9e4cbaa18f7bbe445f4d85b3675d6a6de09e170c1ab56e6c5b23489e2cbe9c88

Sharing

Copy URL

Twitter E-mail

General

Target

9e4cbaa18f7bbe445f4d85b3675d6a6de09e170c1ab56e6c5b23489e2cbe9c88
Size

760KB
MD5

7e65301f0f98dbf4b31b272b9db6bde3
SHA1

68a6568e48864ddfbd4cbcd56c3991aef1da5342
SHA256

9e4cbaa18f7bbe445f4d85b3675d6a6de09e170c1ab56e6c5b23489e2cbe9c88
SHA512

f6be49315908efeea36cccc1223b631206b7c013421ad81bed000b21fce50c6137b9366ee102d5b1811c11efe2b8cfa8f2de399f3ec18aa2e7231c612dfd23da
SSDEEP

12288:krVbgkIYHOeVLlv7pKe/cPZtVBc/mCr8uiDjndoWmzRFlEfEHqGpbLNLz7zKE4:I9gkvHOeVPlEP3VqHr8uwwzRFleEHJpc

Score

N/A

Malware Config

Signatures

Files

9e4cbaa18f7bbe445f4d85b3675d6a6de09e170c1ab56e6c5b23489e2cbe9c88
.exe windows x86

e4fd58a36729f07044c7f4711473e5e2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateSemaphoreW
LocalAlloc
FreeEnvironmentStringsW
FindNextFileA
GlobalLock
GetWindowsDirectoryA
GetModuleFileNameA
GetOEMCP
GetFileType
FindResourceExA
GetTickCount
IsBadWritePtr
EnumSystemLocalesA
GetModuleFileNameW
GetLogicalDrives
FormatMessageA
GetTempFileNameA
GlobalSize
FlushFileBuffers
lstrcpynA
GetTempPathA
MoveFileA
MoveFileExA
LockResource
GetProcAddress
WaitForMultipleObjects
GetDateFormatA
CreateMutexA
GlobalFindAtomA
RaiseException
Sleep
GetCommandLineA
MapViewOfFile
lstrcatW
GetVersionExA
lstrlenA
GetFileTime
_lwrite
SetEndOfFile
SetEvent
VirtualAllocEx
FreeEnvironmentStringsA
HeapCreate
FindResourceA
GetStringTypeW
SetFileAttributesW
GetCurrentThread
ReadFile
TlsAlloc
OpenProcess
GlobalFree
IsDebuggerPresent
GetStartupInfoA
GetProcessVersion
FreeConsole
GetStartupInfoW
CompareStringA
VirtualFree
GetCurrentDirectoryA
SizeofResource
GetPrivateProfileIntA
LCMapStringA
CopyFileW
MoveFileW
CopyFileA
GlobalReAlloc
RtlUnwind
SetErrorMode
ExitProcess
GetCommandLineW
LoadLibraryA
GetSystemTime
lstrcmpW
FindFirstFileA
GlobalUnlock
TlsGetValue
GetUserDefaultLCID
GetCurrentProcessId
DeleteCriticalSection
WaitForMultipleObjectsEx
FileTimeToSystemTime
IsValidLocale
CreateFileW
CreateProcessA
DuplicateHandle
CreateThread
VirtualProtect
GetFullPathNameA
WriteFile
CompareFileTime
GetVersionExW
SetHandleCount
DeleteFileA
InterlockedCompareExchange
GetStringTypeA
LocalFree
lstrcatA
OutputDebugStringA
TerminateProcess
IsBadReadPtr
SetThreadPriority
GetModuleHandleA
HeapDestroy
GlobalDeleteAtom
GetLocalTime
QueryPerformanceCounter
GlobalAlloc
CreateNamedPipeW
QueryPerformanceFrequency
MultiByteToWideChar
WriteConsoleA
CompareStringW
GlobalGetAtomNameA
GetCurrentThreadId
GetStringTypeExA
WriteProcessMemory
ExitThread
UnhandledExceptionFilter
GetSystemInfo
GetEnvironmentStrings
WritePrivateProfileStringW
GetEnvironmentVariableA
VirtualQuery
GetCurrentProcess
GetLocaleInfoA
GetEnvironmentStringsW
GetFileSize
HeapSize
GetTimeZoneInformation
CloseHandle
ResumeThread
TlsSetValue
FindResourceW
LoadResource
WideCharToMultiByte
GetFileAttributesW
MulDiv
HeapAlloc
LoadLibraryW
_lopen
SetFileAttributesA
GetConsoleCP
GetThreadLocale
SetFileTime
HeapReAlloc
ResetEvent
FatalAppExitA
FlushInstructionCache
HeapFree
GetConsoleMode
InterlockedIncrement
FileTimeToLocalFileTime
LeaveCriticalSection
GetSystemDefaultLangID
SetFilePointer
EnterCriticalSection
IsBadCodePtr
InitializeCriticalSection
WritePrivateProfileStringA
FindClose
_lread
GetFileAttributesA
GetStdHandle
GetShortPathNameA
_llseek
lstrcmpA
GetLastError
GetExitCodeThread
GetProcessHeap
GetTimeFormatA
GetConsoleOutputCP
lstrcmpiA
LCMapStringW
InterlockedExchange
FreeLibrary
ConvertDefaultLocale
GetDiskFreeSpaceA
CreateDirectoryA
SetLastError
VirtualAlloc
InterlockedDecrement
LocalReAlloc
GetCPInfo
OpenMutexA
GetPrivateProfileSectionA
FindFirstFileW
GetDriveTypeA
GetExitCodeProcess
GetSystemTimeAsFileTime
TerminateThread
LocalLock
GetOverlappedResult
GlobalHandle
GetVersion
GetPrivateProfileStringW
GetACP
SetStdHandle
SetUnhandledExceptionFilter
CreateDirectoryW
TlsFree
CreateFileA
SetEnvironmentVariableA
IsBadStringPtrA

