a7eaf3820504797a6b64e370fba33636e7f1465288555ec4040787c021f771af

Sharing

Copy URL Twitter E-mail

General

Target

a7eaf3820504797a6b64e370fba33636e7f1465288555ec4040787c021f771af
Size

312KB
MD5

e811f99348b9f7d37c43d9ef10e2bb00
SHA1

697c5fef51535b4c2bc375259952cf0ecc134a10
SHA256

a7eaf3820504797a6b64e370fba33636e7f1465288555ec4040787c021f771af
SHA512

1adef8f729bcb91d74dfa9d8ccedbd803e0c6a8410d07cd009b783198788034871abd1b87b55bb8c4a6d0595d566b2a3230a14b0de95ccf53c69d734bd16a33a
SSDEEP

6144:o/9GhZWSIQSbJb95VAghbUJKxvXfpGvk/YZxH:oF44SJS5HzUKXxGOq

Score

N/A

Malware Config

Signatures

Files

a7eaf3820504797a6b64e370fba33636e7f1465288555ec4040787c021f771af
.exe windows x86

02e617a6f938f306f2dafc8cb5f8b2ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

DeleteService
DeleteAce
EnumServicesStatusA
RegOpenKeyW
RegSetValueW
RegCloseKey
RegEnumValueW
ControlService
StartServiceA
CryptReleaseContext
QueryServiceStatus
RegDeleteValueA
LookupPrivilegeValueA
SetSecurityDescriptorDacl
GetTokenInformation
OpenProcessToken
ReportEventA
RegOpenKeyExA
DeregisterEventSource
InitiateSystemShutdownA
RegCreateKeyA
CryptAcquireContextA
RegDeleteValueW
CryptHashData
RegSetValueExA
RegSetValueA
RegQueryInfoKeyA
OpenSCManagerA
CryptEncrypt
GetLengthSid
FreeSid
CreateServiceA
StartServiceCtrlDispatcherW
RegDeleteKeyW
RegQueryValueExW
RegisterServiceCtrlHandlerW
CryptDecrypt
CreateServiceW
RegEnumKeyA
InitializeSecurityDescriptor
RegOpenKeyA
SetServiceStatus
RegisterServiceCtrlHandlerA
RegEnumKeyW
RegisterEventSourceW
RegDeleteKeyA
RegEnumKeyExW
AdjustTokenPrivileges
RegEnumKeyExA
RegQueryValueExA
GetFileSecurityA
RegCreateKeyW
AccessCheck
RegQueryValueW
RegQueryValueA
RegSetValueExW
RegQueryInfoKeyW
OpenServiceA
RegCreateKeyExA
CloseServiceHandle
InitializeAcl
CryptCreateHash

oleaut32

LoadTypeLi

ole32

ProgIDFromCLSID
CoLockObjectExternal
CoResumeClassObjects
StgOpenStorageOnILockBytes
StgCreateDocfile
CoRegisterMessageFilter
OleLockRunning
CoFreeUnusedLibraries
OleTranslateAccelerator
StgIsStorageFile
WriteFmtUserTypeStg
CoSetProxyBlanket
OleCreateMenuDescriptor
CoTreatAsClass
GetRunningObjectTable
CoInitializeEx
CoRegisterClassObject
OleRun
WriteClassStg
StgOpenStorage
StringFromCLSID
OleIsCurrentClipboard
CreateILockBytesOnHGlobal
OleUninitialize
OleDestroyMenuDescriptor
SetConvertStg
CoTaskMemRealloc
StgIsStorageILockBytes
OleLoad
StgCreateDocfileOnILockBytes
GetHGlobalFromILockBytes
ReadFmtUserTypeStg
WriteClassStm
OleDuplicateData
CoGetMalloc
CreateFileMoniker
CoTaskMemAlloc
CreateItemMoniker
CoInitialize
CoCreateInstance
CLSIDFromProgID
CreateBindCtx
OleCreateFromData
OleGetClipboard
CoGetInterfaceAndReleaseStream
CoLoadLibrary
CoInitializeSecurity
OleRegEnumVerbs
ReleaseStgMedium
CLSIDFromString
OleRegGetMiscStatus
IsAccelerator
CoTaskMemFree
OleSaveToStream
OleFlushClipboard
CreateOleAdviseHolder
StringFromGUID2
CoRevokeClassObject
CoUninitialize
ReadClassStg
CoGetClassObject
CreateDataAdviseHolder
CoDisconnectObject
GetClassFile
CreateGenericComposite
OleCreateStaticFromData
RevokeDragDrop
OleIsRunning
CoSuspendClassObjects
OleSetClipboard
OleInitialize
CreateStreamOnHGlobal

