d17629b16c48bc4b44097b34ff8643f719d1b792ba60eb23d711c91a516b3813

Sharing

Copy URL Twitter E-mail

General

Target

d17629b16c48bc4b44097b34ff8643f719d1b792ba60eb23d711c91a516b3813
Size

1.2MB
MD5

8555eef3286be9148b65f804d5654976
SHA1

a3154802fa1c0a51e9e5ba8e367f1198d82dcc54
SHA256

d17629b16c48bc4b44097b34ff8643f719d1b792ba60eb23d711c91a516b3813
SHA512

80f6aba5e24228ef40902e9fff41a56a01b09f352db11ab956d0d383c4d46477a16d7d9417d13e6492e6b4596fb90cb2be97e87a5e244a0c6cae19ffbc28ec5b
SSDEEP

24576:zuX21pMF9wXlY0F+0kJhLqPx1HTdZ+ikeWt:zuQ+wX1FMJxcx1HTdIpe2

Score

N/A

Malware Config

Signatures

Files

d17629b16c48bc4b44097b34ff8643f719d1b792ba60eb23d711c91a516b3813
.exe windows x86

0a961a03ad2b9f64e4e26bf8d5d86eb7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ContinueDebugEvent
SystemTimeToFileTime
GetCPInfoExW
GetFileAttributesExA
GetCommandLineA
ResetWriteWatch
GetConsoleAliasesA
SetThreadPriority
SetConsoleCtrlHandler
GetCompressedFileSizeA
GetPrivateProfileSectionW
DosDateTimeToFileTime
GetCPInfoExA
GetStringTypeExW
CopyFileA
GetLogicalDrives
OpenFileMappingW
WaitForSingleObjectEx
GetProcessWorkingSetSize
SetConsoleDisplayMode
GetTapeStatus
GetQueuedCompletionStatus
DeviceIoControl
GetCurrentDirectoryA
SetConsoleCP
lstrcatA
DeleteVolumeMountPointA
GetEnvironmentVariableA
CreateWaitableTimerA
GetNumberFormatW
IsProcessorFeaturePresent
FindFirstVolumeA
MoveFileA
GetTempPathW
GetProcessTimes
MoveFileW
GetDateFormatW
FindVolumeMountPointClose
GetProfileSectionW
SystemTimeToTzSpecificLocalTime
LoadResource
GetComputerNameW
GetSystemTime
GetLongPathNameW
GetConsoleAliasesW
OpenMutexW
CreateNamedPipeA
GetSystemDefaultLangID
FindNextFileW
CreateJobObjectA
GetConsoleScreenBufferInfo
GetVersion
SetTapeParameters
GetVolumePathNameW
EnumCalendarInfoA
FormatMessageW
GetFullPathNameA
CreateSemaphoreA
GetProfileIntA
GetConsoleAliasExesA
GetFileSizeEx
RegisterWaitForSingleObject
GetConsoleAliasW
CopyFileExW
Module32First
SetThreadAffinityMask
GetOverlappedResult
SetThreadIdealProcessor
IsSystemResumeAutomatic
GetLocaleInfoW
DeleteTimerQueueEx
GetDiskFreeSpaceW
SetThreadContext
CreateTimerQueue
GetEnvironmentVariableW
DisconnectNamedPipe
LCMapStringA
UnregisterWait
GetPrivateProfileStructW
CancelIo
Module32NextW
FindResourceExW
GetOEMCP
CreateMailslotW
GetExitCodeThread
GetSystemWindowsDirectoryW
GetAtomNameW
GetPrivateProfileIntW
GetUserDefaultLangID
GetEnvironmentStrings
PostQueuedCompletionStatus
GetComputerNameExW
GetTimeFormatW
GetDevicePowerState
GetFileAttributesExW
CreateSemaphoreW
OpenProcess
MoveFileWithProgressA
SetConsoleTextAttribute
FindVolumeClose
CreateJobObjectW
ReplaceFileA
OpenSemaphoreW
MapViewOfFile
GetVolumePathNameA
IsDBCSLeadByteEx
CreateHardLinkW
ProcessIdToSessionId
FindNextChangeNotification
CreateNamedPipeW
SetEvent
SetFileAttributesA
GetStringTypeA
GetProcessPriorityBoost
