77239513413e26259e249ab1ad8a7b47c24fa51ae12c9459eea43bb795247a31

Sharing

Copy URL

Twitter E-mail

General

Target

77239513413e26259e249ab1ad8a7b47c24fa51ae12c9459eea43bb795247a31
Size

128KB
MD5

dc92858693f62add2eb4696abce11d62
SHA1

9ba2bc49ef5a5f0b4a5378e5e847bd34c132efbc
SHA256

77239513413e26259e249ab1ad8a7b47c24fa51ae12c9459eea43bb795247a31
SHA512

a184df149c33a57ab3e3847c32b13479b39e68611103dce9b555d81fc48a6d3607427280feadf707d3836861c854857f786272d0c722a1113178b9c1ebd5cf04
SSDEEP

1536:ka+IXIDRYRQooHNwXr1SuIeUQ9Z7S/eh4tX+tgsq818pSammuZQZi1cDMQsd+5eO:kbIYD+ToGQebSWhysq8kS/ZdKPSB

Score

N/A

Malware Config

Signatures

Files

77239513413e26259e249ab1ad8a7b47c24fa51ae12c9459eea43bb795247a31
.exe windows x86

9f2d1abd20ccae6336e655ecbfe0b9c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoRegisterSurrogate
SetConvertStg
CoReleaseMarshalData

msvcrt

_adjust_fdiv
_except_handler3
_exit
__setusermatherr
__p__commode
__p__fmode
__set_app_type
_XcptFilter
exit
_controlfp
__getmainargs
_initterm
_acmdln

urlmon

IsValidURL
URLDownloadToCacheFileW
IsAsyncMoniker
CoInternetParseUrl
CoInternetCreateZoneManager
CoInternetCreateSecurityManager
URLOpenPullStreamA
WriteHitLogging
CoInternetGetProtocolFlags
HlinkSimpleNavigateToString
URLOpenBlockingStreamW
GetClassFileOrMime
HlinkNavigateString
CreateAsyncBindCtxEx
FindMimeFromData
CoInternetGetSession

setupapi

SetupQueryFileLogA
SetupDiInstallClassW
SetupDiOpenDeviceInfoW
SetupDiSelectDevice
SetupQueryDrivesInDiskSpaceListW
SetupDeleteErrorW
SetupPromptForDiskW
SetupAdjustDiskSpaceListW
SetupDiSetClassInstallParamsW
SetupCopyOEMInfA
SetupDiGetClassDescriptionA
SetupRemoveFromSourceListW
SetupFindFirstLineW
SetupDiCreateDeviceInfoListExA
SetupOpenAppendInfFileA
SetupSetPlatformPathOverrideW
SetupDiDrawMiniIcon
SetupGetBinaryField
SetupGetMultiSzFieldA
SetupGetInfFileListA
SetupGetSourceFileLocationA
SetupQueueDeleteW
SetupDiCreateDeviceInfoList
SetupInstallFileExA
SetupDiCreateDevRegKeyA
SetupDiGetHwProfileFriendlyNameA
SetupDiGetDriverInfoDetailA
SetupInstallFileExW
SetupDiGetClassDevPropertySheetsW
SetupGetFileCompressionInfoA
SetupGetSourceFileSizeA
SetupDiBuildClassInfoList
SetupDiGetClassImageListExW
SetupDiClassNameFromGuidW
SetupDiSetDeviceRegistryPropertyW
SetupQuerySpaceRequiredOnDriveW
SetupGetLineTextA
SetupIterateCabinetW
SetupDiGetClassImageIndex
SetupDiSetDeviceInstallParamsA
SetupQueueRenameA
SetupGetInfInformationA
SetupQueryInfVersionInformationW
SetupDiCreateDeviceInterfaceW
SetupDiSetSelectedDriverA
SetupDiGetHwProfileFriendlyNameExA
SetupDiEnumDeviceInterfaces
SetupLogErrorW

imm32

ImmGetVirtualKey

pdh

PdhBrowseCountersW
PdhEnumMachinesA
PdhGetDefaultPerfObjectA
PdhValidatePathA
PdhCalculateCounterFromRawValue
PdhParseCounterPathW
PdhGetDllVersion
PdhExpandCounterPathA
PdhMakeCounterPathW
PdhValidatePathW
PdhOpenLogA
PdhGetCounterTimeBase
PdhSelectDataSourceW
PdhOpenLogW
PdhLookupPerfIndexByNameW
PdhSelectDataSourceA

