1ea0a930d1769a1a392ddda74643ce06f40471a21f48337f175aac307d5b0947

Sharing

Copy URL Twitter E-mail

General

Target

1ea0a930d1769a1a392ddda74643ce06f40471a21f48337f175aac307d5b0947
Size

696KB
MD5

5ba6d2ac69cd9f7357794c32a671e6f1
SHA1

3c17ff89406a3ee2bc3a44b855c2605531898a0f
SHA256

1ea0a930d1769a1a392ddda74643ce06f40471a21f48337f175aac307d5b0947
SHA512

0e0fa1d28b9aa62db953daa9b99eae250781c44ad668e94af9bca8969711fe03677822be8771f427ed749c3aef1df112b6e8aa4b93344acf755ad19f1134d9cd
SSDEEP

12288:ISLB83lbalOhxtj1jMwAPcKF6K0QYTYLS3oXDKdcuZf7WZZK80IPQMlFwLe:vLBMlbNJ90cKYK0QYTY2GDgDZzW707M9

Score

N/A

Malware Config

Signatures

Files

1ea0a930d1769a1a392ddda74643ce06f40471a21f48337f175aac307d5b0947
.exe windows x86

7cfcba10709e4b1576662a149aeea3e6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

BeginDeferWindowPos
SetScrollPos
TranslateMDISysAccel
GetParent
PostThreadMessageA
LoadMenuA
FrameRect
TabbedTextOutA
OffsetRect
EndPaint
CreateDialogIndirectParamA
EndDeferWindowPos
UnregisterClassA
GetSystemMenu
CheckMenuItem
GetDlgCtrlID
SetForegroundWindow
LockWindowUpdate
SetMenu
MessageBeep
SystemParametersInfoA
IsWindowVisible
SetPropA
GetAsyncKeyState
LoadCursorW
HideCaret
EnableScrollBar
GetMenuState
PostQuitMessage
CharUpperA
DrawFrameControl
GetMessageTime
GetTabbedTextExtentA
FillRect
GetMonitorInfoW
RegisterClipboardFormatA
PeekMessageA
CallWindowProcW
ScrollDC
MessageBoxA
DrawStateA
GetDlgItemInt
GetCursorPos
ReleaseCapture
ShowCaret
RemovePropW
EnableWindow
GetNextDlgTabItem
SetMenuItemInfoW
CharNextA
GetClassLongA
LoadCursorA
UnregisterClassW
GetWindowTextW
MapDialogRect
BringWindowToTop
EmptyClipboard
DrawFocusRect
IsClipboardFormatAvailable
RegisterWindowMessageA
SetParent
OpenClipboard
UnpackDDElParam
SetMenuItemBitmaps
FindWindowA
AppendMenuA
CreateDialogParamW
IsZoomed
GetSystemMetrics
GetWindow
LoadStringA
UnionRect
GetClassNameA
DdeFreeDataHandle
GetWindowTextA
GetWindowPlacement
DestroyCaret
GetSysColorBrush
IsCharAlphaNumericA
SetRectEmpty
GetLastActivePopup
TrackPopupMenu
SetWindowPlacement
GetMenuDefaultItem
InsertMenuW
DestroyWindow
SetCursor
IsWindow
IsDialogMessageA
GetNextDlgGroupItem
GetMenu
GetClassNameW
LoadStringW
IsIconic
GetWindowThreadProcessId
SetMenuDefaultItem
WindowFromDC
SetWindowTextW
LoadIconA
SetClipboardViewer
GetPropA
GetClassInfoW
CreateMenu
DrawEdge
IntersectRect
GrayStringA
WindowFromPoint
SetWindowsHookExW
EnableMenuItem
IsRectEmpty
OpenIcon
KillTimer
GetWindowLongW
TranslateAcceleratorA
SetClipboardData
wsprintfA
TranslateAcceleratorW
RedrawWindow
GetIconInfo
ValidateRect
GetUpdateRect
SetWindowTextA
UnhookWindowsHookEx
ModifyMenuA
PostMessageW
CallWindowProcA
DefFrameProcA
MapVirtualKeyA
SetWindowsHookExA
RegisterClassExA
GetDialogBaseUnits
CopyAcceleratorTableA
ScrollWindow
MapWindowPoints
SendMessageW
TranslateMessage
ReleaseDC
LoadImageA
SetTimer
RegisterWindowMessageW
GetFocus
AdjustWindowRectEx
ExcludeUpdateRgn
UpdateWindow
GetCapture
SetScrollInfo
ValidateRgn
IsWindowEnabled
IsChild
SetScrollRange
GetCaretPos
WinHelpA
TrackPopupMenuEx
GetWindowDC
InsertMenuA
BeginPaint
WinHelpW
GetWindowRect
DrawMenuBar
GetDC
RegisterClassA
OemToCharA
DestroyIcon
DestroyMenu
GetMenuItemCount
RemovePropA
GetClipboardData
CreateWindowExA
GetMessageA
GetTopWindow
ExitWindowsEx
GetClientRect
RegisterClassW
SetWindowContextHelpId
InvertRect
InvalidateRect
PtInRect
PostMessageA
RemoveMenu
DeferWindowPos
SetFocus
MessageBoxW
ScreenToClient
GetDesktopWindow
SetWindowPos
CallNextHookEx
SetActiveWindow
GetSubMenu
CharNextW
SetCursorPos
EnumChildWindows
SetCapture
DestroyCursor
DrawIcon
GetForegroundWindow
EqualRect
GetDlgItemTextA
IsMenu
DrawTextA
CreateAcceleratorTableA
GetMenuItemID
SendMessageA
SendDlgItemMessageA
SetCaretPos
GetMenuCheckMarkDimensions
CreatePopupMenu
LoadIconW
GetWindowLongA
DispatchMessageA
DialogBoxParamA
CreateDialogIndirectParamW
GetDlgItem
ShowWindow
ClientToScreen
GetWindowTextLengthA
wvsprintfA
GetKeyboardLayout
CharLowerBuffA
GetWindowRgn
GetKeyState
DefWindowProcW
ChildWindowFromPointEx
LoadAcceleratorsA
SetWindowRgn
MoveWindow
EndDialog
ShowOwnedPopups
mouse_event
GetMessagePos
PostThreadMessageW
SetDlgItemTextA
SetDlgItemInt
GetScrollPos
PeekMessageW
DefDlgProcA
CopyRect
SetRect
CharToOemA
GetSysColor
SetWindowLongA
ModifyMenuW
GetActiveWindow
DefWindowProcA
LoadMenuW

