18efd26f0486d440029045fd6f1cbf0cf525aad55370a298a37caa5a8ea759c3

Sharing

Copy URL

Twitter E-mail

General

Target

18efd26f0486d440029045fd6f1cbf0cf525aad55370a298a37caa5a8ea759c3
Size

625KB
MD5

17aff4427e87679fdf32149c4dc3fce1
SHA1

d24c5514f66918ce46dcfe3a859f620e8b614e69
SHA256

18efd26f0486d440029045fd6f1cbf0cf525aad55370a298a37caa5a8ea759c3
SHA512

59eebf2a74dc952d260a93525cc29b1309a183cce2b8c365fd57091474a3683c103802b6f28dcdbd800ea752a8178ca7bd196a7d460e4ef8841ce016986e9d3f
SSDEEP

12288:W8lo4a0yuf6HpVwvDn1DsUPe+rcWr8l2UaXJcYvT8Zi9U7:TdCHvwvDDrcWk2LZcYrr9U7

Score

N/A

Malware Config

Signatures

Files

18efd26f0486d440029045fd6f1cbf0cf525aad55370a298a37caa5a8ea759c3
.exe windows x86

7a6e69b6e59c18b5976ebd899ec23635

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
GetTickCount
GetVersionExW
ReadFile
GetSystemTime
lstrcmpiW
LoadLibraryExW
WriteProcessMemory
SetUnhandledExceptionFilter
CreateDirectoryW
GetPrivateProfileStringA
SuspendThread
GetThreadContext
SetThreadContext
ResumeThread
VirtualQuery
SetEnvironmentVariableA
CompareStringW
SetEndOfFile
WriteConsoleW
FlushFileBuffers
SetStdHandle
CreateFileA
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapCreate
GetStdHandle
LocalAlloc
GetStringTypeW
LCMapStringW
GetConsoleMode
GetConsoleCP
RtlUnwind
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
IsDebuggerPresent
UnhandledExceptionFilter
HeapSetInformation
GetCommandLineW
EncodePointer
CreateThread
ExitThread
DecodePointer
GetSystemTimeAsFileTime
GetTimeZoneInformation
InterlockedPopEntrySList
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
InterlockedPushEntrySList
InterlockedCompareExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
SetFilePointer
IsBadWritePtr
GetFileSize
DeleteFileW
RemoveDirectoryW
SetFileAttributesW
GetFileAttributesW
lstrcmpW
MulDiv
GlobalLock
GlobalUnlock
SetLastError
RaiseException
InitializeCriticalSectionAndSpinCount
GetLastError
GetCurrentThreadId
FlushInstructionCache
InterlockedIncrement
GetLocalTime
SetEvent
TerminateThread
WaitForSingleObject
CreateEventW
GetCurrentThread
OutputDebugStringW
ExitProcess
CreateProcessW
GetStartupInfoW
CopyFileW
GetModuleFileNameW
GetModuleFileNameA
TerminateProcess
GetProcessId
OpenProcess
VirtualProtect
CreateFileMappingW
UnmapViewOfFile
MapViewOfFile
OpenFileMappingW
GlobalFree
GlobalAlloc
FreeLibrary
LoadLibraryW
FindClose
FindNextFileW
FindFirstFileW
CreateDirectoryA
GetCurrentProcess
GetModuleHandleW
GetProcAddress
InterlockedDecrement
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
LeaveCriticalSection
ReleaseMutex
EnterCriticalSection
CreateFileW
VerifyVersionInfoW
VerSetConditionMask
lstrlenW
Sleep
DeleteCriticalSection
InitializeCriticalSection
WideCharToMultiByte
MultiByteToWideChar
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
CloseHandle
WriteFile

user32

SetWindowLongW
GetWindowLongW
DefWindowProcW
CallWindowProcW
RegisterClassExW
LoadCursorW
PostMessageW
IsWindow
FindWindowW
CreateDialogParamW
SetWindowRgn
LoadBitmapW
ExitWindowsEx
GetSystemMetrics
OpenClipboard
GetClipboardData
CloseClipboard
CreateDialogParamA
MessageBoxIndirectW
MessageBoxIndirectA
GetCursorPos
OffsetRect
LoadStringW
DrawTextW
DispatchMessageW
SetClipboardData
SetParent
DestroyAcceleratorTable
GetDesktopWindow
ReleaseDC
GetDC
InvalidateRect
InvalidateRgn
GetClientRect
FillRect
ReleaseCapture
SetCapture
MoveWindow
ScreenToClient
GetParent
ClientToScreen
CreateAcceleratorTableW
DestroyWindow
CreateWindowExW
GetClassInfoExW
RedrawWindow
SetWindowPos
CharNextW
GetSysColor
GetClassNameW
SendMessageW
GetDlgItem
GetWindow
SetFocus
GetFocus
IsChild
UnregisterClassA
EndPaint
BeginPaint
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
RegisterWindowMessageW
MapWindowPoints
GetWindowRect
GetMonitorInfoW
MonitorFromWindow
SystemParametersInfoW
ShowWindow
SetTimer
FindWindowExW
KillTimer
IsDialogMessageW
GetUpdateRect
IsRectEmpty
SetForegroundWindow
PtInRect
TranslateMessage
GetMessageW
EmptyClipboard
PeekMessageW
GetWindowDC
UpdateLayeredWindow
GetActiveWindow
DialogBoxParamW
SetClassLongW
EndDialog
IntersectRect

