abcb7b12b944772908f69a4639850ce2501973432f2669316bb32b6fb44cbdb9

Sharing

Copy URL Twitter E-mail

General

Target

abcb7b12b944772908f69a4639850ce2501973432f2669316bb32b6fb44cbdb9
Size

436KB
MD5

a657568e237a1f4ecec7398a18d295c2
SHA1

87e4e3e041a71c61687886bf5406e97e01592e07
SHA256

abcb7b12b944772908f69a4639850ce2501973432f2669316bb32b6fb44cbdb9
SHA512

1c1e1e91e50b8b715a517ec903beb54ddf190049a0bdc46d28224859590912dd995a1546ae5ef31fdc22af31e765c49fbb0349e23c24512d718e2cf25169b50b
SSDEEP

6144:gk6RZi16fgefCNnSP513HhnLNyvmidHF6aVH5PnAS/lvDPAOOOHMtu:gk6Bfgtlc3B4OOlhH5PntvTOkME

Score

N/A

Malware Config

Signatures

Files

abcb7b12b944772908f69a4639850ce2501973432f2669316bb32b6fb44cbdb9
.exe windows x86

5bf8ffecb0f6af97ffdf08c8a89ffc15

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrCmpW
PathIsFileSpecW
StrCpyW
PathIsUNCW

advapi32

RegGetKeySecurity
RegCloseKey
RegSetValueExW
RegOpenKeyW
RegOpenKeyExW
RegCreateKeyExW
RegOpenKeyExA
RegQueryValueExW
RegQueryValueW
SetSecurityDescriptorDacl
OpenProcessToken
RegQueryValueExA
RegDeleteKeyW
GetSidSubAuthorityCount
InitializeSecurityDescriptor
RegDeleteValueW
RegDeleteValueA
GetSidSubAuthority
RegSetValueExA
GetTokenInformation

ole32

OleSaveToStream
CreateStreamOnHGlobal
OleSetClipboard
StgCreateDocfile
OleFlushClipboard
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
StgIsStorageFile
CreateBindCtx
OleGetClipboard
OleDuplicateData

user32

SystemParametersInfoA
SetCapture
SetWindowRgn
SetActiveWindow
SetCaretPos
DefDlgProcA
GetLastActivePopup
SetRect
GetMenuItemInfoA
IsIconic
MapWindowPoints
GetMenuState
SetTimer
PostQuitMessage
AdjustWindowRectEx
GetSystemMenu
LoadIconA
RegisterClipboardFormatA
DrawFocusRect
SetClipboardData
CreatePopupMenu
GetDCEx
GetDC
FrameRect
GetMenuItemCount
GetMenuCheckMarkDimensions
GetDesktopWindow
RegisterClassExA
AppendMenuA
GetWindowTextLengthA
SetWindowPos
TranslateAcceleratorA
ExcludeUpdateRgn
GetMessageTime
GetCursorPos
DefWindowProcA
SetCursor
wsprintfA
GetSubMenu
UpdateWindow
SetDlgItemTextA
SetScrollRange
IsRectEmpty
FillRect
CheckDlgButton
CreateCaret
BringWindowToTop
IsChild
BeginPaint
EndPaint
GetScrollPos
EndDeferWindowPos
CallWindowProcA
ReleaseCapture
InvalidateRect
RegisterClassA
GetClientRect
TranslateMessage
DrawEdge
IntersectRect
DeferWindowPos
MessageBoxA
IsMenu
ReleaseDC
TabbedTextOutA
TrackPopupMenu
WindowFromPoint
GetDlgCtrlID
GetKeyState
WaitMessage
CopyRect
DestroyMenu
SetCursorPos
SetDlgItemInt
GetMenu
MoveWindow
CreateWindowExA
LoadCursorA
SetWindowsHookExA
EnableWindow
CharUpperA
GetMenuStringA
GetSystemMetrics
ClientToScreen
GetActiveWindow
DestroyAcceleratorTable
BeginDeferWindowPos
WindowFromDC
LoadImageA
PostThreadMessageA
GetWindowPlacement
GetClassLongA
GetCapture
ShowScrollBar
ShowWindow
EndDialog
SendDlgItemMessageA
OffsetRect
IsDlgButtonChecked
SetForegroundWindow
ShowCaret
RemovePropA
CheckMenuItem
UnhookWindowsHookEx
LoadAcceleratorsA
GetClassInfoA
GetMessageA
DestroyIcon
HideCaret
SetWindowTextA
LoadBitmapA
GetWindowRect
ModifyMenuA
PeekMessageA
SetParent
RegisterWindowMessageA
GetWindowTextA
SetFocus
DestroyWindow
SetMenuItemBitmaps
KillTimer
UnregisterClassA
IsWindow
FindWindowA
EnableMenuItem
InsertMenuA
IsWindowVisible
ValidateRect
RemoveMenu
CopyAcceleratorTableA
GetNextDlgGroupItem
GetWindowLongA
DestroyCursor

