ef3ce823026400c7d0890509437d36b0c4aa8b3357d4b764da25a6ab94d6fc2a

Sharing

Copy URL Twitter E-mail

General

Target

ef3ce823026400c7d0890509437d36b0c4aa8b3357d4b764da25a6ab94d6fc2a
Size

1.3MB
MD5

6734646d5d9abb7d11f8055e1b41b9f9
SHA1

bbdf93f19731289471f74f1e4b8f2f3d4d8c3f6a
SHA256

ef3ce823026400c7d0890509437d36b0c4aa8b3357d4b764da25a6ab94d6fc2a
SHA512

17f2d7ff1b132c2451dbd5766f580584d36b8f638cd5a2863b8a2933c38bbb8874671915090772b41d8409c49403d73c297a2eab37ce3e71f7fafa84bdaaabc2
SSDEEP

24576:pntRinTSMAR1+zGSJvrrgcoIie078f/B9F+6cDi7zMdq4ZZF:A7B/yITg8nPMJqzMdq

Score

N/A

Malware Config

Signatures

Files

ef3ce823026400c7d0890509437d36b0c4aa8b3357d4b764da25a6ab94d6fc2a
.exe windows x86

341ce03f7d388e7055fe5f1972459e45

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17
ImageList_Create
ImageList_Add

setupapi

SetupDiOpenClassRegKey
SetupOpenInfFileA
SetupInstallFromInfSectionA
SetupCloseInfFile

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

GetVolumeNameForVolumeMountPointA
SystemTimeToFileTime
GetSystemTime
VirtualLock
CopyFileA
GetTempPathA
GetDriveTypeA
GetShortPathNameA
GetVolumeInformationA
GetVolumePathNameA
FindNextVolumeW
QueryDosDeviceW
FindFirstVolumeW
WriteFile
LocalFree
VirtualUnlock
DefineDosDeviceA
GetCurrentProcessId
FormatMessageW
VirtualQuery
ReleaseMutex
OpenMutexA
GetVolumeInformationW
QueryPerformanceCounter
QueryPerformanceFrequency
FlushFileBuffers
GetFileSize
GetCurrentProcess
GetModuleHandleA
GetVersionExA
GetCurrentDirectoryA
LockResource
SizeofResource
LoadResource
FindResourceA
GetFileAttributesA
SetFilePointer
GetModuleFileNameW
SetCurrentDirectoryA
GetDiskFreeSpaceA
UnhandledExceptionFilter
GetFileInformationByHandle
GetCurrentThread
SetUnhandledExceptionFilter
SetErrorMode
InterlockedExchangeAdd
InterlockedExchange
SetEvent
ResetEvent
CreateEventA
GetFileAttributesExA
FindNextFileW
CreateFileW
FindFirstFileW
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteVolumeMountPointA
GetProcessWorkingSetSize
GetProcessTimes
GetThreadTimes
GlobalMemoryStatus
GetProcessHeap
InitializeCriticalSection
GetStringTypeA
GetLocaleInfoA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
PeekNamedPipe
GetFullPathNameA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetHandleCount
IsValidCodePage
GetOEMCP
GetACP
InitializeCriticalSectionAndSpinCount
HeapSize
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStdHandle
GetStringTypeW
GetCPInfo
LCMapStringW
LCMapStringA
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateThread
ResumeThread
ExitThread
GetFileType
SetStdHandle
GetSystemTimeAsFileTime
GetFileAttributesW
GetConsoleMode
GetConsoleCP
HeapAlloc
ExitProcess
GetModuleHandleW
HeapFree
RtlUnwind
RaiseException
IsDebuggerPresent
TerminateProcess
InterlockedCompareExchange
SetVolumeMountPointA
GetWindowsDirectoryA
WaitForSingleObject
GetExitCodeProcess
CreatePipe
SetHandleInformation
GetSystemInfo
FindFirstFileA
LoadLibraryA
GetProcAddress
FreeLibrary
FindNextFileA
FindClose
SetFilePointerEx
CreateFileA
GetFileSizeEx
GetFileTime
SetEnvironmentVariableA
ReadFile
SetFileTime
SetLastError
GetLogicalDrives
MoveFileA
GetCommandLineA
GetCommandLineW
GetTickCount
CreateMutexA
Sleep
GetSystemDirectoryA
CreateDirectoryA
GetModuleFileNameA
CreateProcessA
CloseHandle
SetProcessShutdownParameters
GetCurrentThreadId
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
InterlockedIncrement
GetLastError
InterlockedDecrement
DeviceIoControl
FindFirstVolumeA
QueryDosDeviceA
FindNextVolumeA
FindVolumeClose
DeleteFileA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoW
SetEndOfFile
GetTimeZoneInformation
CompareStringA
CompareStringW
GetStartupInfoA