user32

GetForegroundWindow
LoadIconA
FindWindowA
DrawTextA
GetScrollInfo
SetCapture
LockWindowUpdate
UnregisterClassA
SetScrollPos
SetDlgItemTextA
OffsetRect
LoadCursorW
CloseWindow
SendMessageTimeoutA
InvalidateRgn
GetClassInfoExA
PostMessageA
DrawFrameControl
GetKeyState
GetKeyboardState
TranslateMessage
DestroyWindow
PostThreadMessageA
RegisterClassExA
SetWindowPos
MessageBoxW
MessageBeep
LoadAcceleratorsW
GetSysColor
LoadImageW
ShowCaret
SetWindowLongW
ModifyMenuA
RegisterClassA
IsChild
GetSystemMetrics
MapVirtualKeyExA
GetFocus
SetMenuItemInfoW
SendMessageA
IsRectEmpty
GetClassInfoExW
TabbedTextOutA
SetTimer
CreateIconIndirect
IsWindow
ReleaseCapture
DefWindowProcW
IsIconic
DrawEdge
wsprintfA
GetNextDlgTabItem
EndDialog
DrawTextW
GetDesktopWindow
CallWindowProcA
GetMessageTime
HiliteMenuItem
SetMenuDefaultItem
TrackPopupMenu
FrameRect
ScrollWindow
CopyIcon
RegisterWindowMessageA
GetParent
DefDlgProcA
LoadIconW
GetWindowLongW
EnableScrollBar
GetPropW
SendMessageW
SetMenu
ExcludeUpdateRgn
GetDlgItem
MessageBoxA
ChangeClipboardChain
TranslateMDISysAccel
CloseClipboard
CreateWindowExA
OpenClipboard
MapWindowPoints
CreateMenu
SetCursor
RegisterClassW
CheckMenuItem
EnumWindows
GetMessageA
GetMessageW
LoadBitmapW
WaitForInputIdle
WindowFromPoint
GetScrollPos
DrawFocusRect
CheckDlgButton
SetCursorPos
GetWindowThreadProcessId
SetPropA
GetDlgItemTextA
RegisterHotKey
UnregisterHotKey
ShowWindow
InvalidateRect
SetFocus
MoveWindow
GetIconInfo
FillRect
GetClassInfoA
RemoveMenu
SetWindowTextA
GetDlgItemInt
IsClipboardFormatAvailable
EqualRect
SystemParametersInfoW
SystemParametersInfoA
ScreenToClient
LoadMenuA
DialogBoxIndirectParamW
CharUpperA
SendInput
EnableMenuItem
TrackMouseEvent
LoadBitmapA
PeekMessageA
SetWindowLongA
DrawTextExA
DestroyCursor
UnhookWindowsHookEx
BeginPaint
GetMenuState
IntersectRect
GetSubMenu
MapVirtualKeyA
GetMenuItemInfoA
AdjustWindowRectEx
ReuseDDElParam
CreateWindowExW
LoadMenuW
PostMessageW
AppendMenuA
SetWindowPlacement
IsMenu
SetRectEmpty
LoadStringW
PostQuitMessage
GetTopWindow
CreatePopupMenu
GetNextDlgGroupItem
SetPropW
GetWindowTextLengthA
DestroyAcceleratorTable
GetClassNameA
DrawTextExW
SetScrollRange
ReleaseDC
ExitWindowsEx
DrawMenuBar
GetLastActivePopup
BringWindowToTop
TrackPopupMenuEx
GetActiveWindow
ScrollWindowEx
EndPaint
CreateDialogIndirectParamA
GetMenuDefaultItem
HideCaret
SendMessageTimeoutW
KillTimer
SetScrollInfo
GetWindowLongA
CallNextHookEx
CharUpperW
CopyAcceleratorTableA
GetWindowTextA
GetWindowTextW
DeferWindowPos
CopyRect
ClientToScreen
RegisterClipboardFormatA
GetAsyncKeyState
GetWindowPlacement
DeleteMenu
GetDialogBaseUnits
DefFrameProcA
CreateDialogParamW
LoadStringA
SetRect
InsertMenuItemA
GetMenuItemCount
GetScrollRange
GetWindowDC
DrawIcon
DialogBoxParamW
CharLowerA
IsWindowVisible
SendDlgItemMessageA
DestroyMenu
DispatchMessageA
GetCursorPos
EnableWindow
RegisterClassExW
DrawStateA
UpdateWindow
GrayStringA
SetForegroundWindow
GetDlgCtrlID
SetWindowsHookExW
SetDlgItemTextW
DefWindowProcA
IsWindowEnabled
DrawIconEx
ChildWindowFromPointEx
GetSystemMenu
SetWindowRgn
EmptyClipboard
ValidateRect
DispatchMessageW
TranslateAcceleratorW
GetDC
SetWindowContextHelpId
GetWindowRect
IsDialogMessageA
GetPropA
IsZoomed
GetClassLongW
IsDlgButtonChecked
MapDialogRect
SetClipboardData
GetMenuCheckMarkDimensions
ShowScrollBar
PeekMessageW
WinHelpA
MonitorFromPoint
GetClientRect
GetCapture
GetWindow
PtInRect
GetSysColorBrush
DestroyIcon
CreateDialogParamA
GetMessagePos
GetMenuItemID
RemovePropA
LoadCursorA
GetCursor

