCounterValue
PdhUpdateLogW
PdhRemoveCounter
PdhCloseQuery
PdhFormatFromRawValue
PdhGetFormattedCounterArrayW

oleaut32

VarFormatPercent

msi

ord71
ord10
ord50
ord31
ord47
ord25
ord53
ord54
ord28
ord32
ord52
ord21
ord74
ord170

setupapi

SetupDiGetClassImageIndex
SetupGetInfFileListA
SetupDiCreateDeviceInterfaceA
SetupGetFileCompressionInfoA
SetupQueryDrivesInDiskSpaceListW
SetupDiSetSelectedDriverA
SetupDiOpenDeviceInfoA
SetupInstallFromInfSectionW
SetupIterateCabinetA
SetupPromptReboot
SetupScanFileQueueW
SetupCommitFileQueueA
SetupQueueDefaultCopyA
SetupInstallServicesFromInfSectionA
SetupDiGetHwProfileList
SetupQuerySpaceRequiredOnDriveA
SetupDiGetClassDescriptionW
SetupDiGetDriverInstallParamsA
SetupDiGetDeviceInstallParamsA
SetupDiInstallClassExA
SetupDiCreateDeviceInfoList
SetupQueryInfFileInformationA
SetupDiOpenClassRegKeyExW
SetupDiOpenClassRegKeyExA
SetupDiGetDeviceInterfaceDetailA
SetupDiGetSelectedDriverW

urlmon

URLDownloadToFileA
CoInternetQueryInfo

msvcrt

_except_handler3

mpr

MultinetGetConnectionPerformanceW
WNetGetUniversalNameA
WNetGetLastErrorA
WNetAddConnection3W
WNetCloseEnum
WNetAddConnection3A
WNetDisconnectDialog1A
WNetOpenEnumA
WNetEnumResourceA

rasapi32

RasEnumDevicesA
RasHangUpW

winmm

joySetThreshold
midiInStart
midiInGetDevCapsA
waveInUnprepareHeader
midiOutGetNumDevs
midiInStop
midiOutLongMsg
waveOutGetID
auxGetDevCapsW
mciGetDeviceIDFromElementIDA

kernel32

GetSystemPowerStatus
GlobalFlags

shlwapi

SHCreateShellPalette
PathIsSameRootW
PathMakePrettyA
StrToIntExW
SHRegOpenUSKeyW
PathFindNextComponentA
PathAddBackslashW
PathGetDriveNumberA
PathMakeSystemFolderA
PathFindExtensionW
PathSetDlgItemPathA
SHRegGetBoolUSValueA
PathGetArgsW
SHDeleteKeyW
StrNCatW
SHEnumValueA
PathAddExtensionA
PathCombineW
PathSearchAndQualifyW
PathCommonPrefixA
PathIsUNCA
StrTrimW
StrTrimA
PathIsContentTypeA
PathFindFileNameW
PathFindNextComponentW
SHEnumKeyExW
PathFindOnPathA
SHRegQueryUSValueA
PathAddBackslashA

rpcrt4

NdrNonEncapsulatedUnionFree
NdrComplexStructMarshall
NdrNsSendReceive
RpcNetworkInqProtseqsA
NdrEncapsulatedUnionBufferSize
NdrConvert2
MesInqProcEncodingId
NdrUserMarshalBufferSize
RpcBindingInqObject
RpcAsyncCancelCall
NdrInterfacePointerMarshall
RpcStringBindingComposeA
NdrFullPointerQueryPointer
NdrNonConformantStringMarshall
NdrConformantStructFree
RpcServerInqDefaultPrincNameA
RpcProtseqVectorFreeA
NdrRpcSmClientFree
RpcNsBindingInqEntryNameW
RpcAsyncInitializeHandle
I_UuidCreate
NdrClientInitialize
RpcBindingServerFromClient
I_RpcNsBindingSetEntryNameA
DceErrorInqTextW
RpcServerUseProtseqEpA
I_RpcFree
RpcBindingToStringBindingA
MIDL_wchar_strlen
RpcBindingVectorFree

Sections

.text
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 750KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6faf96dbfed72d012b1d01f103666fa5

Headers

File Characteristics

Imports

user32

gdi32

winspool.drv

resutils

clusapi

imm32

pdh

oleaut32

msi

setupapi

urlmon

msvcrt

mpr

rasapi32

winmm

kernel32

shlwapi

rpcrt4

Sections

.text Size: 66KB - Virtual size: 66KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 3KB - Virtual size: 750KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 66KB - Virtual size: 66KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 3KB - Virtual size: 750KB

.rsrc
Size: 4KB - Virtual size: 4KB