user32

GetKeyState
EnumChildWindows
GetDlgCtrlID
GetClassNameA
LoadCursorA
SetCursor
DefDlgProcA
UnregisterClassA
LoadIconA
RegisterClassA
GetUpdateRect
BeginPaint
DefWindowProcA
GetDialogBaseUnits
EndPaint
PeekMessageA
DestroyWindow
GetWindowTextW
GetSystemMetrics
GetWindowInfo
ReleaseDC
MessageBoxA
GetActiveWindow
GetMessagePos
EnumWindows
RegisterWindowMessageA
IsWindowEnabled
SystemParametersInfoA
DrawMenuBar
PostMessageA
GetCursorPos
MessageBeep
SetMenuItemInfoW
GetSubMenu
LoadBitmapA
FlashWindowEx
GetDlgItemInt
SetLayeredWindowAttributes
CreateWindowExA
RegisterClassExA
TrackMouseEvent
GetSystemMenu
SystemParametersInfoW
SendMessageTimeoutA
wsprintfA
DrawTextA
GetClassInfoA
UnhookWindowsHookEx
CallNextHookEx
GetCaretPos
GetMessageTime
GetQueueStatus
GetProcessWindowStation
GetOpenClipboardWindow
SetWindowsHookExA
GetCapture
GetClipboardOwner
EnableWindow
GetDlgItem
CheckDlgButton
GetClipboardViewer
GetDesktopWindow
GetFocus
GetInputState
MoveWindow
CreatePopupMenu
TrackPopupMenu
DestroyMenu
SetDlgItemInt
GetMenu
EnableMenuItem
SetWindowLongA
GetWindowLongA
CallWindowProcA
GetWindowRect
SetForegroundWindow
LoadImageA
DestroyIcon
GetDlgItemTextA
SetDlgItemTextA
SendDlgItemMessageA
SetFocus
SendDlgItemMessageW
GetKeyboardLayout
LoadKeyboardLayoutA
MessageBoxW
GetWindowTextA
SetWindowTextA
GetWindowTextLengthA
GetMessageA
TranslateMessage
DispatchMessageA
PostThreadMessageA
GetParent
SetTimer
GetWindowTextLengthW
KillTimer
GetAsyncKeyState
RegisterHotKey
UnregisterHotKey
wsprintfW
DialogBoxParamW
ShowWindow
SetWindowTextW
GetClientRect
SetWindowPos
InvalidateRect
SendMessageW
EndDialog
SendMessageA
DeleteMenu
AppendMenuA
AppendMenuW
GetDlgItemTextW
IsDlgButtonChecked
SetDlgItemTextW
GetDC

gdi32

MoveToEx
LineTo
GetCurrentObject
GetObjectA
CreateCompatibleBitmap
SetStretchBltMode
CreatePen
DeleteDC
BitBlt
CreateCompatibleDC
SetMapMode
GetDeviceCaps
SelectObject
GetTextExtentPoint32W
GetTextMetricsA
GetStockObject
CreateFontIndirectW
StretchBlt
DeleteObject

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

RegisterEventSourceA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
RegEnumKeyExA
GetTokenInformation
IsWellKnownSid
QueryServiceStatus
ControlService
StartServiceA
OpenProcessToken
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
ChangeServiceConfigA
OpenSCManagerA
CreateServiceA
ChangeServiceConfig2A
OpenServiceA
DeleteService
RegCloseKey
SetServiceStatus
DeregisterEventSource
ReportEventA
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
CloseServiceHandle

shell32

ShellExecuteW
SHGetFileInfoA
SHGetMalloc
SHBrowseForFolderW
SHGetPathFromIDListA
CommandLineToArgvW
SHGetSpecialFolderPathA
ShellExecuteA
SHChangeNotify
SHGetFolderPathA
DragAcceptFiles
DragQueryFileA
DragFinish
Shell_NotifyIconA
Shell_NotifyIconW
ord680

ole32

CoCreateInstance
CoGetObject
CoInitialize
CoUninitialize
CoRegisterClassObject
CoRevokeClassObject
StringFromGUID2

oleaut32

SysAllocStringByteLen
SysStringByteLen
SysAllocStringLen
SysFreeString

Sections

.text
Size: 576KB - Virtual size: 576KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 210KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 616KB - Virtual size: 616KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

341ce03f7d388e7055fe5f1972459e45

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

setupapi

version

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 576KB - Virtual size: 576KB

.rdata Size: 140KB - Virtual size: 139KB

.data Size: 19KB - Virtual size: 210KB

.rsrc Size: 616KB - Virtual size: 616KB

.text
Size: 576KB - Virtual size: 576KB

.rdata
Size: 140KB - Virtual size: 139KB

.data
Size: 19KB - Virtual size: 210KB

.rsrc
Size: 616KB - Virtual size: 616KB