comctl32

ImageList_LoadImageA
ImageList_GetImageInfo
ImageList_ReplaceIcon
ImageList_EndDrag
ImageList_DrawEx
InitCommonControlsEx
ImageList_Write
ImageList_GetIconSize
ImageList_Add
FlatSB_EnableScrollBar
ImageList_GetImageCount
ImageList_Read
ImageList_Remove
ImageList_GetIcon
ImageList_SetBkColor
ImageList_GetDragImage
ImageList_DragLeave
_TrackMouseEvent
PropertySheetA
ImageList_BeginDrag
CreatePropertySheetPageW
ImageList_GetBkColor
ImageList_AddMasked
ord17
InitializeFlatSB
ImageList_Create
ImageList_DragEnter
ImageList_Draw
ImageList_DragMove
ImageList_Destroy
ImageList_Replace
CreatePropertySheetPageA
DestroyPropertySheetPage
ImageList_Merge

shell32

SHGetDesktopFolder
SHGetMalloc
DragQueryPoint
SHGetSpecialFolderPathA
DragQueryFileA
SHGetPathFromIDListW
ShellExecuteA
SHEmptyRecycleBinA
SHGetSpecialFolderLocation
SHGetFileInfoW
Shell_NotifyIconW
DragFinish
ExtractIconW
SHGetPathFromIDListA
ord155
ExtractIconA
DragAcceptFiles
SHGetFileInfoA
Shell_NotifyIconA