gdi32

PlgBlt

advapi32

LsaSetTrustedDomainInformation

comctl32

ImageList_Create

wininet

GopherOpenFileW
FtpGetFileW
RetrieveUrlCacheEntryFileA
InternetAttemptConnect
InternetConnectA
InternetGetLastResponseInfoW
GopherOpenFileA
InternetCrackUrlA
InternetGetCookieA
GopherGetLocatorTypeW
FindFirstUrlCacheEntryExA
InternetHangUp
HttpQueryInfoW
InternetCheckConnectionA
InternetCombineUrlW
GetUrlCacheEntryInfoW
InternetCanonicalizeUrlA
FtpOpenFileA
InternetReadFile
FindNextUrlCacheEntryA
HttpSendRequestExW
GopherGetLocatorTypeA
InternetReadFileExW
GopherCreateLocatorA
GetUrlCacheEntryInfoA
HttpSendRequestExA
DeleteUrlCacheEntry
InternetOpenA
FindNextUrlCacheEntryExA
FtpSetCurrentDirectoryA
CommitUrlCacheEntryW

msi

ord64
ord28
ord16
ord19
ord46
ord60
ord45
ord55
ord38
ord165
ord74

user32

OffsetRect
SetDlgItemInt
DestroyMenu
DefMDIChildProcA
OpenWindowStationA
CreateAcceleratorTableW
DefDlgProcA
CreateCaret
BringWindowToTop
PackDDElParam
EnumDesktopsA
ReuseDDElParam
IsCharAlphaNumericA
PostMessageA
CharToOemA
InSendMessage
ModifyMenuW
DrawTextExW
GetTabbedTextExtentA
DialogBoxParamA
GetCaretBlinkTime
FillRect
CopyImage
GetDialogBaseUnits
AppendMenuW
HideCaret
RegisterWindowMessageW
CharPrevW
CharUpperW
DrawStateA
GetWindowDC
GetKeyState
InvertRect
GetMessageA
GrayStringW
IsZoomed
CheckMenuRadioItem
GetCursorPos
CreateIconIndirect
DrawAnimatedRects
EnumChildWindows

kernel32

DisconnectNamedPipe
GlobalUnlock
FormatMessageA
GetCurrentDirectoryW
GlobalFindAtomA
FlushConsoleInputBuffer
GetFileTime
AllocConsole
GetLongPathNameW
GetSystemTimeAsFileTime
FileTimeToDosDateTime
GlobalLock
CreateMutexA
GetNumberFormatW
DefineDosDeviceA
FileTimeToLocalFileTime
FreeConsole
FlushViewOfFile
GetStartupInfoW
GetPrivateProfileStringW
GetModuleHandleW
CreateFileW
GetACP
GetProcessHeap
GetPrivateProfileSectionW
DefineDosDeviceW
AddAtomA
ExitProcess
GetSystemDirectoryA
FreeLibraryAndExitThread
GetStartupInfoA
GetModuleHandleA
ConvertDefaultLocale
GetFileInformationByHandle
GetNumberFormatA
GetEnvironmentStringsW
GetFullPathNameW
GetVersionExA
GetTimeFormatA
FindResourceExA

rasapi32

RasGetConnectStatusA
RasGetCountryInfoW
RasSetEntryPropertiesA
RasRenameEntryW
RasGetProjectionInfoW
RasGetConnectStatusW
RasDeleteEntryA
RasGetEntryDialParamsW
RasEnumConnectionsA
RasGetEntryPropertiesA
RasCreatePhonebookEntryW
RasGetCountryInfoA
RasRenameEntryA
RasSetEntryDialParamsW
RasGetErrorStringA
RasGetProjectionInfoA

rpcrt4

RpcSsDisableAllocate

winmm

mmioFlush
mmioSeek

winspool.drv

EnumPrinterDriversA
GetPrintProcessorDirectoryW
DocumentPropertiesA
AddMonitorA
DeletePrintProcessorA
WritePrinter
ConfigurePortW
PrinterMessageBoxA
OpenPrinterW
DeletePrinterConnectionA
AddPortA
EnumPortsW
GetPrinterDataExW
EnumPrinterKeyA
OpenPrinterA
DeletePrintProvidorW
ConnectToPrinterDlg
ResetPrinterA

oleaut32

VarR4FromDisp
VarUI1FromR4

nddeapi

ord603
ord611
ord511

comdlg32

GetSaveFileNameW
FindTextW
GetSaveFileNameA
ReplaceTextA

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9f2d1abd20ccae6336e655ecbfe0b9c8

Headers

File Characteristics

Imports

ole32

msvcrt

urlmon

setupapi

imm32

pdh

gdi32

advapi32

comctl32

wininet

msi

user32

kernel32

rasapi32

rpcrt4

winmm

winspool.drv

oleaut32

nddeapi

comdlg32

Sections

.text Size: 56KB - Virtual size: 52KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 2.8MB

.text
Size: 56KB - Virtual size: 52KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 2.8MB