fa4e9ac913f6ba98a1ee861ed47fca84d7eea8ae6f600552b52d99ddc71289bf

Sharing

Copy URL

Twitter E-mail

General

Target

fa4e9ac913f6ba98a1ee861ed47fca84d7eea8ae6f600552b52d99ddc71289bf
Size

1.8MB
MD5

363be1525f4249ed58ba0e18135fa9f0
SHA1

b01f427345fcf80a84d9844c4157fa8c5a527ddb
SHA256

fa4e9ac913f6ba98a1ee861ed47fca84d7eea8ae6f600552b52d99ddc71289bf
SHA512

866fec0153c5950f764942f794c31891df699b93f28cb9639576ed733cc497008e53484b193d0fbf5cddf8a2218b2a4780b15e107d4428bd9e354942953aa5cc
SSDEEP

24576:zWNG+uwBEN5ykw7hoBtqFoOGbCkV0a+9n:zWNxn

Score

N/A

Malware Config

Signatures

Files

fa4e9ac913f6ba98a1ee861ed47fca84d7eea8ae6f600552b52d99ddc71289bf
.exe windows x86

e356c02ae22491574c7671b37e63c93c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DefineDosDeviceW
GetPrivateProfileSectionNamesW
GetProfileIntA
GetFileAttributesW
CreateProcessA
GetNamedPipeInfo
CreateMutexW
ReadDirectoryChangesW
GetLogicalDriveStringsW
FormatMessageA
GetDiskFreeSpaceExW
FindResourceA
DosDateTimeToFileTime
GetConsoleCP
GetProcAddress
SetInformationJobObject
GetCompressedFileSizeA
GetConsoleCursorInfo
CreateNamedPipeW
VirtualQuery
GetOEMCP
MultiByteToWideChar
OpenSemaphoreW
GetThreadTimes
GetProcessAffinityMask
LCMapStringW
DeleteAtom
CreateDirectoryW
GetFileSizeEx
SetLocaleInfoW
GetFullPathNameW
UnregisterWait
GetBinaryTypeA
GetTapeStatus
SetNamedPipeHandleState
SystemTimeToTzSpecificLocalTime
GetPrivateProfileSectionA
CreateTimerQueueTimer
FlushViewOfFile
CreateJobObjectW
GetLogicalDriveStringsA
SetConsoleCtrlHandler
SetProcessPriorityBoost
GetNamedPipeHandleStateW
GetSystemDirectoryA
MapViewOfFileEx
SetConsoleOutputCP
GetNumberFormatA
ReleaseSemaphore
OpenMutexW
GetHandleInformation
GetNumberFormatW
ConvertDefaultLocale
SetProcessWorkingSetSize
FindFirstVolumeW
DeleteVolumeMountPointA
GetDiskFreeSpaceW
IsBadReadPtr
GetStdHandle
GetConsoleAliasesW
SystemTimeToFileTime
GetLocaleInfoA
CreateDirectoryA
FreeEnvironmentStringsA
GetModuleHandleA
SwitchToThread
GetConsoleOutputCP
GetConsoleScreenBufferInfo
GetEnvironmentVariableW
ResetEvent
GetFileAttributesA
GetCommandLineW
GetThreadContext
DuplicateHandle
FlushConsoleInputBuffer
FreeUserPhysicalPages
FindResourceExW
SetCurrentDirectoryA
GetSystemTime
CreateMutexA
GetProfileSectionW
GetVolumeNameForVolumeMountPointW
FindFirstFileW
SearchPathA
SetThreadPriority
GetDevicePowerState
DeleteTimerQueueEx
GetDateFormatA
CompareFileTime
GetEnvironmentVariableA
CreateDirectoryExW
SetThreadContext
OpenFileMappingW
ProcessIdToSessionId
GetDateFormatW
GetSystemWindowsDirectoryW
GetCurrentConsoleFont
FileTimeToSystemTime
PeekNamedPipe
FindFirstFileA
SetThreadIdealProcessor
ReleaseMutex
FoldStringW
GetACP
SetConsoleActiveScreenBuffer
FreeEnvironmentStringsW
CreateProcessW
CreateEventA
ExpandEnvironmentStringsW
CreateHardLinkA
CopyFileA
GetTimeFormatW
GetShortPathNameW
GetFullPathNameA
SetEnvironmentVariableA
GetTempPathA
GetWindowsDirectoryW
IsDBCSLeadByteEx
EnumCalendarInfoExA
GetFileSize
CompareStringA
CreateMailslotW
FindVolumeMountPointClose
GetEnvironmentStrings
GetDriveTypeA
SetEndOfFile
GetAtomNameA
MoveFileExW
SetWaitableTimer
SetConsoleMode
GetPrivateProfileStringW
GetProcessTimes
IsValidLocale
IsValidCodePage
ContinueDebugEvent
CreateToolhelp32Snapshot
VerifyVersionInfoW
GetModuleFileNameA
CopyFileExA
GetUserDefaultUILanguage
DeleteTimerQueue
GetFileType
GetVersion
FindFirstVolumeA
GetStartupInfoW
GlobalLock
FoldStringA
AssignProcessToJobObject
VirtualProtect
CreateFileMappingW
SetThreadAffinityMask
EnumCalendarInfoExW
SetErrorMode
GetDriveTypeW
GetLongPathNameW
CreateSemaphoreW
GetConsoleAliasExesLengthA
GetLogicalDrives
Module32First
GetSystemWindowsDirectoryA
AreFileApisANSI
GetVolumePathNameW
ReplaceFileA
PostQueuedCompletionStatus
GetExitCodeThread
OpenJobObjectA
OpenWaitableTimerA
IsDBCSLeadByte
SetConsoleCP
IsDebuggerPresent
SetHandleInformation
CopyFileW
GetFileAttributesExW
SetProcessAffinityMask
GetCPInfo
lstrcmpA
MapViewOfFile
TlsFree
OpenMutexA
GetCPInfoExA
WideCharToMultiByte
MoveFileWithProgressA
DeleteTimerQueueTimer
GetConsoleMode
DefineDosDeviceA
FindResourceW
VirtualAlloc
EnumCalendarInfoA
GetCurrentProcess
GetPriorityClass
OpenProcess
CancelIo
GetStringTypeA
CancelWaitableTimer
GetCurrentDirectoryA
GetThreadLocale
DeviceIoControl
SetMailslotInfo
CopyFileExW
SetSystemPowerState