shell32

SHGetPathFromIDListA
SHAppBarMessage
SHGetDesktopFolder
SHGetFileInfoW
CommandLineToArgvW
ShellExecuteExW
ShellExecuteA
SHChangeNotify
SHGetFolderPathA
ord155
SHGetMalloc
ShellExecuteW
DragAcceptFiles
DragQueryFileW
SHBrowseForFolderW
Shell_NotifyIconW
SHGetPathFromIDListW
SHGetFileInfoA
SHGetSpecialFolderLocation

comdlg32

ChooseColorA
PageSetupDlgA
GetFileTitleA
FindTextA
ChooseFontA
CommDlgExtendedError
GetOpenFileNameA
PrintDlgA
GetSaveFileNameA

advapi32

RegQueryValueExA
SetFileSecurityA
GetAce
RegSetValueExA
GetFileSecurityW
RegOpenKeyA
QueryServiceStatus
RegEnumKeyA
RegDeleteKeyW
RegEnumKeyExA
GetLengthSid
InitiateSystemShutdownA
RegQueryInfoKeyA
RegCreateKeyA
EqualSid
LookupAccountNameW
OpenSCManagerA
RegCreateKeyW
AddAce
InitializeAcl
RegQueryInfoKeyW
RegCreateKeyExW
RegEnumKeyW
RegOpenKeyW
SetServiceStatus
RegisterEventSourceW
InitializeSecurityDescriptor
LookupPrivilegeValueA
RegEnumValueA
RegOpenKeyExW
ReportEventW
SetSecurityDescriptorOwner
CopySid
GetTokenInformation
RegisterServiceCtrlHandlerW
RegDeleteValueA
GetUserNameW
SetSecurityDescriptorGroup
RegOpenKeyExA
RegisterEventSourceA
RegCloseKey
RegDeleteValueW
RegDeleteKeyA
AllocateAndInitializeSid
RegSetValueExW
RegEnumKeyExW
RevertToSelf
RegCreateKeyExA
RegQueryValueExW
AddAccessAllowedAce
AdjustTokenPrivileges
StartServiceA
StartServiceCtrlDispatcherW
GetFileSecurityA
GetSecurityInfo
OpenThreadToken
RegQueryValueW
OpenProcessToken
QueryServiceConfigA
GetSecurityDescriptorDacl
CreateServiceA
RegSetValueA