comctl32

_TrackMouseEvent
InitCommonControlsEx
PropertySheetA
ImageList_ReplaceIcon
ImageList_DrawEx
ord17
ImageList_GetImageCount

shell32

SHAppBarMessage
ShellExecuteW

wininet

InternetSetOptionA
InternetCrackUrlA
InternetReadFile
HttpOpenRequestA
InternetAttemptConnect
InternetSetCookieA
InternetConnectA
InternetOpenA

gdi32

Ellipse
GetCharABCWidthsA
GetTextFaceA
BeginPath
GetNearestPaletteIndex
Arc
RectVisible
OffsetViewportOrgEx
GetNearestColor
PaintRgn
GetTextExtentPoint32A
GetTextMetricsA
ResetDCA
Rectangle
EndPath
PtInRegion
PolyPolyline
GetDCOrgEx
RectInRegion
SetPixelV
CreateBitmapIndirect
CreatePenIndirect
CreateDIBitmap
DeleteMetaFile
CreateHalftonePalette
GetFontData
DeleteObject
BitBlt
GetDeviceCaps
OffsetRgn
GetCharWidthA
CopyMetaFileA
SetWindowOrgEx
GetClipBox
TextOutA
SetWindowExtEx
CreatePatternBrush
SetPolyFillMode
GetWindowExtEx
GetStretchBltMode
CreatePen
StretchDIBits
ExtCreateRegion
Polygon
ExtTextOutA
PtVisible
GetViewportExtEx
GetPolyFillMode
GetTextExtentPointA
CreateRoundRectRgn
GetClipRgn
SetBrushOrgEx
IntersectClipRect
SetTextCharacterExtra
CreateRectRgnIndirect

winmm

waveOutGetDevCapsA
mciSendCommandA
timeEndPeriod
waveOutUnprepareHeader
waveOutOpen
waveOutPrepareHeader
waveOutReset
mixerSetControlDetails
waveOutWrite
waveOutClose
mixerOpen
mixerClose
PlaySoundA

winspool.drv

DocumentPropertiesA
ClosePrinter
GetJobA
OpenPrinterA
ord204
GetPrinterA

kernel32

InterlockedIncrement
LoadLibraryA
VirtualFree
TlsFree
GetTimeFormatA
TlsGetValue
LoadLibraryW
GetStringTypeW
GetConsoleMode
RaiseException
GetCPInfo
RtlUnwind
GetFileType
CreateMutexA
GetModuleHandleA
HeapAlloc
FreeEnvironmentStringsA
MultiByteToWideChar
CompareStringA
WriteFile
LCMapStringA
GetStdHandle
InitializeCriticalSection
GetSystemTimeAsFileTime
HeapDestroy
GetLastError
GetModuleFileNameA
SetConsoleCtrlHandler
GetACP
VirtualAlloc
GetCurrentProcess
EnterCriticalSection
GetTimeZoneInformation
GetCommandLineA
SetUnhandledExceptionFilter
ExitProcess
GetProcAddress
GetProcessHeap
SetFilePointer
WriteConsoleW
GetTickCount
HeapReAlloc
GetConsoleCP
GetModuleFileNameW
TlsAlloc
GetVersionExA
GetDateFormatA
InterlockedDecrement
CompareStringW
OutputDebugStringA
SetLastError
InterlockedExchange
IsDebuggerPresent
FlushFileBuffers
WideCharToMultiByte
IsBadReadPtr
DeleteCriticalSection
GetStringTypeA
FreeEnvironmentStringsW
HeapValidate
GetLocaleInfoA
LCMapStringW
GetCurrentThreadId
VirtualQuery
LeaveCriticalSection
UnhandledExceptionFilter
GetConsoleOutputCP
GetEnvironmentStrings
CloseHandle
WriteConsoleA
QueryPerformanceCounter
SetStdHandle
CreateFileA
SetEnvironmentVariableA
GetOEMCP
HeapCreate
TlsSetValue
IsValidCodePage
DebugBreak
TerminateProcess
GetCurrentProcessId
GetStartupInfoA
ReadFile
OutputDebugStringW
HeapFree
SetHandleCount
GetEnvironmentStringsW

Sections

.text
Size: 208KB - Virtual size: 206KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5bf8ffecb0f6af97ffdf08c8a89ffc15

Headers

File Characteristics

Imports

shlwapi

advapi32

ole32

user32

comctl32

shell32

wininet

gdi32

winmm

winspool.drv

kernel32

Sections

.text Size: 208KB - Virtual size: 206KB

.rdata Size: 112KB - Virtual size: 108KB

.data Size: 56KB - Virtual size: 85KB

.rsrc Size: 56KB - Virtual size: 53KB

.text
Size: 208KB - Virtual size: 206KB

.rdata
Size: 112KB - Virtual size: 108KB

.data
Size: 56KB - Virtual size: 85KB

.rsrc
Size: 56KB - Virtual size: 53KB