gdi32

CreateSolidBrush
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
DeleteObject
BitBlt
DeleteDC
GetStockObject
GetObjectW
GetDeviceCaps
SelectPalette
RealizePalette
SetDIBitsToDevice
GdiFlush
SaveDC
SetStretchBltMode
CreatePalette
StretchBlt
CreatePen
RoundRect
SetBkMode
SetTextColor
CreateFontW
Ellipse
CreateDCW
CreateDIBSection
GetDIBits
SetBkColor
RestoreDC
CreateRoundRectRgn

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegQueryValueW
RegQueryValueA
RegQueryValueExA
RegCloseKey
RegSetValueExA
RegQueryValueExW
RegOpenKeyExA
LookupAccountSidW
GetTokenInformation
OpenProcessToken
CreateProcessAsUserW
OpenSCManagerW
RegCreateKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
StartServiceCtrlDispatcherW
RegisterServiceCtrlHandlerW
DeleteService
ControlService
CreateServiceW
QueryServiceConfigW
CloseServiceHandle
OpenServiceW
SetServiceStatus

shell32

SHGetSpecialFolderPathW
ShellExecuteW
SHGetPathFromIDListW
SHGetSpecialFolderPathA
SHGetSpecialFolderLocation
SHGetPathFromIDListA

ole32

CoTaskMemRealloc
OleInitialize
CLSIDFromString
CoGetClassObject
CreateStreamOnHGlobal
OleLockRunning
StringFromGUID2
CoTaskMemAlloc
OleUninitialize
CLSIDFromProgID
CoTaskMemFree
CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

SysAllocStringLen
SysAllocString
VariantClear
OleCreateFontIndirect
VarUI4FromStr
DispCallFunc
VariantChangeType
SysFreeString
VariantInit
LoadTypeLi
LoadRegTypeLi
SysStringLen

shlwapi

PathFindFileNameW
PathFileExistsW
PathFileExistsA
PathAppendA
PathRemoveFileSpecW

comctl32

InitCommonControlsEx
_TrackMouseEvent

msimg32

TransparentBlt

ws2_32

WSAStartup
socket
htons
setsockopt
connect
closesocket
send
recv
WSASend
inet_addr

wininet

HttpQueryInfoW
InternetOpenW
InternetOpenUrlW
InternetReadFile
InternetCloseHandle
InternetGetCookieA
InternetGetCookieW
InternetGetCookieExA
InternetGetCookieExW
FindFirstUrlCacheEntryW
DeleteUrlCacheEntryW
FindNextUrlCacheEntryW
FindCloseUrlCache

gdiplus

GdiplusShutdown
GdiplusStartup
GdipDrawImageRectI
GdipGetImageWidth
GdipLoadImageFromStream
GdipReleaseDC
GdipDrawImagePointsI
GdipSetSmoothingMode
GdipDeleteGraphics
GdipDisposeImage
GdipAlloc
GdipCloneImage
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipFree

iphlpapi

GetAdaptersInfo

msvfw32

DrawDibClose
DrawDibSetPalette
DrawDibRealize
DrawDibDraw

Sections

.text
Size: 469KB - Virtual size: 469KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7a6e69b6e59c18b5976ebd899ec23635

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msimg32

ws2_32

wininet

gdiplus

iphlpapi

msvfw32

Sections

.text Size: 469KB - Virtual size: 469KB

.rdata Size: 79KB - Virtual size: 78KB

.data Size: 15KB - Virtual size: 24KB

.rsrc Size: 18KB - Virtual size: 20KB

.reloc Size: 36KB - Virtual size: 35KB

.text
Size: 469KB - Virtual size: 469KB

.rdata
Size: 79KB - Virtual size: 78KB

.data
Size: 15KB - Virtual size: 24KB

.rsrc
Size: 18KB - Virtual size: 20KB

.reloc
Size: 36KB - Virtual size: 35KB