942fbc6aa926f411b56330259cbd577020ec7134d1b8881e4feb5d77874c87fa

Sharing

Copy URL Twitter E-mail

General

Target

942fbc6aa926f411b56330259cbd577020ec7134d1b8881e4feb5d77874c87fa
Size

220KB
MD5

49475666f3709855ef96354b28dce9cd
SHA1

28a0bab118f5832af90546b841e457450bdd426a
SHA256

942fbc6aa926f411b56330259cbd577020ec7134d1b8881e4feb5d77874c87fa
SHA512

4ef65c349181eeb9e79578661f81d1e07c1b1f9ce3cff9e86c7b31634c5cff6d76b57279758274e2f604234252db1e6c824b51686bb3c9bde55aeb28b3793751
SSDEEP

6144:hwE5iGmok2oIo/DNskQz23eJvX/hpoDpX8+CYrD+72RhV:hn5s2oIoZsDvX/hGK+qM

Score

N/A

Malware Config

Signatures

Files

942fbc6aa926f411b56330259cbd577020ec7134d1b8881e4feb5d77874c87fa
.exe windows x86

00982c1b07e3cb0f329d41d110d24ce6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

PeekMessageA
TrackPopupMenuEx
KillTimer
MenuItemFromPoint
CreateMenu
SwitchDesktop
LoadBitmapW
GetSysColorBrush
ModifyMenuW
DdeQueryConvInfo
DdeCreateStringHandleW
CreateWindowExW
GetMenuBarInfo
GetWindowLongW
FindWindowExA
IsCharUpperW
MessageBoxExW
SetDeskWallpaper
DestroyMenu
SetSystemCursor
GetWindowWord
GetActiveWindow
TabbedTextOutA
InsertMenuItemW
SetDoubleClickTime
ChangeDisplaySettingsExW
GetMenuItemID
GetClassNameW
GetCaretBlinkTime
SetWindowTextA
GetClassWord
DlgDirListW
InvalidateRgn
GetPropA
DdeAccessData
SendMessageCallbackA
DeleteMenu
SetDlgItemTextA
GetKeyboardLayoutNameA
IsDlgButtonChecked
IsCharUpperA
WindowFromDC
IsCharAlphaNumericW
ScrollDC
GetKeyNameTextA
CreateDialogIndirectParamA
MonitorFromRect
CreateIcon
CascadeChildWindows
GetUpdateRgn
GetDlgItem
FindWindowExW
DdeFreeDataHandle
BroadcastSystemMessage
PackDDElParam
TileWindows
LoadCursorA
AppendMenuA
GetWindowModuleFileNameW
DrawStateA
GetWindowRgn
FlashWindowEx
WINNLSGetEnableStatus
GetTabbedTextExtentW
OpenWindowStationW
DdeUnaccessData
GetScrollRange
SetCaretPos
VkKeyScanExW
CharNextA
MessageBeep
SendIMEMessageExW
DlgDirSelectComboBoxExW
GetDlgItemTextW
CharUpperW
GetProcessDefaultLayout
GetClipCursor
PostQuitMessage
GetClipboardFormatNameA
PostThreadMessageW
GetMenuItemInfoA
IsWindowEnabled
GetKeyboardLayoutNameW
GetClipboardData
SetMenuItemInfoA
CallMsgFilterA
EnumPropsExW
LoadCursorFromFileW
GetKeyboardLayoutList
GetMessageW
GetUserObjectInformationA
EnumDisplaySettingsExW
SendDlgItemMessageW
VkKeyScanW
GetIconInfo
CopyIcon
PaintDesktop
DdeCreateStringHandleA
RedrawWindow
CharPrevA
OpenIcon
ChangeClipboardChain
GetClassNameA
CreateDialogParamW
EnumPropsExA
RealGetWindowClass
DefWindowProcW
DlgDirListA
InSendMessageEx
SendMessageW
MsgWaitForMultipleObjectsEx
IsWindow
GetFocus
RegisterHotKey
MonitorFromWindow
OemKeyScan
EndDialog
SetPropA
InSendMessage
BroadcastSystemMessageW
CreateAcceleratorTableA
EnumPropsW
CreateDialogIndirectParamW
SetWindowLongA
ShowOwnedPopups
LoadMenuA
CreateDesktopW
CheckRadioButton
VkKeyScanExA
EnumWindowStationsW
LoadStringA
LoadKeyboardLayoutA
EnumDesktopsW
SetClassWord
SetMessageQueue
IsChild
ReleaseDC
EnumDisplayDevicesW

