df749f75e71e7aae1afdaa62e1995629ede9bca15e4ac22a7f0391041ba6094d

Sharing

Copy URL

Twitter E-mail

General

Target

df749f75e71e7aae1afdaa62e1995629ede9bca15e4ac22a7f0391041ba6094d
Size

3.4MB
MD5

01e8aa8b5dc6a7f271688997d63aa51b
SHA1

15e8a1aeadbfdb6cef44d6a43d48866c803df1d0
SHA256

df749f75e71e7aae1afdaa62e1995629ede9bca15e4ac22a7f0391041ba6094d
SHA512

0d964f42060f6dbb3f2164cca83096e77e55700203433f1128dda980fb8db02efcc20dedb3fd8cd0f4d2756d88a42ddeb1e486cea9366a64167ecb47442d22f3
SSDEEP

98304:KQpjuBQNGAakiYHzZz4bQPLSCgmL2m7HcwUp0tN44eDOFLOAkGkzdnEVEFoKGw:Jm1kzHzZcEL2m7HPGOFLOyEFoKGw

Score

N/A

Malware Config

Signatures

Files

df749f75e71e7aae1afdaa62e1995629ede9bca15e4ac22a7f0391041ba6094d
.exe windows x86

5f59ede323b1ddb8a42939825f753cf0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

FindCloseUrlCache
InternetCheckConnectionA
FindNextUrlCacheEntryA
DeleteUrlCacheEntry
FindFirstUrlCacheEntryA

urlmon

URLDownloadToFileA

shell32

ShellExecuteA
DragFinish
DragQueryFileA
SHAppBarMessage
SHGetFileInfoA
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
ExtractIconA
ShellExecuteExA

kernel32

GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
FatalAppExitA
CompareStringW
GetTimeZoneInformation
GetDriveTypeA
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsA
GetConsoleOutputCP
WriteConsoleW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoW
SetCurrentDirectoryA
GetProcessHeap
SetEnvironmentVariableA
GetStringTypeA
LCMapStringW
LCMapStringA
WriteConsoleA
GetStringTypeW
FindResourceA
SizeofResource
LockResource
LoadResource
WideCharToMultiByte
SetLastError
GetLastError
GetProcAddress
LoadLibraryA
GetModuleHandleA
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
WritePrivateProfileSectionA
lstrcpyA
SetFileAttributesA
FreeLibrary
GetWindowsDirectoryA
IsValidCodePage
GetACP
GetStdHandle
SetHandleCount
GetConsoleMode
GetConsoleCP
GetFileType
SetStdHandle
HeapSize
ExitProcess
CreateThread
ExitThread
GetSystemTimeAsFileTime
HeapReAlloc
VirtualQuery
VirtualAlloc
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
CreateDirectoryA
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlUnwind
LocalLock
LocalUnlock
FindResourceExA
SetErrorMode
GetFileSizeEx
LocalFileTimeToFileTime
GetFileAttributesExA
VirtualProtect
GetProfileIntA
GetShortPathNameA
GetVolumeInformationA
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
CreateProcessA
GetSystemInfo
CloseHandle
GetCurrentProcess
Sleep
WriteFile
ReadFile
Process32Next
lstrcmpiA
Process32First
GetStringTypeExA
DeleteFileA
MoveFileA
GetTempPathA
SetFilePointer
SearchPathA
GetModuleHandleW
GetAtomNameA
GetOEMCP
GetCPInfo
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
TlsGetValue
LocalAlloc
GlobalFlags
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
SetFileTime
GetTickCount
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
SystemTimeToFileTime
GetThreadLocale
lstrcmpA
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
FindClose
CreateEventA
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
InterlockedDecrement
GetModuleFileNameW
CreateFileA
GetFileSize
GetFileAttributesA
DeleteCriticalSection
InitializeCriticalSection
GlobalReAlloc
EnterCriticalSection
CreateToolhelp32Snapshot
LeaveCriticalSection
InterlockedExchange
GetCurrentDirectoryA
GlobalFree
CopyFileA
GlobalSize
GlobalAlloc
FormatMessageA
LocalFree
lstrlenW
MulDiv
FreeResource
GetCurrentThreadId
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
lstrcmpW
GlobalLock
GlobalUnlock
GetCurrentProcessId
GlobalGetAtomNameA
GlobalAddAtomA
MultiByteToWideChar
GetModuleFileNameA
lstrlenA
FindFirstVolumeA
QueryDosDeviceA
FindNextVolumeA
FindVolumeClose
GetVolumePathNamesForVolumeNameA
GetVersionExA
CreateRemoteThread
WaitForSingleObject
Module32First
Module32Next
VirtualAllocEx
WriteProcessMemory
VirtualFreeEx
OpenProcess
TerminateProcess