kernel32

MulDiv
FreeEnvironmentStringsA
GetCurrentThread
GetFileInformationByHandle
QueryPerformanceCounter
lstrcmpA
WaitForSingleObject
InterlockedIncrement
MoveFileW
GlobalMemoryStatus
SetEnvironmentVariableW
GetPrivateProfileIntA
SetFilePointer
GetCPInfo
GetProcAddress
GetStringTypeA
GetSystemInfo
DeleteCriticalSection
GetVersion
SizeofResource
GetLocalTime
GetAtomNameA
GetStdHandle
GetFileType
HeapReAlloc
SetUnhandledExceptionFilter
HeapFree
CreateEventW
GetDiskFreeSpaceA
GetStringTypeW
CompareStringW
LocalFree
HeapSize
LocalReAlloc
lstrcmpiA
WinExec
SetHandleCount
CreateFileA
GetFileAttributesA
LoadLibraryExA
SetEvent
EnumResourceLanguagesA
TlsFree
GetCurrentProcessId
FreeConsole
CloseHandle
GetVolumeInformationA
HeapCreate
FreeEnvironmentStringsW
IsBadCodePtr
GlobalDeleteAtom
lstrcpynA
GetCommandLineA
GetLocaleInfoW
IsBadStringPtrA
CreateFileMappingW
IsBadReadPtr
EnumSystemLocalesA
ConvertDefaultLocale
EnterCriticalSection
CreateThread
GetTickCount
OpenProcess
CompareStringA
GetVersionExA
GetFullPathNameA
SetStdHandle
ReadFile
InterlockedExchange
GetModuleFileNameA
GetTimeZoneInformation
lstrcatA
CreateDirectoryW
OpenMutexA
LoadLibraryW
CreateMutexW
SetFileAttributesW
SetThreadPriority
GetFileTime
FlushFileBuffers
GetThreadPriority
GetModuleHandleW
GlobalFlags
VirtualQuery
ExitProcess
LocalAlloc
UnhandledExceptionFilter
FindFirstFileW
FreeLibrary
GlobalLock
HeapAlloc
CreatePipe
Sleep
lstrcmpiW
GetStartupInfoA
InterlockedDecrement
TlsSetValue
FindResourceExA
GetUserDefaultLangID
GlobalUnlock
IsValidCodePage
GetEnvironmentStrings
TlsGetValue
GetProfileIntA
GlobalHandle
lstrcpynW
GlobalAddAtomA
GlobalAlloc
HeapDestroy
LockResource
GetFullPathNameW
ResumeThread
MapViewOfFile
WideCharToMultiByte
FindResourceA
CreateMutexA
VirtualFree
GetSystemTimeAsFileTime
RaiseException
lstrlenA
GetWindowsDirectoryA
CreateProcessW
GetFileAttributesW
TerminateProcess
FindClose
GetTempPathA
lstrlenW
FindNextFileA
WritePrivateProfileSectionA
CreateProcessA
SetLastError
WriteFile
IsValidLocale
CreateFileMappingA
GetProfileStringA
GetACP
GetDateFormatA
LCMapStringA
GlobalFree
WaitForMultipleObjects
FindNextFileW
VirtualAlloc
GetEnvironmentVariableA
GetComputerNameW
DeleteFileW
GetOEMCP
LeaveCriticalSection
CreateFileW
RtlUnwind
GetShortPathNameW
GetStartupInfoW
GetLastError
GetThreadLocale
GetUserDefaultLCID
GetModuleHandleA
FindResourceExW
lstrcpyA
FatalAppExitA
RemoveDirectoryW
MoveFileA
CreateEventA
FormatMessageA
SetFileTime
GetCommandLineW
GetTempFileNameA
GetFileSize
GlobalReAlloc
GetStringTypeExA
GetEnvironmentStringsW
SetCommState
FindFirstFileA
LCMapStringW
GetPrivateProfileStringA
FreeResource
CreateDirectoryA
GetDriveTypeA
FileTimeToSystemTime
TlsAlloc
VirtualProtect
GetCommState
GetCurrentThreadId
SuspendThread
LoadLibraryA
GetProcessHeap
IsBadWritePtr
SetErrorMode
GetSystemDirectoryA
InitializeCriticalSection
GetLocaleInfoA
UnmapViewOfFile
GetShortPathNameA
DuplicateHandle
CompareFileTime
SetEnvironmentVariableA
WriteConsoleA
GetCurrentProcess
GetTimeFormatA
LoadResource
IsDebuggerPresent
MultiByteToWideChar
CopyFileW
SetEndOfFile
GetModuleFileNameW