kernel32

InterlockedDecrement
HeapFree
HeapSize
GetPriorityClass
OutputDebugStringA
GetExitCodeProcess
GetVersionExA
Sleep
SetEvent
LoadResource
WinExec
GetFileTime
LeaveCriticalSection
UnlockFile
_lclose
TlsSetValue
MoveFileA
LCMapStringA
GlobalReAlloc
GetPrivateProfileIntA
CompareFileTime
SetThreadPriority
FindFirstFileA
CreateMutexW
WaitForMultipleObjectsEx
GetOEMCP
GetStartupInfoW
HeapReAlloc
GetCurrentDirectoryA
CreateFileMappingA
HeapCreate
DeleteFileA
GetEnvironmentVariableA
CreateEventA
GetExitCodeThread
SystemTimeToFileTime
IsValidCodePage
UnmapViewOfFile
GetPrivateProfileStringA
lstrcmpW
SetErrorMode
FindNextFileA
FreeEnvironmentStringsW
_lwrite
GetDiskFreeSpaceA
TlsAlloc
GetLocaleInfoW
FileTimeToSystemTime
GetEnvironmentStrings
GlobalFree
GetLocalTime
GetEnvironmentStringsW
GetACP
GetProcessHeap
GetDateFormatA
SetStdHandle
GetSystemDefaultLangID
lstrcatA
GetCurrentThread
GlobalAddAtomA
GetFileType
GetStartupInfoA
GetDriveTypeA
InterlockedIncrement
SuspendThread
GetUserDefaultLCID
EnumSystemLocalesA
GetTickCount
InterlockedCompareExchange
SetCurrentDirectoryA
GlobalSize
LockFile
CopyFileA
FlushFileBuffers
RaiseException
RtlUnwind
FileTimeToDosDateTime
CreateDirectoryA
SetHandleCount
SetLastError
InitializeCriticalSection
IsBadWritePtr
LockResource
ReadFile
FreeEnvironmentStringsA
TlsGetValue
WaitForSingleObject
HeapAlloc
FindResourceA
LocalAlloc
_llseek
GetTimeFormatA
GetWindowsDirectoryA
ExitProcess
CreateFileMappingW
_lopen
lstrlenA
GlobalFindAtomA
GetStringTypeW
GetModuleFileNameW
CreateFileA
GetSystemDirectoryA
GetProcessVersion
lstrcatW
GetSystemTimeAsFileTime
GetFileAttributesW
GlobalLock
LocalFileTimeToFileTime
GetLocaleInfoA
QueryPerformanceCounter
FatalAppExitA
EnumResourceLanguagesA
WriteFile
GetSystemInfo
CopyFileW
VirtualQuery
GetShortPathNameA
EnterCriticalSection
GlobalUnlock
VirtualProtect
GetProfileStringA
GlobalFlags
GetCurrentProcess
lstrcpyA
FormatMessageW
FileTimeToLocalFileTime
LocalReAlloc
CreateDirectoryW
SetFilePointer
SystemTimeToTzSpecificLocalTime
GetCommandLineW
GetConsoleOutputCP
GetTempPathA
GetFullPathNameW
SetFileAttributesA
CreateMutexA
GetLastError
lstrcmpA
LoadLibraryA
VirtualFree
SetUnhandledExceptionFilter
IsBadReadPtr
GlobalAlloc
GetVersion
GlobalDeleteAtom
WideCharToMultiByte
lstrcmpiA
WritePrivateProfileStringA
ResumeThread
FormatMessageA
SetFileAttributesW
SetEndOfFile
PeekNamedPipe
GetSystemTime
GetConsoleCP
TerminateProcess
FindResourceW
GetFileSize
OpenMutexA
UnhandledExceptionFilter
GetStringTypeA
GetFullPathNameA
GetProcAddress
GlobalMemoryStatus
HeapDestroy
GetUserDefaultLangID
GetCurrentThreadId
IsValidLocale
GlobalHandle
ResetEvent
GetCPInfo
DuplicateHandle
FindFirstFileW
InterlockedExchange
GetStdHandle
lstrcpynA
VirtualAlloc
SetEnvironmentVariableA
CompareStringA
GetDiskFreeSpaceExA
LCMapStringW
GetCommandLineA
DeleteCriticalSection
TlsFree
GlobalGetAtomNameA
GetCurrentProcessId
GetModuleHandleA
FreeLibrary
GetModuleFileNameA
GetConsoleMode
FindClose
CloseHandle
GetCurrentDirectoryW
CreateThread
MultiByteToWideChar
GetFileAttributesA
CompareStringW
GetShortPathNameW
OpenEventA
MulDiv
IsDebuggerPresent
GetTimeZoneInformation
LocalFree

Sections

.text
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

02e617a6f938f306f2dafc8cb5f8b2ce

Headers

File Characteristics

Imports

advapi32

oleaut32

ole32

user32

comctl32

shell32

kernel32

Sections

.text Size: 72KB - Virtual size: 69KB

.rdata Size: 84KB - Virtual size: 82KB

.data Size: 76KB - Virtual size: 95KB

.rsrc Size: 76KB - Virtual size: 73KB

.text
Size: 72KB - Virtual size: 69KB

.rdata
Size: 84KB - Virtual size: 82KB

.data
Size: 76KB - Virtual size: 95KB

.rsrc
Size: 76KB - Virtual size: 73KB