d8e0653a178c3b450d9864ff66336f556ddc2d1f79d98a7495754a72f1624796

Sharing

Copy URL

Twitter E-mail

General

Target

d8e0653a178c3b450d9864ff66336f556ddc2d1f79d98a7495754a72f1624796
Size

564KB
MD5

f5a25cf14aedba62fd70c01dace67fe9
SHA1

f23a9cf506cfdae2272e6e739fae17ff4e2e6026
SHA256

d8e0653a178c3b450d9864ff66336f556ddc2d1f79d98a7495754a72f1624796
SHA512

6dee9a5c4be651844b979346b7e6fff09b5f7b8ceb31b2f44219a9c2d51d52c536fc102a8571ec910eb99f50e6fd976a5b7a05a4897c42277bedd0b86764adbc
SSDEEP

6144:HD/iYvgoUPQIJqx7PAyY8FVqYQ8EcG2DwqnPQEGLlZBwI:mIgoiQIJqpPNYwVquEFqnPbGZWI

Score

N/A

Malware Config

Signatures

Files

d8e0653a178c3b450d9864ff66336f556ddc2d1f79d98a7495754a72f1624796
.exe windows x86

0d6714ffb9e55d680e8d10c257d66892

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

ioctlsocket
socket
closesocket
inet_addr
send
recv
select
WSAGetLastError
WSAStartup
WSACleanup
htonl
ntohs
connect
htons

msi

ord88
ord141
ord94
ord8

setupapi

SetupDiSetDeviceRegistryPropertyW
SetupDiSetClassInstallParamsW
SetupDiChangeState
CM_Locate_DevNodeW
CM_Reenumerate_DevNode
SetupGetIntField
SetupFindNextLine
SetupFindFirstLineW
SetupDiDestroyDeviceInfoList
SetupGetStringFieldW
SetupGetLineCountW
SetupCopyOEMInfW
SetupOpenInfFileW
SetupGetLineTextW
SetupCloseInfFile
SetupDiEnumDeviceInterfaces
SetupDiEnumDeviceInfo
SetupDiGetClassDevsW
SetupDiGetDeviceRegistryPropertyW
SetupGetFieldCount
SetupDiGetDeviceInstanceIdW
SetupDiGetDeviceInterfaceDetailW

rpcrt4

RpcStringFreeW
UuidToStringW

winspool.drv

AddMonitorW
DocumentPropertiesW
AddPrintProcessorW
AddPrinterDriverExW
AddPrinterW
ord204
EnumPrintProcessorsW
OpenPrinterW
SetPrinterDataW
ClosePrinter
GetPrintProcessorDirectoryW
EnumPrintersW
GetPrinterDriverDirectoryW

kernel32

FormatMessageW
GlobalAlloc
lstrcpyW
MulDiv
InterlockedDecrement
MoveFileW
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetVolumeInformationW
GetFullPathNameW
GetModuleFileNameW
GetLocaleInfoW
EnumResourceLanguagesW
GetVersion
ConvertDefaultLocale
RaiseException
InitializeCriticalSection
DeleteCriticalSection
GlobalFlags
LocalAlloc
LeaveCriticalSection
GlobalReAlloc
GlobalHandle
EnterCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
InterlockedIncrement
FileTimeToSystemTime
SystemTimeToFileTime
FileTimeToLocalFileTime
LocalFileTimeToFileTime
SetFileTime
GetFileTime
SetErrorMode
WritePrivateProfileStringW
GetStartupInfoW
RtlUnwind
ExitProcess
TerminateProcess
GetSystemTimeAsFileTime
HeapReAlloc
SetStdHandle
LocalFree
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
IsBadWritePtr
LCMapStringA
LCMapStringW
GetTimeZoneInformation
QueryPerformanceCounter
GetCurrentProcessId
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
CreateProcessA
GetFileAttributesA
CompareStringA
CompareStringW
SetEnvironmentVariableA
lstrcpynW
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
lstrlenA
GetModuleHandleA
LoadLibraryA
lstrlenW
lstrcatW
lstrcmpW
SizeofResource
LockResource
LoadResource
FindResourceW
DeleteFileW
SetFileAttributesW
GetModuleHandleW
GetVersionExA
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
lstrcmpiW
GetComputerNameW
SetCurrentDirectoryW
GetSystemDefaultLangID
GetUserDefaultLangID
GetCurrentThread
GetProcessHeap
HeapAlloc
HeapFree
RemoveDirectoryW
LoadLibraryExW
FreeLibrary
ConnectNamedPipe
CreateNamedPipeW
GetEnvironmentVariableW
WideCharToMultiByte
GetTickCount
SetLastError
GetFileSize
ReadFile
CloseHandle
WriteFile
GetOverlappedResult
CreateFileW
CreateEventW
CreateThread
SetEvent
MultiByteToWideChar
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetExitCodeProcess
WaitForSingleObject
GetLastError
CreateProcessW
GetSystemDirectoryW
GetCurrentDirectoryW
Sleep
FindClose
FindNextFileW
LoadLibraryW
GetProcAddress
GetCurrentProcess
GetPrivateProfileStringW
MoveFileExW
GetWindowsDirectoryW
CopyFileW
CreateDirectoryW
FindFirstFileW
GetFileAttributesW
GetFileType