SetProcessAffinityMask
CreateMutexA
ReadProcessMemory
MapUserPhysicalPages
FindFirstVolumeMountPointA
GetCurrentThread
OpenWaitableTimerW
GetThreadContext
GetDateFormatA
GetFullPathNameW
FormatMessageA
SetCalendarInfoW
GlobalMemoryStatus
VerSetConditionMask
SetConsoleMode
GetCommandLineW
CreateEventW
GetProcessIoCounters
GetTimeFormatA
GetCompressedFileSizeW
GetDiskFreeSpaceA
VirtualAlloc
DeleteAtom
GetFileInformationByHandle
MultiByteToWideChar
HeapReAlloc
HeapAlloc
HeapSize
RtlUnwind
IsValidCodePage
GetACP
GetCPInfo
Sleep
HeapFree
GetStringTypeW
GetCurrentProcess
TerminateProcess
IsDebuggerPresent
UnhandledExceptionFilter
LoadLibraryW
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapCreate
InterlockedDecrement
GetLastError
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
DeleteCriticalSection
GetStartupInfoW
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
GetStdHandle
WriteFile
GetShortPathNameA
CreateWaitableTimerW
lstrcpyA
GetCurrentConsoleFont
WritePrivateProfileStringW
CreateMailslotA
FlushViewOfFile
FlushConsoleInputBuffer
CreateFileMappingA
EnumCalendarInfoW
FindAtomA
GetStringTypeExA
SetThreadExecutionState
CreateToolhelp32Snapshot
GetConsoleOutputCP
ChangeTimerQueueTimer
MulDiv
lstrcpynA
SetWaitableTimer
EnumCalendarInfoExW
GlobalUnlock
SearchPathA
GetVolumeNameForVolumeMountPointA
SetThreadLocale
GetHandleInformation
SetErrorMode
InitializeCriticalSectionAndSpinCount
GetFileTime
OpenWaitableTimerA
SetPriorityClass
OpenFileMappingA
GlobalReAlloc
SetHandleInformation
FlushFileBuffers
DuplicateHandle
SetInformationJobObject
SetMailslotInfo
FlushInstructionCache
SetLocaleInfoA
SetComputerNameExW
SetFileAttributesW
GetThreadPriority
GetProfileIntW
FoldStringW
MapUserPhysicalPagesScatter
CreateFileMappingW
GetVolumeInformationW
CompareStringA
OpenThread
GetCalendarInfoA
GetConsoleWindow
GetDiskFreeSpaceExW
AddAtomW
FreeConsole
ReleaseMutex
LCMapStringW
AddAtomA
GetVolumeInformationA
GetUserDefaultUILanguage
FreeUserPhysicalPages
OpenJobObjectW
CreateHardLinkA
AssignProcessToJobObject
SearchPathW
SetLocaleInfoW
DecodePointer
ExitProcess
GetModuleHandleW
GetProcAddress
SetUnhandledExceptionFilter
HeapSetInformation

user32

RegisterClassExA
GetScrollPos
GetMenu
SendInput
RegisterDeviceNotificationW
DrawTextW
LoadMenuW
TranslateAcceleratorW
CharUpperBuffW
GetWindowLongA
SetWindowTextA
ShowWindow
SendMessageA
GetSubMenu
GetForegroundWindow
GetKeyboardLayout
EnumChildWindows
RedrawWindow
GetSysColorBrush
FindWindowExW
TrackPopupMenuEx
AdjustWindowRect
RemovePropA
SetPropA
CreateWindowExW
PeekMessageA
GetMessagePos
SetWindowRgn
CreatePopupMenu
DeferWindowPos
DestroyMenu
GetWindowTextW
IsWindowUnicode
CharNextW
GetSystemMetrics
SetWindowsHookExW
wvsprintfW
SendMessageW
WinHelpW
IsZoomed
PeekMessageW
EnumDisplayDevicesW
GetMessageTime
GetWindowTextLengthA
GetAltTabInfoA
WaitForInputIdle
EnableWindow

