8f895139f9b643160f65e4a198458a5183c8c59d4e0fed6856f05b03c972a912

Sharing

Copy URL Twitter E-mail

General

Target

8f895139f9b643160f65e4a198458a5183c8c59d4e0fed6856f05b03c972a912
Size

391KB
MD5

1bdd649573714d8929cf9a1b18a72d90
SHA1

b916d87d48d44f38331513163dd6014f9a44b2f4
SHA256

8f895139f9b643160f65e4a198458a5183c8c59d4e0fed6856f05b03c972a912
SHA512

343205b39246cc9732f0ef4013ef34ae140aab8a35692d71e73f87fb493f4f9c6a57c357c2b9e93edb9771f7b24e9c0d5acd1400c82a1df33055ae74f7b108aa
SSDEEP

12288:EX2hLO4q8KLtJgzdY7WpglBmm/Ob8tsnhJqIcMoV:E+QLtJ85Qm/9c7

Score

N/A

Malware Config

Signatures

Files

8f895139f9b643160f65e4a198458a5183c8c59d4e0fed6856f05b03c972a912
.exe windows x86

e8a8e1f8c7521574f901aef5d9efa12f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleCreateLinkToFile
OleConvertOLESTREAMToIStorage
StgOpenStorageEx
CoFreeLibrary
StgOpenStorage
CoBuildVersion
CoTaskMemRealloc
OleGetIconOfFile
MonikerCommonPrefixWith
CoSuspendClassObjects
GetHGlobalFromStream
CoRegisterClassObject
OleCreate
WriteClassStg
CoSetProxyBlanket
RegisterDragDrop
OleCreateMenuDescriptor
OleRegEnumVerbs
CoRegisterSurrogate
OleBuildVersion
CoGetCurrentProcess
CoRegisterMallocSpy
OleNoteObjectVisible
CreateObjrefMoniker
OleCreateEmbeddingHelper
SetConvertStg
OleConvertIStorageToOLESTREAM
CoQueryReleaseObject
GetHGlobalFromILockBytes
MkParseDisplayName
OleFlushClipboard
CreateAntiMoniker
OleTranslateAccelerator
CoTaskMemAlloc
OleConvertOLESTREAMToIStorageEx
RevokeDragDrop
OleSetAutoConvert
CoGetObject
UtConvertDvtd32toDvtd16
CoImpersonateClient
CoRevokeMallocSpy
GetDocumentBitStg
OleCreateLink
StringFromIID
OleCreateFromDataEx
OleIsRunning
MonikerRelativePathTo
CoCreateInstance
OleRegEnumFormatEtc
CoIsHandlerConnected
WriteStringStream
ReadOleStg
CoGetStandardMarshal
OleCreateLinkFromData
CoGetTreatAsClass
CreatePointerMoniker
OleLoad
OleMetafilePictFromIconAndLabel
OleSetClipboard
CLSIDFromString
OleLoadFromStream
OleCreateLinkToFileEx
CoRevertToSelf
OleCreateEx
OleQueryLinkFromData
CoGetClassObject
StgSetTimes