wsock32

WSACleanup

ole32

CoCreateInstance
CoSuspendClassObjects
CoRegisterMessageFilter
StgCreateDocfile
OleSetClipboard
CLSIDFromProgID
RegisterDragDrop
StringFromCLSID
CoTaskMemFree
CLSIDFromString
ReadClassStg
StringFromGUID2
OleGetClipboard
IsAccelerator
CoCreateGuid
OleDuplicateData
ProgIDFromCLSID
CoLockObjectExternal
StgOpenStorageOnILockBytes
OleRegGetMiscStatus
CreateILockBytesOnHGlobal
CreateOleAdviseHolder
OleInitialize
OleLockRunning
WriteFmtUserTypeStg
WriteClassStm
OleRegGetUserType
OleRegEnumVerbs
CoFreeUnusedLibraries
GetHGlobalFromILockBytes
CoTaskMemAlloc
OleLoad
CoGetClassObject
CoGetMalloc
CoRegisterClassObject
WriteClassStg
RevokeDragDrop
OleSaveToStream
StgOpenStorage
OleRun
CreateFileMoniker
CoResumeClassObjects
CoGetInterfaceAndReleaseStream
CoTaskMemRealloc
ReadFmtUserTypeStg
CreateGenericComposite
CreateDataAdviseHolder
OleDestroyMenuDescriptor
DoDragDrop
SetConvertStg
StgIsStorageFile
OleIsRunning
OleSetContainedObject
OleQueryLinkFromData
ReleaseStgMedium
OleCreateStaticFromData
OleIsCurrentClipboard
OleUninitialize
CoInitializeEx
GetRunningObjectTable
CoDisconnectObject
OleTranslateAccelerator
CreateStreamOnHGlobal
OleCreateFromData
OleFlushClipboard
CreateItemMoniker
CreateBindCtx
CoRevokeClassObject
OleCreateMenuDescriptor
CoInitialize
CoUninitialize
StgCreateDocfileOnILockBytes
OleQueryCreateFromData

version

VerInstallFileA
GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

comctl32

ImageList_BeginDrag
ImageList_Destroy
ord17
ImageList_GetDragImage
ImageList_DrawEx
PropertySheetA
ImageList_DragShowNolock
ImageList_Create
ImageList_Replace
ImageList_GetImageCount
ImageList_SetImageCount
ImageList_ReplaceIcon
ImageList_GetImageInfo
InitCommonControlsEx
ImageList_SetOverlayImage
DestroyPropertySheetPage
CreatePropertySheetPageA
ImageList_SetDragCursorImage
ImageList_AddMasked
ImageList_Add
CreatePropertySheetPageW
ImageList_Read
ImageList_LoadImageA
_TrackMouseEvent
ImageList_GetIcon
ImageList_DragMove
ImageList_Merge
ImageList_GetIconSize
ImageList_SetBkColor
ImageList_DragEnter
ImageList_Write
ImageList_DragLeave
ImageList_Draw
ImageList_Remove

