e1560f34cf39aab6302339e6e7b505985a7dba53328833f0ba795320e7a15edf

Sharing

Copy URL Twitter E-mail

General

Target

e1560f34cf39aab6302339e6e7b505985a7dba53328833f0ba795320e7a15edf
Size

972KB
MD5

39f1bff5d048e33e529c8aa78cd4b4be
SHA1

a7a6d4b56247c8e17bbf7f7fd2902cb69c60dbf4
SHA256

e1560f34cf39aab6302339e6e7b505985a7dba53328833f0ba795320e7a15edf
SHA512

02f49aca8296e0fb1eae0afec8f13c701a525fe2e33c970f4ddf9bc0d32e1835efeec6f97fde6860c2d4effa6064637a324e58099fc4a0fb571f10ae244f2d43
SSDEEP

6144:fWU+XhqBYkGVeTjFHDm+3RYRf0SibToJc1SzTzFFGoPLygDeqOJTP3NK1NRiD3X:+NUB71TjFHDR3RY9Wp0f7Gos20

Score

N/A

Malware Config

Signatures

Files

e1560f34cf39aab6302339e6e7b505985a7dba53328833f0ba795320e7a15edf
.exe windows x86

396c4ac0e471e2354b17cc24a1dfc8d8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
??3@YAXPAX@Z
__set_app_type
__p__fmode
__p__commode
_except_handler3
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_cexit
_XcptFilter
_exit
_c_exit
malloc
realloc
free
memmove
_purecall
??2@YAPAXI@Z
_adjust_fdiv

advapi32

CryptGetHashParam
CryptDestroyHash
CryptReleaseContext
CryptAcquireContextA
RegCreateKeyA
RegQueryValueExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
ChangeServiceConfigA
RegFlushKey
CloseServiceHandle
RegEnumKeyExA
OpenSCManagerA
OpenServiceA
QueryServiceStatus
StartServiceA
ControlService
RegEnumValueA
RegQueryInfoKeyA
RegOpenKeyA
RegSetValueExA
CryptCreateHash
CryptHashData
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA

kernel32

GetSystemDirectoryA
OpenProcess
GetCurrentProcessId
IsDBCSLeadByte
GetComputerNameA
LocalAlloc
OpenEventA
HeapDestroy
GetModuleFileNameA
LeaveCriticalSection
EnterCriticalSection
GetVersionExA
GlobalUnlock
GlobalLock
GlobalAlloc
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetShortPathNameA
HeapAlloc
FlushInstructionCache
GetCurrentProcess
GetCurrentThreadId
GetTimeFormatA
GetDateFormatA
FormatMessageA
CompareStringA
CompareFileTime
SystemTimeToFileTime
CreateMutexA
CreateProcessA
ResumeThread
FindClose
FindFirstFileA
SetLastError
TerminateThread
FreeResource
LockResource
FindNextFileA
GetPrivateProfileStringA
GetPrivateProfileIntA
WritePrivateProfileStringA
DuplicateHandle
GetStartupInfoA
GlobalFree
GlobalHandle
LocalReAlloc
GetModuleHandleA
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
GetProcessHeap
HeapFree
GetUserDefaultLCID
GetSystemDefaultLCID
LoadLibraryA
FileTimeToSystemTime
lstrcatA
lstrcmpiA
GetLocalTime
SetEndOfFile
SetFilePointer
ReadFile
MulDiv
GetTickCount
lstrlenW
lstrcpynA
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
CreateThread
ResetEvent
Sleep
lstrcpyA
lstrcmpA
DeleteFileA
SetEvent
CloseHandle
WriteFile
GetLastError
WaitForSingleObject
LocalFree
GetProcAddress
FreeLibrary
InterlockedDecrement
QueryPerformanceCounter
QueryPerformanceFrequency
SetPriorityClass
GetPriorityClass
GetSystemInfo
GetStringTypeExA
SetErrorMode
GetFileAttributesA
CreateDirectoryA
RtlUnwind
GetTempPathA
GetTempFileNameA
CreateFileA
ReleaseMutex
CreateEventA
WinExec

gdi32

GetTextExtentPointA
GetSystemPaletteUse
GetSystemPaletteEntries
PatBlt
StretchBlt
GetMapMode
SetBkColor
ExtTextOutA
CreatePalette
CreatePen
MoveToEx
LineTo
SelectPalette
RealizePalette
SetBkMode
SetTextColor
GetTextMetricsA
GetTextExtentPoint32A
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
GetObjectA
CreateRectRgnIndirect
CreateDCA
LPtoDP
SaveDC
SetMapMode
SetWindowOrgEx
SetViewportOrgEx
DeleteDC
RestoreDC
GetDeviceCaps
CreateFontIndirectA
CreateSolidBrush
GetStockObject
SelectObject
DeleteObject
CreateDIBSection