user32

DrawIconEx
CallNextHookEx
ToUnicode
UnhookWindowsHookEx
SetMessageExtraInfo
SendMessageTimeoutA
CopyAcceleratorTableW
IsDialogMessageW
EnumChildWindows
SetClipboardViewer
CloseDesktop
GetClassInfoA
GetClientRect
ClipCursor
SendDlgItemMessageW
WinHelpA
DrawFocusRect
DdeConnectList
DispatchMessageW
CloseClipboard
CascadeWindows
DestroyWindow
LoadAcceleratorsW
DefFrameProcW
LookupIconIdFromDirectory
DrawFrame
SetMenu
TranslateAcceleratorW
SetWindowLongA
SetWindowsHookA
IsIconic
DrawEdge
SwitchDesktop
EnumWindowStationsA
RemovePropA
CallWindowProcW
ChangeDisplaySettingsW
OpenDesktopW
ToAscii
DlgDirListComboBoxA
GetAncestor
EnumThreadWindows
PostThreadMessageW
GetMenuStringA
SetScrollInfo
GetMessageExtraInfo
GetTabbedTextExtentW
GetKeyboardLayout
GetCapture
GetClipboardSequenceNumber
SetMenuItemBitmaps
MessageBeep
DdeUninitialize
RealGetWindowClass
SetCursor
MapDialogRect
OpenClipboard
GetKeyNameTextW
DestroyIcon
CreateMDIWindowW
CharToOemBuffW
OemToCharBuffW
SetForegroundWindow
MapWindowPoints
IsDlgButtonChecked
ModifyMenuA
GetUpdateRgn
GetMenuItemCount
CharLowerBuffA
WINNLSEnableIME
DdeGetData
CharLowerW
ValidateRect
SetDeskWallpaper
LookupIconIdFromDirectoryEx
DdeAbandonTransaction
GetWindowPlacement
TranslateAccelerator
LoadBitmapW
GetSystemMetrics
GrayStringA
GetWindowLongW
DdeDisconnect
TranslateMessage
GetPriorityClipboardFormat
SetRectEmpty
SetSysColors
MonitorFromPoint
DdeKeepStringHandle
GetKeyboardLayoutNameW
DdeInitializeA
ModifyMenuW
SetScrollRange
GetDesktopWindow
CascadeChildWindows

kernel32

LocalReAlloc
FillConsoleOutputCharacterW
GetPrivateProfileIntA
WritePrivateProfileStringW
GlobalFix
VirtualProtect
GetFileAttributesW
CallNamedPipeW
LoadLibraryW
HeapWalk
GetSystemDirectoryA
LocalCompact
GetWindowsDirectoryW
IsBadWritePtr
GetModuleHandleW
GlobalUnlock
SetDefaultCommConfigW
RequestDeviceWakeup
GlobalAddAtomA
SetProcessShutdownParameters
Thread32First
ConnectNamedPipe
OpenWaitableTimerW
OpenSemaphoreA
GetFileTime
GetModuleFileNameW
GetWindowsDirectoryA
WriteProcessMemory
ResetEvent
GetUserDefaultLangID
GetBinaryTypeW
SetEvent
EnumTimeFormatsA
Heap32ListFirst
FindResourceExA
GetFileType
GetStartupInfoW
SetConsoleActiveScreenBuffer
OpenWaitableTimerA
CreateDirectoryExA
TerminateProcess
GlobalHandle
FindAtomW
LocalFileTimeToFileTime
MulDiv
EnumDateFormatsW
GetCompressedFileSizeW
lstrcpyW
GetSystemTime
EnumTimeFormatsW
CancelDeviceWakeupRequest
GlobalFlags
WideCharToMultiByte
GetPrivateProfileStringA
InitializeCriticalSectionAndSpinCount
CopyFileA
SetThreadIdealProcessor
GetCurrentProcess
WritePrivateProfileSectionW
GetDiskFreeSpaceA
LocalFree
VirtualFree
GetDateFormatW
SetFileTime
SetConsoleCP
GetBinaryTypeA
MoveFileA
AddAtomA
PeekNamedPipe
SizeofResource
WriteConsoleOutputCharacterW
MapViewOfFileEx
SetEnvironmentVariableW
Heap32First
GetProcessShutdownParameters
LockFile
GetPrivateProfileIntW
GetSystemInfo
SetEndOfFile
GetStdHandle
SetLocaleInfoA
FindNextFileW
DeleteFileA
SetCalendarInfoA
WaitCommEvent
GetTempPathW
WriteConsoleOutputAttribute
GetCommandLineW
SetUnhandledExceptionFilter
VirtualAlloc