user32

IsClipboardFormatAvailable
CreateAcceleratorTableA
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
CopyAcceleratorTableA
SetCursorPos
InSendMessage
WaitMessage
PostThreadMessageA
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
PostQuitMessage
HideCaret
InvertRect
FrameRect
CharUpperBuffA
GetIconInfo
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
TranslateMessage
DestroyAcceleratorTable
GetMenuItemInfoA
DrawFocusRect
DrawFrameControl
DrawEdge
GetSysColorBrush
SetClassLongA
MapVirtualKeyA
GetKeyNameTextA
ReleaseDC
GetDC
LockWindowUpdate
GetUpdateRect
SetRect
CharUpperA
NotifyWinEvent
MessageBeep
WindowFromPoint
GetSystemMenu
DeleteMenu
EmptyClipboard
CloseClipboard
SetClipboardData
LoadImageA
DestroyIcon
CopyImage
OpenClipboard
FillRect
DrawStateA
GetAsyncKeyState
GetMessageA
UpdateLayeredWindow
LoadCursorA
EnableScrollBar
SetCapture
KillTimer
SetTimer
ValidateRect
UnionRect
IsRectEmpty
RegisterClipboardFormatA
SetMenuDefaultItem
DrawIconEx
IsMenu
GetMenuDefaultItem
GetCursorPos
GetMenuStringA
AppendMenuA
InsertMenuA
RemoveMenu
ScrollWindowEx
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
CopyIcon
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
SendDlgItemMessageA
SetWindowsHookExA
CallNextHookEx
WindowFromDC
GetPropA
RemovePropA
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
MessageBoxA
CreateWindowExA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
DefWindowProcA
CallWindowProcA
PtInRect
SystemParametersInfoA
GetWindowPlacement
GetClassNameA
UnpackDDElParam
ReuseDDElParam
DestroyMenu
GetMenuBarInfo
WinHelpA
SetWindowPos
SetFocus
GetWindowThreadProcessId
GetActiveWindow
IsWindowEnabled
EqualRect
GetDlgItem
SetWindowLongA
GetDlgCtrlID
GetKeyState
LoadIconA
SetCursor
PeekMessageA
ReleaseCapture
LoadAcceleratorsA
SetActiveWindow
IsIconic
InsertMenuItemA
GetMenuItemID
GetMenuItemCount
CreatePopupMenu
GetClassInfoA
IntersectRect
OffsetRect
GetMenu
GetLastActivePopup
BringWindowToTop
SetMenu
GetDesktopWindow
ShowWindow
GetWindowLongA
TranslateAcceleratorA
IsWindow
DestroyWindow
GetSystemMetrics
GetClassLongA
SetParent
GetTopWindow
GetCapture
IsWindowVisible
SetWindowRgn
SubtractRect
GetDoubleClickTime
UnregisterClassA
SendNotifyMessageA
DefFrameProcA
GetTabbedTextExtentA
IsZoomed
PostMessageA
CopyRect
GetWindow
ClientToScreen
RedrawWindow
wsprintfA
LoadBitmapA
GetWindowRect
InflateRect
GetSysColor
InvalidateRect
UpdateWindow
GetClientRect
ScreenToClient
LoadMenuA
GetSubMenu
GetParent
SetRectEmpty
SendMessageA
GetFocus
IsChild
EnableWindow
GetWindowRgn
CreateMenu
MapVirtualKeyExA
IsCharLowerA
GetDCEx
DrawIcon
GetDialogBaseUnits
InvalidateRgn
CharNextA
DestroyCursor
GetNextDlgGroupItem
SetPropA
EnumChildWindows
IsDlgButtonChecked

gdi32

Polygon
ExtTextOutA
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetGraphicsMode
SetWorldTransform
ModifyWorldTransform
SetMapMode
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
LineTo
MoveToEx
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
SetArcDirection
SetColorAdjustment
SelectClipRgn
GetClipRgn
SelectClipPath
GetViewportExtEx
GetWindowExtEx
StartDocA
PtVisible
RectVisible
TextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
Ellipse
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
ExtCreatePen
SetRectRgn
GetMapMode
DPtoLP
RoundRect
Rectangle
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
GetCharWidthA
CreateFontA
StretchDIBits
OffsetRgn
GetRgnBox
ExtFloodFill
CreatePalette
GetPaletteEntries
SetPaletteEntries
GetViewportOrgEx
LPtoDP
GetWindowOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
EnumFontFamiliesExA
GetNearestPaletteIndex
GetSystemPaletteEntries
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextFaceA
GetTextExtentPointA
SetPixelV
CreateMetaFileA
CloseMetaFile
DeleteMetaFile
GetBkColor
Polyline
CreatePolygonRgn
CreateEllipticRgn
CreateHatchBrush
GetTextCharsetInfo
EnumFontFamiliesA
CreatePatternBrush
CreateSolidBrush
CreateDIBitmap
CreateRoundRectRgn
CreatePen
SetPixel
GetPixel
StretchBlt
CombineRgn
CreateRectRgn
SelectPalette
RealizePalette
GetDIBits
PatBlt
SetDIBColorTable
SelectObject
DeleteDC
CreateDIBSection
BitBlt
GetTextMetricsA
GetTextColor
CreateRectRgnIndirect
CreateDCA
CopyMetaFileA
GetDeviceCaps
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
CreateCompatibleDC
CreateCompatibleBitmap
CreateFontIndirectA
DeleteObject
GetTextExtentPoint32A
CreateDIBPatternBrushPt
GetObjectA
GetStockObject