advapi32

IsTextUnicode
CryptGetDefaultProviderA
OpenBackupEventLogA
CryptSetProviderW
MapGenericMask
SetSecurityInfoExA
RegCloseKey
CryptSignHashW
ConvertSecurityDescriptorToAccessNamedW
PrivilegedServiceAuditAlarmA
CryptGenRandom
GetAuditedPermissionsFromAclW
SetEntriesInAuditListA
CryptGenKey
SetNamedSecurityInfoExA
SetAclInformation
SetServiceBits
CryptGetUserKey
OpenServiceW
SetServiceObjectSecurity
RegSetValueA
LookupAccountNameW
CreatePrivateObjectSecurity
GetSecurityInfo
ImpersonateNamedPipeClient
RegSetKeySecurity
RegSaveKeyW
LookupAccountNameA
SetNamedSecurityInfoW
GetUserNameW
SetKernelObjectSecurity
InitializeAcl
LookupPrivilegeNameA
RegOpenKeyA
OpenSCManagerW
GetLengthSid
ObjectCloseAuditAlarmA
LogonUserW
GetNamedSecurityInfoA
AddAuditAccessAce
RegDeleteKeyA
CryptDuplicateKey
CryptSetProviderExA
CryptReleaseContext
RegQueryValueExA
RegisterServiceCtrlHandlerA
GetAuditedPermissionsFromAclA
QueryServiceLockStatusA
BuildTrusteeWithNameW
RegConnectRegistryW
CryptVerifySignatureW
RegReplaceKeyA
AdjustTokenGroups
OpenBackupEventLogW
ObjectPrivilegeAuditAlarmW
CryptSetProvParam
SetEntriesInAccessListW
RegEnumValueA
SetEntriesInAuditListW
GetSecurityDescriptorOwner
CryptContextAddRef
QueryServiceLockStatusW
RegFlushKey
RegGetKeySecurity
RegLoadKeyW
CryptGetProvParam
SetTokenInformation
CryptSetProviderExW
GetFileSecurityW
RegReplaceKeyW
SetNamedSecurityInfoExW
GetSidSubAuthorityCount
GetPrivateObjectSecurity
GetMultipleTrusteeOperationW
BuildTrusteeWithSidA
GetKernelObjectSecurity
FreeSid
LookupSecurityDescriptorPartsW
GetSecurityDescriptorGroup
CryptExportKey
ObjectDeleteAuditAlarmW
GetServiceDisplayNameW
IsValidSid
CryptEnumProvidersA
SetSecurityInfo
RegCreateKeyA
GetCurrentHwProfileW
GetServiceDisplayNameA
BuildTrusteeWithNameA
CryptEncrypt
CryptSignHashA
AddAce
SetEntriesInAclA
RegDeleteKeyW
RegisterServiceCtrlHandlerW
CryptEnumProviderTypesA
NotifyChangeEventLog
SetNamedSecurityInfoA
LookupAccountSidA
RegEnumValueW
FindFirstFreeAce
RegDeleteValueA
TrusteeAccessToObjectA
RegQueryValueA
GetSecurityInfoExW
GetExplicitEntriesFromAclA
LookupSecurityDescriptorPartsA
RegQueryValueExW
BackupEventLogW
GetSecurityDescriptorDacl
EnumServicesStatusA
ObjectDeleteAuditAlarmA
EnumServicesStatusW
GetNamedSecurityInfoW