rpcrt4

NdrMesTypeDecode2
NdrSimpleStructMarshall
RpcBindingCopy
RpcNetworkIsProtseqValidW
RpcGetAuthorizationContextForClient
UuidHash
MesEncodeDynBufferHandleCreate
MesEncodeFixedBufferHandleCreate
NdrClearOutParameters
RpcMgmtWaitServerListen
RpcNetworkIsProtseqValidA
RpcAsyncInitializeHandle
RpcRevertToSelf
RpcBindingFree
MesHandleFree
RpcErrorEndEnumeration
RpcBindingInqAuthInfoExW
RpcStringBindingComposeA
NdrPointerUnmarshall
NdrCorrelationInitialize
UuidCreate
RpcIfInqId
UuidToStringW
I_RpcBindingInqTransportType
RpcImpersonateClient
RpcServerUseProtseqIfW
IUnknown_QueryInterface_Proxy
MesIncrementalHandleReset
RpcBindingReset
RpcBindingSetObject

user32

LoadAcceleratorsW
ChildWindowFromPoint
MessageBoxA
GetWindowLongA
SystemParametersInfoW
EnumChildWindows
GetKeyboardType
GetShellWindow
CheckRadioButton
PostQuitMessage
CharToOemA
FindWindowExA
AttachThreadInput
GetMessageTime
GetDialogBaseUnits
EqualRect
GetDCEx
SendMessageTimeoutW
AdjustWindowRectEx
GetScrollInfo
DestroyWindow
DispatchMessageA
SetFocus
IsIconic
WinHelpA
LoadImageA
DefWindowProcA
CloseDesktop
GetCapture
SetWindowTextW
SendMessageA
RegisterWindowMessageW
DialogBoxParamW
LoadImageW
OpenDesktopW
SetForegroundWindow
DispatchMessageW
RegisterClipboardFormatA
FindWindowA
EnumWindows
GetWindowPlacement
DestroyCursor
CopyIcon
PtInRect
SetWindowLongA
GetAltTabInfoA
IsWindowEnabled