advapi32

CryptDeriveKey
EnumServicesStatusA
GetExplicitEntriesFromAclW
AccessCheckAndAuditAlarmW
OpenServiceA
ObjectPrivilegeAuditAlarmW
RegQueryValueA
SetAclInformation
LookupSecurityDescriptorPartsW
CryptSetHashParam
BuildTrusteeWithSidA
RegQueryValueExW
GetMultipleTrusteeW
SetSecurityDescriptorOwner
QueryServiceLockStatusA
AdjustTokenPrivileges
BuildImpersonateExplicitAccessWithNameW
GetFileSecurityA
LookupPrivilegeDisplayNameW
RegCreateKeyA
SetFileSecurityW
InitializeAcl
RegEnumValueW
RegQueryMultipleValuesA
CryptSetProviderA
ConvertAccessToSecurityDescriptorW
CryptEnumProviderTypesW
OpenProcessToken
LookupAccountSidW
BuildImpersonateTrusteeA
ClearEventLogW
IsTextUnicode
RegQueryInfoKeyW
RegisterEventSourceA
DuplicateToken
ClearEventLogA
CryptGetDefaultProviderA
CryptGetDefaultProviderW
GetOverlappedAccessResults
ImpersonateNamedPipeClient
ReportEventW
DeleteService
GetTrusteeNameW
CryptSetProviderExW
SetEntriesInAclA
SetEntriesInAuditListA
EnumDependentServicesW
RegDeleteKeyW
RegisterServiceCtrlHandlerW
RegSetValueA
OpenThreadToken
GetNumberOfEventLogRecords
StartServiceW
TrusteeAccessToObjectW
RegSetValueExA
CryptGetUserKey
GetSidSubAuthorityCount
CryptHashSessionKey
ConvertSecurityDescriptorToAccessNamedA
SetServiceBits
CryptSetProviderW
CryptGenKey
SetThreadToken
RegOpenKeyExA
DeregisterEventSource
RegFlushKey
GetAccessPermissionsForObjectA
RegSetValueExW

shlwapi

wnsprintfA
UrlCompareW
PathMatchSpecW
SHOpenRegStream2W
StrTrimA
SHSetValueW
PathGetDriveNumberW
SHEnumValueW
wvnsprintfW
wvnsprintfA
SHStrDupA
StrFromTimeIntervalW
PathUndecorateW
PathCommonPrefixA
PathCombineA
PathCanonicalizeW
SHQueryInfoKeyA
PathRelativePathToA
UrlGetLocationW
StrStrW
SHRegGetUSValueA
PathFileExistsA
SHDeleteEmptyKeyW
PathRemoveBackslashW
SHRegOpenUSKeyW
StrRStrIW
SHGetInverseCMAP
PathCreateFromUrlW
StrStrA
SHRegEnumUSValueW
StrRetToStrA
PathIsLFNFileSpecW
PathCompactPathW
PathIsURLA
StrCSpnW
PathStripPathA
StrCpyNW
UrlApplySchemeA
StrCatBuffW
PathIsDirectoryA
PathMatchSpecA
IntlStrEqWorkerA
PathRemoveBackslashA
StrRStrIA
PathFindOnPathW
PathIsSameRootW
ColorAdjustLuma
StrStrIA
UrlCombineA
SHQueryValueExA
PathRemoveArgsW
SHRegDeleteUSValueW
PathAppendA
SHOpenRegStream2A
PathFindExtensionW
GetMenuPosFromID
PathRenameExtensionW
PathIsURLW
SHDeleteKeyA
PathRemoveBlanksW
SHRegWriteUSValueW
PathAddBackslashA
AssocQueryStringA
SHSetThreadRef
UrlUnescapeA

Sections

.text
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e8a8e1f8c7521574f901aef5d9efa12f

Headers

DLL Characteristics

File Characteristics

Imports

ole32

user32

kernel32

advapi32

shlwapi

Sections

.text Size: 70KB - Virtual size: 69KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 4KB

.text
Size: 70KB - Virtual size: 69KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 4KB