shlwapi

PathMakePrettyW
PathFindNextComponentW
PathCreateFromUrlW
wvnsprintfW
SHRegWriteUSValueA
PathRenameExtensionW
SHRegQueryUSValueW
PathRemoveBackslashA
UrlIsNoHistoryA
PathIsDirectoryW
StrSpnA
PathSetDlgItemPathA
StrToIntExW
SHSetValueA
AssocQueryStringW
StrRetToStrW
SHDeleteKeyW
PathMatchSpecW
PathMakeSystemFolderA
PathRemoveBlanksA
StrRChrIW
PathIsPrefixA
SHRegDeleteUSValueA
IntlStrEqWorkerA
SHDeleteKeyA
PathFindNextComponentA
PathFindOnPathA
UrlHashA
SHQueryValueExW
PathFindExtensionA
PathIsUNCA
StrFormatByteSize64A
StrStrW
PathGetDriveNumberA
SHSetValueW
PathIsRootA
PathRemoveBlanksW
UrlCreateFromPathW
PathIsUNCW
UrlIsOpaqueA
PathIsNetworkPathA
StrTrimW
SHRegGetBoolUSValueW
StrCatBuffW
PathMakeSystemFolderW
SHRegDuplicateHKey
StrTrimA
SHRegGetBoolUSValueA
StrFromTimeIntervalA
UrlUnescapeA
SHQueryInfoKeyW
UrlUnescapeW
SHRegQueryInfoUSKeyW
StrCSpnA
SHRegDeleteEmptyUSKeyW
PathIsSystemFolderW
PathIsContentTypeA
StrToIntW
SHStrDupW
SHRegSetUSValueA
SHCopyKeyA
SHCreateStreamOnFileW
PathCombineA
PathGetArgsA
PathGetCharTypeW
PathMatchSpecA
PathSearchAndQualifyA
StrCmpW
PathAppendA
PathIsURLA
StrNCatW
StrFormatKBSizeW
StrRetToBufW
PathRemoveArgsW
PathRemoveExtensionA
AssocQueryStringA
UrlIsW
SHDeleteValueW
PathIsContentTypeW
PathIsURLW
PathCombineW
SHSkipJunction
UrlIsA
StrCSpnIA
HashData
PathCompactPathExA
PathQuoteSpacesW
PathSkipRootA
SHRegWriteUSValueW
GetMenuPosFromID
PathCompactPathW
PathMakePrettyA
SHQueryInfoKeyA
UrlIsOpaqueW
SHEnumValueW
PathIsRelativeA
StrNCatA
PathIsRootW
StrCSpnW
StrCatW
PathGetCharTypeA
UrlCombineA
AssocQueryKeyA
StrFromTimeIntervalW

kernel32

GetPrivateProfileIntW
FatalAppExitA
WritePrivateProfileStructA
SetUnhandledExceptionFilter
GetLargestConsoleWindowSize
WriteConsoleOutputCharacterA
SetWaitableTimer
EndUpdateResourceW
WideCharToMultiByte
EraseTape
TerminateThread
FindAtomA
ReadConsoleA
GetTempPathA
lstrcmpW
SetLastError
ReadConsoleInputA
FindNextFileA
FreeEnvironmentStringsA
CancelIo
GetTimeZoneInformation
IsSystemResumeAutomatic
GetWindowsDirectoryA
EnumDateFormatsW
GetProfileSectionA
FindAtomW
UnlockFileEx
SetConsoleCP
BuildCommDCBAndTimeoutsA
WriteProfileStringA
VirtualProtect
GetDriveTypeW
lstrcmpiW
CreateFileMappingA
BuildCommDCBAndTimeoutsW
LoadResource
CreateSemaphoreA
VirtualUnlock
Beep
VirtualAlloc
LocalHandle
CreateFileW
GetNamedPipeInfo
SetErrorMode
FreeEnvironmentStringsW
lstrcpynW
WriteProfileSectionA
SetCommState
LockFile
FindFirstFileW
GlobalMemoryStatus
DeleteAtom
GetStringTypeExA
FreeLibrary
GetPrivateProfileStringW
FindCloseChangeNotification
SetLocaleInfoW
GetCommandLineW
SetEvent
ConnectNamedPipe
VirtualFreeEx
CreateTapePartition
GlobalFree
GetLogicalDriveStringsA
FlushViewOfFile
CreatePipe
lstrcatA
GetDriveTypeA
TlsFree
UnlockFile
GetTempPathW
FindClose
GetProcAddress
SetCalendarInfoA
DeleteFileA
SleepEx
MoveFileExW
CreateFiber
GlobalAddAtomW
WaitCommEvent
LocalAlloc
SetThreadPriorityBoost
GetModuleHandleA
CreateProcessW
InitAtomTable
GetCommModemStatus
GlobalFindAtomA
WriteFile
ReadDirectoryChangesW
MoveFileExA
IsDBCSLeadByteEx
OpenWaitableTimerA
GetCommState
CreateMutexW
SetTimeZoneInformation
ReadFileEx
GetCalendarInfoA
SizeofResource
GetModuleHandleW
RequestWakeupLatency
SetCalendarInfoW
TlsAlloc
RemoveDirectoryW
LocalReAlloc
OpenSemaphoreW
QueryPerformanceCounter
ReadConsoleOutputA
SetNamedPipeHandleState
SystemTimeToFileTime
GetCPInfo
GetFileSize
IsBadHugeReadPtr
CancelWaitableTimer
ReadConsoleOutputW
PulseEvent
SetEnvironmentVariableW
CreateConsoleScreenBuffer
FindResourceW
WaitForSingleObjectEx
GetFullPathNameA
TransmitCommChar
EnumResourceNamesA
DefineDosDeviceW
PeekConsoleInputW
WriteFileGather
GetSystemTimeAdjustment
EnumResourceTypesA
DisableThreadLibraryCalls