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA
GetJobA

advapi32

RegOpenKeyExA
CryptDestroyHash
CryptDecrypt
CryptDeriveKey
CryptHashData
CryptCreateHash
CryptAcquireContextA
CryptEncrypt
GetTokenInformation
OpenProcessToken
RegEnumKeyExA
GetFileSecurityA
SetFileSecurityA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegSetValueA
CryptReleaseContext
RegQueryValueExA
RegDeleteValueA
RegCloseKey
RegCreateKeyA
RegSetValueExA
LookupPrivilegeValueA
AdjustTokenPrivileges
AllocateAndInitializeSid
CheckTokenMembership
FreeSid

comctl32

InitCommonControlsEx
ImageList_GetIconSize
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_Create
ImageList_GetImageCount
ImageList_Destroy
ImageList_AddMasked
ImageList_Remove
ImageList_DrawEx

shlwapi

PathIsUNCA
PathStripToRootA
PathFindFileNameA
PathRemoveExtensionA
PathFindExtensionA
PathRemoveFileSpecW

oledlg

ord8

ole32

CoGetMalloc
GetRunningObjectTable
CreateOleAdviseHolder
CreateDataAdviseHolder
CoInitializeEx
CoUninitialize
OleSetMenuDescriptor
OleLockRunning
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard
OleGetClipboard
CoDisconnectObject
StgIsStorageFile
StgOpenStorage
CreateFileMoniker
StgCreateDocfile
CoRevokeClassObject
OleIsRunning
OleUninitialize
CLSIDFromProgID
CLSIDFromString
StringFromGUID2
CoCreateInstance
CreateStreamOnHGlobal
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CreateBindCtx
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
CoRegisterClassObject
CreateILockBytesOnHGlobal
OleQueryLinkFromData
OleQueryCreateFromData
OleRegGetMiscStatus
OleRegEnumVerbs
OleRun
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CreateGenericComposite
CreateItemMoniker
OleGetIconOfClass
OleCreateLinkToFile
OleCreateFromFile
OleSetContainedObject
GetHGlobalFromILockBytes
OleLoad
OleCreate
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleSaveToStream
WriteClassStm
OleSave
CoFreeUnusedLibraries
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
OleInitialize
CoGetClassObject

oleaut32

VariantClear
OleCreateFontIndirect
LoadRegTypeLi
LoadTypeLi
RegisterTypeLi
VarBstrFromDate
VarCyFromStr
VarDecFromStr
VarBstrFromDec
VarBstrFromCy
VarDateFromStr
SysReAllocStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayCopy
SafeArrayAllocDescriptor
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocString
SysStringByteLen
SysAllocStringByteLen
SysFreeString
SysStringLen
SysAllocStringLen
VariantInit
VariantChangeType
SafeArrayAllocData
VariantCopy
SafeArrayRedim
SafeArrayCreate
GetErrorInfo
SetErrorInfo
SafeArrayGetDim
CreateErrorInfo

gdiplus

GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipGetImagePalette
GdipBitmapUnlockBits
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdiplusStartup
GdiplusShutdown
GdipGetImageGraphicsContext
GdipDrawImageI
GdipCloneImage
GdipGetImagePaletteSize

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 427KB - Virtual size: 427KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 155KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5f59ede323b1ddb8a42939825f753cf0

Headers

DLL Characteristics

File Characteristics

Imports

wininet

urlmon

shell32

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

imm32

winmm

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 427KB - Virtual size: 427KB

.data Size: 30KB - Virtual size: 59KB

.rsrc Size: 1.1MB - Virtual size: 1.1MB

.reloc Size: 155KB - Virtual size: 155KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 427KB - Virtual size: 427KB

.data
Size: 30KB - Virtual size: 59KB

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

.reloc
Size: 155KB - Virtual size: 155KB