user32

MessageBoxA
GetWindow
SetWindowTextA
GetWindowTextA
RegisterClassExA
LoadCursorA
GetClassInfoExA
RegisterWindowMessageA
CallWindowProcA
DestroyWindow
IsWindow
GetKeyState
DestroyAcceleratorTable
IsChild
GetFocus
GetSysColor
ReleaseCapture
SetCapture
InvalidateRgn
EndPaint
BeginPaint
RedrawWindow
GetClassNameA
CreateWindowExA
RegisterClassA
GetMessageA
CreateAcceleratorTableA
IsWindowVisible
SetCursor
MessageBeep
LoadBitmapA
IsDialogMessageA
SetTimer
KillTimer
GetLastActivePopup
GetDoubleClickTime
CharUpperBuffA
CheckDlgButton
IsDlgButtonChecked
MoveWindow
CreateDialogParamA
DrawTextA
SetRect
GetScrollPos
GetSystemMetrics
SystemParametersInfoA
LoadImageA
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
IsWindowEnabled
GetDlgCtrlID
GetWindowPlacement
SetForegroundWindow
IntersectRect
AppendMenuA
CharLowerA
InSendMessage
ModifyMenuA
GetMenuItemID
GetMenuItemCount
FindWindowExA
DrawIconEx
GetTopWindow
DrawEdge
SetParent
CheckRadioButton
ExitWindowsEx
LoadStringW
CheckMenuItem
TrackPopupMenuEx
GetForegroundWindow
GetMenu
GetSystemMenu
SetWindowPlacement
SendMessageTimeoutA
DeleteMenu
InsertMenuItemA
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetWindowLongA
GetDlgItemTextA
GetWindowTextLengthA
LoadMenuA
GetSubMenu
GetMenuItemInfoA
SetMenuItemInfoA
EnableMenuItem
InsertMenuA
MapWindowPoints
GetWindowRect
TrackPopupMenu
DestroyMenu
GetCursorPos
SetCursorPos
DestroyIcon
CharNextA
LoadAcceleratorsA
TranslateAcceleratorA
CopyAcceleratorTableA
SetFocus
wsprintfA
CharUpperA
CharToOemA
ShowWindow
LoadIconA
EqualRect
OffsetRect
SetWindowRgn
SetWindowPos
GetDesktopWindow
DefWindowProcA
UnionRect
PtInRect
PostThreadMessageA
RemoveMenu
FindWindowA
LoadStringA
MsgWaitForMultipleObjects
TranslateMessage
DispatchMessageA
PeekMessageA
GetClientRect
InvalidateRect
UpdateWindow
GetDC
FrameRect
FillRect
ReleaseDC
GetParent
SetWindowLongA
PostMessageA
DialogBoxParamA
EndDialog
SendMessageA
GetDlgItem
EnableWindow
SendDlgItemMessageA
WinHelpA
AdjustWindowRectEx
GetMessagePos
GetSysColorBrush
GetClassInfoA
GetIconInfo
SetDlgItemTextA

winmm

mmioRead
waveOutClose
waveOutOpen
waveInClose
waveInOpen
waveOutGetDevCapsA
waveOutGetNumDevs
waveInGetDevCapsA
waveInGetNumDevs
PlaySoundA
mixerGetLineControlsA
mixerGetControlDetailsA
mixerSetControlDetails
mixerGetLineInfoA
mixerGetDevCapsA
mixerOpen
mixerGetNumDevs
mixerGetID
mmioClose
mmioAscend
mmioDescend
mmioOpenA
waveInStart
waveInPrepareHeader
waveInUnprepareHeader
waveInReset
waveInAddBuffer
waveOutUnprepareHeader
waveOutReset
waveOutPrepareHeader
waveOutWrite
mmioSeek
mixerClose

wsock32

gethostname
inet_addr
ioctlsocket
WSACleanup
WSAStartup
getsockname
gethostbyname

comctl32

ord6
ord8
CreateToolbarEx
ImageList_AddMasked
ImageList_DrawEx
ImageList_Destroy
InitCommonControlsEx
ImageList_Create
ImageList_ReplaceIcon
PropertySheetA

ole32

IsAccelerator
CoTaskMemAlloc
CoTaskMemFree
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemRealloc
CoRegisterMessageFilter
OleRegEnumVerbs
OleRegGetUserType
OleRegGetMiscStatus
CoCreateInstance
CreateStreamOnHGlobal
CoInitializeEx
CoUninitialize
CLSIDFromString
CLSIDFromProgID
OleLockRunning
StringFromCLSID
OleSaveToStream
WriteClassStm
CreateOleAdviseHolder
OleUninitialize
OleInitialize

oleaut32

VariantClear
RegisterTypeLi
VariantChangeType
SysStringByteLen
LoadRegTypeLi
SysStringLen
OleCreatePropertyFrame
SysFreeString
LoadTypeLi
VarUI4FromStr
SysAllocString
SysAllocStringLen

shlwapi

StrChrA
StrCmpNIA

shell32

Shell_NotifyIconA
ShellExecuteA
SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetFileInfoA

crypt32

CertGetIssuerCertificateFromStore
CertFreeCertificateContext
CertGetSubjectCertificateFromStore
CertNameToStrA
CertOpenSystemStoreA
CertCreateCertificateContext
CertFindCertificateInStore
CertOpenStore
CertEnumCertificatesInStore
CertCloseStore

nmas

StartStopOldWB
CreateASObject

mst120

T120_CloseApplet
T120_CreatePluggableTransport
T120_CreateAppletSAP
T120_QueryApplet
T120_LoadApplet

netapi32

Netbios

Sections

.text
Size: 304KB - Virtual size: 302KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 660KB - Virtual size: 656KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

396c4ac0e471e2354b17cc24a1dfc8d8

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

gdi32

user32

winmm

wsock32

comctl32

ole32

oleaut32

shlwapi

shell32

crypt32

nmas

mst120

netapi32

Sections

.text Size: 304KB - Virtual size: 302KB

.data Size: 4KB - Virtual size: 6KB

.rsrc Size: 660KB - Virtual size: 656KB

.text
Size: 304KB - Virtual size: 302KB

.data
Size: 4KB - Virtual size: 6KB

.rsrc
Size: 660KB - Virtual size: 656KB