user32

InvalidateRect
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatW
PostThreadMessageW
CopyAcceleratorTableW
SetRect
IsRectEmpty
CharNextW
ReleaseCapture
SetCapture
DestroyMenu
GetSysColorBrush
SetWindowContextHelpId
MapDialogRect
GetMessageW
TranslateMessage
GetCursorPos
ValidateRect
PostQuitMessage
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
CharUpperW
ReleaseDC
GetDC
wsprintfW
SetMenuItemBitmaps
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapW
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
CheckRadioButton
RegisterWindowMessageW
WinHelpW
GetCapture
CreateWindowExW
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SendDlgItemMessageW
SendDlgItemMessageA
GetFocus
SetFocus
IsChild
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
MessageBoxW
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetClientRect
GetMenu
PostMessageW
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetSysColor
AdjustWindowRectEx
EqualRect
GetClassInfoW
RegisterClassW
UnregisterClassW
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowLongW
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
CopyRect
PtInRect
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
GetSystemMetrics
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetWindowLongW
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
KillTimer
SetTimer
SetCursor
LoadCursorW
LoadIconW
LoadStringW
SendMessageW
EnableWindow
GetClassInfoExW

gdi32

SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
GetStockObject
ScaleViewportExtEx
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject
SetMapMode
RestoreDC
SaveDC
CreateRectRgnIndirect
GetDeviceCaps
CreateBitmap
GetObjectW
SetBkColor
SetTextColor
GetClipBox
CreateFontW

comdlg32

GetFileTitleW

advapi32

RegDeleteKeyW
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyW
RegEnumKeyExW
QueryServiceStatus
StartServiceW
OpenServiceW
CloseServiceHandle
OpenSCManagerW
RegCreateKeyExW
RegQueryValueW
RegEnumKeyW
RegOpenKeyW
OpenThreadToken
GetTokenInformation
EqualSid
RegEnumValueW
RegDeleteValueW
RegCloseKey
AllocateAndInitializeSid
GetLengthSid
InitializeAcl
AddAccessAllowedAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegSetKeySecurity
FreeSid
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
InitiateSystemShutdownW
ControlService

shell32

ShellExecuteW

comctl32

ord17

shlwapi

PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathFindFileNameW
PathAppendW
SHDeleteKeyW

oledlg

OleUIBusyW

ole32

OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CLSIDFromString
CLSIDFromProgID
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoGetClassObject
CoTaskMemAlloc
CoTaskMemFree
CoInitialize
CoCreateInstance
CoCreateGuid

oleaut32

SysAllocStringLen
OleCreateFontIndirect
SysAllocString
SystemTimeToVariantTime
VariantChangeType
VariantInit
SysFreeString
SysStringLen
VariantCopy
SafeArrayDestroy
VariantClear

Sections

.text
Size: 272KB - Virtual size: 272KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 260KB - Virtual size: 288KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

allbwjd
Size: 188KB - Virtual size: 80KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0d6714ffb9e55d680e8d10c257d66892

Headers

File Characteristics

Imports

ws2_32

msi

setupapi

rpcrt4

winspool.drv

kernel32

user32

gdi32

comdlg32

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 272KB - Virtual size: 272KB

.rdata Size: 84KB - Virtual size: 82KB

.data Size: 16KB - Virtual size: 49KB

.rsrc Size: 260KB - Virtual size: 288KB

allbwjd Size: 188KB - Virtual size: 80KB

.text
Size: 272KB - Virtual size: 272KB

.rdata
Size: 84KB - Virtual size: 82KB

.data
Size: 16KB - Virtual size: 49KB

.rsrc
Size: 260KB - Virtual size: 288KB

allbwjd
Size: 188KB - Virtual size: 80KB