winspool.drv

GetPrinterA
ord204
OpenPrinterA
EndDocPrinter
StartDocPrinterA
EnumJobsA
GetPrinterDriverA
EnumPrintersA
DocumentPropertiesA
GetPrinterW
ClosePrinter
WritePrinter
SetPrinterA
StartPagePrinter
EndPagePrinter

advapi32

SetSecurityDescriptorOwner
ControlService
CryptHashData
AdjustTokenPrivileges
OpenServiceA
RegDeleteValueW
ImpersonateSelf
SetFileSecurityA
AllocateAndInitializeSid
QueryServiceStatus
RegOpenKeyA
CryptDestroyKey
GetSidIdentifierAuthority
SetSecurityDescriptorGroup
AddAccessAllowedAce
CryptGetHashParam
OpenServiceW
RegDeleteKeyA
CryptDeriveKey
RegDeleteKeyW
GetFileSecurityA
LookupPrivilegeValueA
CryptDestroyHash
InitializeSecurityDescriptor
MapGenericMask
AddAce
CopySid
RegCreateKeyW
RegCloseKey
RegSetValueExA
RegEnumKeyA
RegSetValueW
RegQueryValueExA
OpenSCManagerW
CryptCreateHash
SetEntriesInAclW
IsValidSecurityDescriptor
RegQueryInfoKeyW
InitializeAcl
GetLengthSid
GetSidSubAuthorityCount
FreeSid
RegOpenKeyExA
RegQueryInfoKeyA
CloseServiceHandle
CryptAcquireContextA
DuplicateToken
RegQueryValueA
RegisterServiceCtrlHandlerA
OpenProcessToken
SetSecurityDescriptorDacl
RegEnumValueW
RegQueryValueW
RegCreateKeyExA
RegEnumKeyExA
RegDeleteValueA
GetUserNameA
RegSetValueA
RegOpenKeyExW
EqualSid
GetTokenInformation
DeleteService
RegEnumValueA