shlwapi

PathFindFileNameW
PathIsURLA
StrStrIA
PathAppendA
PathFindExtensionW
StrToIntA
StrStrA
PathStripToRootA
PathFindFileNameA
PathIsDirectoryA
PathFileExistsA
PathIsUNCW
PathIsUNCA
PathAddBackslashA
PathSkipRootA
PathRemoveFileSpecA
PathFindExtensionA
PathIsRelativeA
PathQuoteSpacesA
PathRemoveExtensionA

ole32

OleCreateLinkFromData
OleSave
OleCreateMenuDescriptor
OleUninitialize
OleCreateStaticFromData
StringFromCLSID
OleRegGetUserType
ReadClassStg
CreateILockBytesOnHGlobal
OleRun
OleInitialize
OleGetIconOfClass
CoCreateInstance
StgIsStorageILockBytes
CoInitialize
CoUninitialize
CoSetProxyBlanket
OleDuplicateData
CreateBindCtx
GetClassFile
CoCopyProxy
CoRegisterMessageFilter
OleSaveToStream
OleGetClipboard
OleCreate
StgOpenStorageOnILockBytes
IsAccelerator
CreateOleAdviseHolder
GetHGlobalFromILockBytes
OleSetContainedObject
OleFlushClipboard
CreateItemMoniker
OleLoad
CreateGenericComposite
ProgIDFromCLSID
CoTaskMemFree
RevokeDragDrop
WriteClassStg
OleDestroyMenuDescriptor
CLSIDFromString
OleIsCurrentClipboard
CoRegisterClassObject
StgCreateDocfileOnILockBytes
CoTaskMemRealloc
OleTranslateAccelerator
StringFromGUID2
CoRevokeClassObject
CoInitializeSecurity
CoCreateGuid
CoReleaseMarshalData
CoInitializeEx
ReleaseStgMedium
DoDragDrop
CoFreeUnusedLibraries
CoMarshalInterface
WriteClassStm
CoGetClassObject
OleCreateLinkToFile
CLSIDFromProgID
OleSetClipboard
CoLockObjectExternal
CoDisconnectObject
StgOpenStorage
OleSetMenuDescriptor
OleCreateFromData
CoTaskMemAlloc
CreateStreamOnHGlobal
CoGetInterfaceAndReleaseStream
CreateFileMoniker
OleCreateFromFile
CoGetMalloc
StgIsStorageFile

comctl32

ImageList_SetOverlayImage
ImageList_LoadImageA
ImageList_SetImageCount
ImageList_EndDrag
ImageList_DragEnter
ImageList_DragMove
ImageList_GetImageCount
ImageList_SetDragCursorImage
ImageList_DragShowNolock
ImageList_Write
ImageList_BeginDrag
CreatePropertySheetPageA
ImageList_ReplaceIcon
ImageList_GetBkColor
ImageList_SetBkColor
ImageList_Add
ImageList_Destroy
_TrackMouseEvent
ImageList_Read
PropertySheetA
ImageList_GetIconSize
ImageList_Draw
ImageList_DrawEx
ImageList_GetIcon
ImageList_DragLeave
DestroyPropertySheetPage
ImageList_Replace
InitCommonControlsEx
ImageList_AddMasked
ImageList_GetImageInfo
ord17
ImageList_Create
ImageList_Remove

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 472KB - Virtual size: 470KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7cfcba10709e4b1576662a149aeea3e6

Headers

File Characteristics

Imports

user32

shell32

comdlg32

advapi32

kernel32

shlwapi

ole32

comctl32

Sections

.text Size: 84KB - Virtual size: 83KB

.rdata Size: 472KB - Virtual size: 470KB

.data Size: 120KB - Virtual size: 123KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 84KB - Virtual size: 83KB

.rdata
Size: 472KB - Virtual size: 470KB

.data
Size: 120KB - Virtual size: 123KB

.rsrc
Size: 16KB - Virtual size: 15KB