ole32

StringFromIID
OpenOrCreateStream
CreateClassMoniker
OleCreateFromDataEx
OleSetMenuDescriptor
CoGetCurrentProcess
CoQueryClientBlanket
UtConvertDvtd16toDvtd32
CoQueryReleaseObject
OleConvertIStorageToOLESTREAM
GetHookInterface
StgGetIFillLockBytesOnFile
OleConvertIStorageToOLESTREAMEx
OleCreateLink
WriteClassStg
CoMarshalHresult
CoGetStandardMarshal
OleCreateFromFile
CoDisconnectObject
CoRevertToSelf
CoCopyProxy
CoTaskMemAlloc
CoCreateInstance
OleCreateLinkToFileEx
StringFromGUID2
PropVariantCopy
OleGetIconOfFile
OleMetafilePictFromIconAndLabel
OleIsCurrentClipboard
CoInitializeEx
BindMoniker
OleCreateDefaultHandler
IsEqualGUID
OleSetClipboard
CoMarshalInterface
CreateFileMoniker
OleUninitialize
CoUninitialize
ProgIDFromCLSID
OleDraw
MonikerCommonPrefixWith
GetHGlobalFromStream
OleRun
CreateBindCtx
CoFreeAllLibraries
OleDoAutoConvert
CoGetClassObject
CoCreateInstanceEx
OleCreateFromData
CoAddRefServerProcess
StgCreateStorageEx
CoGetCallerTID
OleCreate
CoUnmarshalInterface
OleGetClipboard
StgOpenStorageEx
WriteClassStm
OleLockRunning
OleRegGetMiscStatus
CoRegisterChannelHook
CreateObjrefMoniker
RevokeDragDrop
CreateGenericComposite
CoFileTimeToDosDateTime
CoQueryProxyBlanket
OleQueryLinkFromData
CoGetInterfaceAndReleaseStream
CoGetInstanceFromIStorage
StgOpenAsyncDocfileOnIFillLockBytes
OleFlushClipboard
OleRegEnumVerbs
DllDebugObjectRPCHook
CoRegisterClassObject
OleLoad
GetClassFile
CoImpersonateClient
CoTaskMemFree
CoRegisterMallocSpy
OleDestroyMenuDescriptor
UtConvertDvtd32toDvtd16
CoSetProxyBlanket
IIDFromString
UpdateDCOMSettings
OleSave
OleCreateLinkToFile
CreatePointerMoniker
CoSuspendClassObjects
OleNoteObjectVisible
CreateOleAdviseHolder
CoRegisterMessageFilter
OleGetIconOfClass
OleCreateEx
UtGetDvtd32Info
EnableHookObject
GetDocumentBitStg
StgOpenStorage
CoFileTimeNow
CoInitializeSecurity
OleRegGetUserType
WriteOleStg
RegisterDragDrop
CoRegisterSurrogate
FreePropVariantArray

Sections

.text
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

00982c1b07e3cb0f329d41d110d24ce6

Headers

DLL Characteristics

File Characteristics

Imports

user32

advapi32

shlwapi

kernel32

ole32

Sections

.text Size: 69KB - Virtual size: 68KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 512B - Virtual size: 152B

.text
Size: 69KB - Virtual size: 68KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 512B - Virtual size: 152B