user32

CallWindowProcW
GetWindowRect
CharUpperW
CreateDialogIndirectParamA
DialogBoxParamA
InsertMenuA
LoadMenuW
RegisterClipboardFormatW
UnpackDDElParam
FindWindowW
BeginDeferWindowPos
GetDCEx
DispatchMessageA
DestroyIcon
GetNextDlgTabItem
OffsetRect
SendDlgItemMessageW
GetMessageW
UnregisterClassW
PtInRect
GetMenuState
GetLastActivePopup
IsDialogMessageA
GetNextDlgGroupItem
AttachThreadInput
GetMenuItemID
DrawTextA
SetDlgItemInt
ShowCaret
PostQuitMessage
FindWindowExW
IsZoomed
CreatePopupMenu
InvalidateRgn
MapDialogRect
IsWindow
SendMessageTimeoutW
EndDeferWindowPos
SetPropA
DeleteMenu
RemoveMenu
IntersectRect
LoadIconA
SetMenu
GetTopWindow
MessageBeep
SetMenuItemBitmaps
SetWindowPos
GetDC
EqualRect
LoadAcceleratorsW
DrawStateA
DrawEdge
SystemParametersInfoW
DrawMenuBar
EndDialog
SetWindowLongA
KillTimer
GetMenuCheckMarkDimensions
TabbedTextOutW
IsChild
RegisterWindowMessageA
ClientToScreen
IsWindowUnicode
AppendMenuW
GetDlgItemTextA
CreateWindowExA
GetMenuStringA
LoadStringA
SetCursor
CopyIcon
DefWindowProcW
SetWindowContextHelpId
GetClientRect
GetMessageA
PeekMessageA
SetRect
SetActiveWindow
TranslateAcceleratorW
GrayStringA
LoadBitmapA
InvalidateRect
PostMessageW
GetDesktopWindow
PeekMessageW
GetDlgItem
EnableWindow
ReleaseCapture
HideCaret
ScreenToClient
GetWindowTextW
SetWindowLongW
CloseClipboard
MapWindowPoints
CheckMenuItem
ValidateRect
GetClassInfoExW
SetScrollPos
SetClipboardData
GetMenu
CopyImage
InsertMenuItemA
GetSysColor
DrawFrameControl
SendInput
DestroyAcceleratorTable
ShowWindow
MapVirtualKeyW
EndPaint
CreateMenu
SetFocus
LoadAcceleratorsA
GetScrollInfo
RegisterClipboardFormatA
RemovePropW
IsWindowEnabled
GetKeyState
LoadCursorW
DestroyCursor
UpdateWindow
GetWindowTextLengthA
SubtractRect
DestroyWindow
CopyAcceleratorTableW
CopyRect
TrackPopupMenu
GetFocus
DestroyMenu
SetWindowTextA
ModifyMenuW
WinHelpW
LoadBitmapW
LockWindowUpdate
SetParent
IsClipboardFormatAvailable
CreateIconIndirect
ReleaseDC
PostThreadMessageA
GetWindowThreadProcessId
GetCursorPos
ShowCursor
ReuseDDElParam
SetMenuDefaultItem
DrawFocusRect
GetWindowTextA
GetMessagePos
GetCapture
GetMessageTime
GetPropA
GetActiveWindow
GetWindow
DrawIcon
GetMenuItemCount
OpenIcon
EmptyClipboard
WindowFromPoint
IsMenu
GetClassLongW
RegisterClassA
wsprintfW
BringWindowToTop
GetMenuStringW
MsgWaitForMultipleObjects
GetWindowTextLengthW
LoadImageW
GetTabbedTextExtentA
GetSystemMetrics
DefWindowProcA
DrawIconEx
GetParent
GetWindowRgn
RegisterWindowMessageW
GetSysColorBrush
ScrollWindow
CallWindowProcA
RedrawWindow
AdjustWindowRectEx
IsRectEmpty
InsertMenuW
UnregisterClassA
SendDlgItemMessageA
MoveWindow
TrackPopupMenuEx
GetUpdateRect
wsprintfA
WinHelpA
SetTimer
EnableMenuItem
GetClassInfoExA
TranslateMessage
GetSystemMenu
LoadCursorA
CreateCaret
DispatchMessageW
IsIconic
GetClipboardData
SendMessageW
SetWindowsHookExA
GetWindowLongA
DrawTextExA
DeferWindowPos
SetCapture
GetMenuItemInfoW
RegisterClassExA
FillRect
RemovePropA
GetWindowDC
SetScrollRange
FrameRect
GetMenuItemInfoA
MessageBoxA
CharUpperA
RegisterClassW
SetDlgItemTextA
OpenClipboard
ModifyMenuA
GrayStringW
SetWindowTextW
GetPropW
SetCursorPos
CallNextHookEx
MessageBoxW
IsWindowVisible
LoadStringW
UnionRect
GetWindowPlacement
GetForegroundWindow
SetRectEmpty
SetMenuItemInfoW
ExitWindowsEx
CreateWindowExW
GetSubMenu
GetDlgCtrlID
InflateRect
GetClassLongA
GetAsyncKeyState
SystemParametersInfoA
BeginPaint
AppendMenuA
GetClassNameA
SetScrollInfo
LoadMenuA
GetClassInfoA
GetIconInfo

shell32

ord155
SHGetSpecialFolderLocation
SHGetSpecialFolderPathA
SHGetFileInfoA
SHGetPathFromIDListA
SHBrowseForFolderW
DragQueryFileA
ExtractIconA
ShellExecuteExA
SHGetDesktopFolder
ShellExecuteW
SHFileOperationA
DragQueryPoint
ShellExecuteA
DragAcceptFiles
SHGetMalloc
SHBrowseForFolderA
DragFinish
DragQueryFileW

Sections

.text
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 464KB - Virtual size: 463KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e4fd58a36729f07044c7f4711473e5e2

Headers

File Characteristics

Imports

kernel32

wsock32

ole32

version

comctl32

winspool.drv

advapi32

user32

shell32

Sections

.text Size: 80KB - Virtual size: 78KB

.rdata Size: 464KB - Virtual size: 463KB

.data Size: 140KB - Virtual size: 158KB

.rsrc Size: 72KB - Virtual size: 71KB

.text
Size: 80KB - Virtual size: 78KB

.rdata
Size: 464KB - Virtual size: 463KB

.data
Size: 140KB - Virtual size: 158KB

.rsrc
Size: 72KB - Virtual size: 71KB