91e6a96394b2b7ffdaa9b8e31add97dafd455b7ca159996368ee661a301a46f2

Sharing

Copy URL Twitter E-mail

General

Target

91e6a96394b2b7ffdaa9b8e31add97dafd455b7ca159996368ee661a301a46f2
Size

723KB
MD5

171472a6978186e1e671412d07043640
SHA1

37184b39e517805e938cdddc805d05dc2b2a6843
SHA256

91e6a96394b2b7ffdaa9b8e31add97dafd455b7ca159996368ee661a301a46f2
SHA512

3c1abd24a6d91a67968c80a40692a9e2888e3301c447193aba6b35b974d33a6fd30598e05e543c44a79f499e22772ef9977707c3f5c9c3f96e6f4ba88fad6a6d
SSDEEP

12288:WWZyXF7HTjeDIs0AJt0d4t+ah2yJnp+kvLrFrzUzzSr:j8NXeDN0AQd4t+ahxf+S9rzUzzm

Score

N/A

Malware Config

Signatures

Files

91e6a96394b2b7ffdaa9b8e31add97dafd455b7ca159996368ee661a301a46f2
.exe windows x86

4368626798dae2fcf998a100d73b0376

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToLocalFileTime
GetThreadLocale
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetVolumeInformationA
GetFullPathNameA
GlobalFlags
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
InterlockedIncrement
GetCPInfo
GetOEMCP
GetModuleHandleW
WritePrivateProfileStringA
GetFileAttributesA
GetFileTime
SetErrorMode
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitProcess
GetSystemTimeAsFileTime
ExitThread
HeapAlloc
GetCommandLineA
GetStartupInfoA
RtlUnwind
RaiseException
HeapReAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapSize
SetStdHandle
HeapCreate
VirtualFree
SetHandleCount
GetStdHandle
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
GetACP
IsValidCodePage
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetDriveTypeA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetLocaleInfoW
CompareStringW
SetEnvironmentVariableA
InterlockedDecrement
GetModuleFileNameW
GetCurrentProcessId
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
LoadLibraryExA
InterlockedExchange
lstrcmpA
GlobalAlloc
FormatMessageA
MulDiv
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
lstrcmpW
lstrlenA
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
FindClose
FindNextFileA
FindFirstFileA
FileTimeToSystemTime
SetFileTime
WriteFile
DosDateTimeToFileTime
GetCurrentDirectoryA
SystemTimeToFileTime
ReadFile
SetFilePointer
GetFileType
DuplicateHandle
FreeLibrary
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
Process32Next
TerminateProcess
Process32First
CreateToolhelp32Snapshot
GetSystemDirectoryA
OpenProcess
GetFileSize
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
MultiByteToWideChar
GetVersionExA
CreateDirectoryA
ExpandEnvironmentStringsA
GetExitCodeThread
WaitForSingleObject
GetTickCount
GetWindowsDirectoryA
Sleep
MoveFileExA
CopyFileA
SetFileAttributesA
GetFileSizeEx
CreateFileA
DeleteFileA
TerminateThread
CreateThread
CreateEventA
GetProcAddress
GetModuleHandleA
LoadLibraryA
SetLastError
FindResourceA
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
GetTempPathA
CreateMutexA
GetModuleFileNameA
LocalFree
LocalAlloc
CloseHandle
GetCurrentProcess
GetLastError
GetProcessHeap
HeapFree

advapi32

RegCloseKey
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
AllocateAndInitializeSid
RegDeleteKeyA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
FreeSid
CheckTokenMembership

comctl32

ord17

comdlg32

GetFileTitleA

gdi32

GetStockObject
DeleteDC
GetMapMode
SetViewportOrgEx
GetBkColor
GetTextColor
GetRgnBox
ExtSelectClipRgn
SelectObject
Escape
ExtTextOutA
TextOutA
ScaleWindowExtEx
SetWindowExtEx
RestoreDC
SaveDC
GetDeviceCaps
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
ScaleViewportExtEx
SetViewportExtEx
CreateRectRgnIndirect
CreatePen
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject
MoveToEx
LineTo
SetMapMode
OffsetViewportOrgEx

ole32

CLSIDFromString
CoRevokeClassObject
CoInitializeEx
CoInitialize
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard

oleacc

CreateStdAccessibleObject
LresultFromObject

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
SysAllocStringByteLen
VariantInit
VariantChangeType
VariantClear
SysFreeString
SysStringLen
SysAllocString
OleCreateFontIndirect
SysAllocStringLen
GetErrorInfo

oledlg

ord8

shell32

SHGetSpecialFolderPathA
SHGetFolderPathA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteExA

shlwapi

PathFindFileNameA
PathFindExtensionA
PathStripToRootA
PathIsUNCA
PathCombineA

user32

PostThreadMessageA
CopyAcceleratorTableA
CharNextA
ReleaseCapture
SetCapture
LoadCursorA
GetSysColorBrush
DestroyMenu
CharUpperA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
SetCursor
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
SetWindowContextHelpId
MapDialogRect
SetTimer
KillTimer
WaitMessage
PostQuitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
SetMenu
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetSubMenu
GetMenuItemID
GetMenuItemCount
MessageBoxA
CreateWindowExA
GetClassInfoExA
RegisterClassA
GetSysColor
AdjustWindowRectEx
EqualRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
RegisterClipboardFormatA
GetWindowRect
GetWindow
UnregisterClassA
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
InvalidateRect
SetRect
SendDlgItemMessageA
IsRectEmpty
ReleaseDC
GetDC
CopyRect
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
GetWindowTextA
GetWindowThreadProcessId
EndDialog
FindWindowA
PostMessageA
DrawIcon
GetSystemMetrics
IsIconic
LoadBitmapA
LoadIconA
GetClassInfoA
SendMessageA
GetClientRect
EnableWindow

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

wininet

InternetReadFile
InternetConnectA
InternetCloseHandle
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetOpenUrlA
InternetSetOptionA
InternetOpenA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

wsock32

recv
send
WSAAsyncSelect
recvfrom
sendto
connect
WSASetLastError
WSAGetLastError
select
accept
closesocket
WSACleanup
WSAStartup

Sections

.text
Size: 338KB - Virtual size: 338KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 261KB - Virtual size: 262KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4368626798dae2fcf998a100d73b0376

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

comctl32

comdlg32

gdi32

ole32

oleacc

oleaut32

oledlg

shell32

shlwapi

user32

version

wininet

winspool.drv

wsock32

Sections

.text Size: 338KB - Virtual size: 338KB

.rdata Size: 101KB - Virtual size: 101KB

.data Size: 14KB - Virtual size: 46KB

.rsrc Size: 261KB - Virtual size: 262KB

.text
Size: 338KB - Virtual size: 338KB

.rdata
Size: 101KB - Virtual size: 101KB

.data
Size: 14KB - Virtual size: 46KB

.rsrc
Size: 261KB - Virtual size: 262KB