comctl32

ImageList_DragShowNolock
ImageList_GetImageCount
InitializeFlatSB
PropertySheetA
ImageList_Remove
ImageList_Replace
ImageList_LoadImageA
ImageList_GetBkColor
ImageList_Read
FlatSB_GetScrollPos
ImageList_GetIconSize
ImageList_SetDragCursorImage
ImageList_Draw
ImageList_DragEnter
ImageList_Create
ImageList_GetIcon
ImageList_GetDragImage
ImageList_ReplaceIcon
ImageList_SetOverlayImage
ImageList_GetImageInfo
FlatSB_GetScrollInfo
FlatSB_SetScrollPos
PropertySheetW
InitCommonControlsEx
CreatePropertySheetPageA
ImageList_EndDrag
DestroyPropertySheetPage
CreateStatusWindowW
ImageList_Write
ImageList_Copy
ImageList_Add
ImageList_SetImageCount
ImageList_DragLeave
FlatSB_SetScrollProp
ImageList_BeginDrag
_TrackMouseEvent
ImageList_Destroy
CreatePropertySheetPageW
ImageList_LoadImageW
ImageList_SetBkColor
ImageList_AddMasked
ImageList_DrawEx
FlatSB_SetScrollInfo
ord17
CreateToolbarEx
ImageList_SetIconSize
ImageList_DrawIndirect
ImageList_DragMove

advapi32

RegEnumKeyA
LsaClose
CopySid
RegCloseKey
SetFileSecurityW
OpenSCManagerW
OpenServiceW
RegQueryInfoKeyW
CheckTokenMembership
CloseServiceHandle
EqualSid
GetSecurityDescriptorDacl
RegNotifyChangeKeyValue
RegCreateKeyExW
SetThreadToken
RegDeleteKeyW
RegCreateKeyW
RegConnectRegistryW
RegEnumValueW
LookupAccountNameW
RegEnumKeyExA

shell32

SHGetSpecialFolderLocation
SHGetMalloc
ShellExecuteExW
SHChangeNotify
SHGetDesktopFolder
SHBrowseForFolderW
CommandLineToArgvW
SHFileOperationW
SHBindToParent
ShellExecuteW
SHGetFileInfoW
SHGetFolderPathW
SHGetSpecialFolderPathW

ole32

CoGetObject
CoFreeUnusedLibrariesEx
HWND_UserMarshal
CoIsHandlerConnected
CoCreateFreeThreadedMarshaler
HWND_UserSize
CoGetMarshalSizeMax
OleBuildVersion
StgCreatePropSetStg
CoCancelCall
OleConvertIStorageToOLESTREAMEx
CoTaskMemAlloc
BindMoniker
CoSetProxyBlanket
CoQueryProxyBlanket
CoQueryClientBlanket
OleRun
OleCreateFromFile
StgSetTimes
CoIsOle1Class
CreateClassMoniker
OleMetafilePictFromIconAndLabel
CLIPFORMAT_UserSize
CoResumeClassObjects
OleRegEnumFormatEtc
HACCEL_UserFree
CoInstall
OleCreateLinkFromData
CoCreateGuid
OleIsRunning
StgCreateDocfileOnILockBytes
ReadFmtUserTypeStg
OleLoad
OleInitialize
HACCEL_UserSize
MonikerCommonPrefixWith
OleNoteObjectVisible
OleCreateLinkToFile
StringFromIID
GetClassFile
OleCreateMenuDescriptor
CoCreateInstance
OleSave
OleDoAutoConvert
CreateStreamOnHGlobal
HPALETTE_UserUnmarshal
OleTranslateAccelerator
RegisterDragDrop
CreateILockBytesOnHGlobal
OleSaveToStream
HDC_UserSize
WriteClassStg
CreateFileMoniker
OleGetIconOfClass

oleaut32

VariantCopy
VariantCopyInd
VariantChangeTypeEx
VariantClear
SysAllocStringLen
SysStringLen
SafeArrayPtrOfIndex
GetActiveObject
SysFreeString
GetErrorInfo
SysAllocStringByteLen
VariantInit
VariantChangeType
SafeArrayGetLBound
SysReAllocStringLen
SafeArrayGetUBound
SafeArrayCreate

msvcrt

_exit
_XcptFilter
_cexit
exit
__initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_except_handler3
_c_exit

Sections

.text
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e356c02ae22491574c7671b37e63c93c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

rpcrt4

user32

comctl32

advapi32

shell32

ole32

oleaut32

msvcrt

Sections

.text Size: 123KB - Virtual size: 123KB

.data Size: 1.7MB - Virtual size: 1.7MB

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 123KB - Virtual size: 123KB

.data
Size: 1.7MB - Virtual size: 1.7MB

.rsrc
Size: 20KB - Virtual size: 19KB