comctl32

InitCommonControlsEx
ImageList_DrawEx
FlatSB_SetScrollPos
ImageList_Remove
ImageList_SetDragCursorImage
ImageList_LoadImageW
ImageList_SetBkColor
_TrackMouseEvent
CreateStatusWindowW
ImageList_Destroy
ImageList_SetImageCount
PropertySheetW
CreatePropertySheetPageW
ImageList_DrawIndirect
ord17
ImageList_GetDragImage
ImageList_GetBkColor
ImageList_DragShowNolock
InitializeFlatSB
DestroyPropertySheetPage
FlatSB_GetScrollInfo
ImageList_SetIconSize
ImageList_GetImageCount
PropertySheetA
ImageList_EndDrag
ImageList_GetIcon
ImageList_Copy
ImageList_Write
ImageList_Draw
ImageList_ReplaceIcon
ImageList_Read
ImageList_AddMasked
FlatSB_GetScrollPos
ImageList_Create
ImageList_GetImageInfo

advapi32

GetKernelObjectSecurity
SetKernelObjectSecurity
RegCreateKeyExW
RegCreateKeyExA
GetSidIdentifierAuthority
AddAccessDeniedAce
RegQueryMultipleValuesA
InitializeAcl
AreAnyAccessesGranted
GetSidSubAuthority
RegQueryMultipleValuesW
AddAccessAllowedAce
RegSetValueW
GetTokenInformation
GetCurrentHwProfileW
RegSetKeySecurity
GetCurrentHwProfileA
SetTokenInformation
RegSetValueExW
RegSetValueA
GetSidLengthRequired
AddAuditAccessAce
AreAllAccessesGranted
GetSidSubAuthorityCount
InitializeSecurityDescriptor
RegNotifyChangeKeyValue
RegQueryValueExA
RegSetValueExA

ole32

CoSetProxyBlanket
CoTaskMemRealloc
CoDisconnectObject
CLIPFORMAT_UserMarshal
CoInitializeSecurity
CoGetInterfaceAndReleaseStream
CoGetStandardMarshal
CoQueryProxyBlanket
OleQueryCreateFromData
CoIsOle1Class
CLIPFORMAT_UserSize
StgCreateDocfileOnILockBytes
StgOpenStorageEx
HGLOBAL_UserUnmarshal
CoAllowSetForegroundWindow
CoRegisterSurrogate
CoInstall
CreatePointerMoniker
CoTreatAsClass
CoUnmarshalInterface
OleGetIconOfFile
OleFlushClipboard
RegisterDragDrop
OleDestroyMenuDescriptor
GetClassFile
OleRun
StgCreatePropStg
StgCreateDocfile
OleCreateStaticFromData
OleTranslateAccelerator
WriteFmtUserTypeStg
OleNoteObjectVisible
CoCreateGuid
HWND_UserUnmarshal
ProgIDFromCLSID
OleLockRunning
CreateILockBytesOnHGlobal
CoGetCallContext
CLIPFORMAT_UserUnmarshal
HMENU_UserFree
OleSetMenuDescriptor
CoFreeUnusedLibraries
CreateBindCtx
DoDragDrop
OleCreate
STGMEDIUM_UserMarshal
CoCreateInstance
OleLoad
OleConvertIStorageToOLESTREAM
CLSIDFromProgID
OleRegGetMiscStatus
OleDuplicateData
OleRegEnumVerbs
HGLOBAL_UserSize

oleaut32

CreateErrorInfo

Sections

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1.1MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0a961a03ad2b9f64e4e26bf8d5d86eb7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

comctl32

advapi32

ole32

oleaut32

Sections

.rdata Size: 18KB - Virtual size: 17KB

.data Size: 1.1MB - Virtual size: 1.3MB

.rsrc Size: 46KB - Virtual size: 45KB

.rdata
Size: 18KB - Virtual size: 17KB

.data
Size: 1.1MB - Virtual size: 1.3MB

.rsrc
Size: 46KB - Virtual size: 45KB