7f7e19b169a03b77da71ae3715d2f1caba503dc5e03608552ac880b481f14948

Sharing

Copy URL Twitter E-mail

General

Target

7f7e19b169a03b77da71ae3715d2f1caba503dc5e03608552ac880b481f14948
Size

315KB
MD5

26c2940cd2dd5e479e71e62a344bae50
SHA1

e893a50f7c5541362819166bdbe22dfd226588cf
SHA256

7f7e19b169a03b77da71ae3715d2f1caba503dc5e03608552ac880b481f14948
SHA512

2926b798f574125ed37a70eabd771c2f1d82b57fd92bf5edee0a2882419ca1ed8745f1e655a95d41d245d634f3320a667450b40172a21de4778d66216e43b28d
SSDEEP

6144:fhNwcXcmQKhe2rjin48pSNHPKBG/xZ+QbAqHqQPdY8gYFcXX2gP4dl/6:fhJXPnq+z1ZqQJgTXX2gAdlC

Score

N/A

Malware Config

Signatures

Files

7f7e19b169a03b77da71ae3715d2f1caba503dc5e03608552ac880b481f14948
.exe windows x86

bc404441115deeee62a12f480e338ab8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

userenv

UnloadUserProfile

shlwapi

PathFileExistsW
PathCompactPathW
PathRemoveFileSpecW
StrRStrIW
ColorAdjustLuma
StrChrW
PathStripPathW
PathIsDirectoryW
PathAppendW
StrRetToStrW
PathCompactPathExW

ole32

CoInitialize
CoRevokeClassObject
CreateStreamOnHGlobal
CoResumeClassObjects
CoGetInterfaceAndReleaseStream
StringFromGUID2
CoRegisterClassObject
OleRun
CoMarshalInterThreadInterfaceInStream
CoUninitialize
CLSIDFromProgID
CLSIDFromString
CoInitializeSecurity
CoInitializeEx
StringFromCLSID
CoCreateInstance
CoTaskMemFree

msimg32

AlphaBlend
GradientFill

oleaut32

GetRecordInfoFromGuids
SysStringByteLen
SysFreeString
SafeArrayAccessData
SysAllocString
SafeArrayCreate
VariantCopyInd
SafeArrayCreateVectorEx
GetErrorInfo
VarDateFromUdate
SafeArrayGetDim
VarBstrFromDate
SafeArrayUnlock
SafeArrayCopy
VariantClear
VarDateFromStr
SafeArrayGetVartype
VariantTimeToSystemTime
SysAllocStringByteLen
VarBstrCmp
SafeArrayLock
VariantChangeType
SafeArrayGetLBound
SysStringLen
LoadRegTypeLi
SafeArrayUnaccessData
SafeArrayGetUBound
LoadTypeLi
SysAllocStringLen
VariantCopy
DispCallFunc
SystemTimeToVariantTime
SafeArrayRedim
SafeArrayGetElement
VariantInit
SafeArrayDestroy

activeds

ord3
ord9
ord7

advapi32

RegNotifyChangeKeyValue
AllocateAndInitializeSid
CheckTokenMembership
InitializeSecurityDescriptor
QueryServiceStatus
GetSecurityDescriptorOwner
OpenSCManagerW
GetSecurityDescriptorLength
InitializeSid
SetFileSecurityW
GetAclInformation
RegCloseKey
CloseServiceHandle
RegSetValueExW
MakeSelfRelativeSD
AddAce
ConvertSidToStringSidW
RegCreateKeyExW
LookupAccountSidW
GetLengthSid
IsValidSid
LookupPrivilegeValueW
AdjustTokenPrivileges
GetSecurityDescriptorGroup
RegQueryValueExW
MakeAbsoluteSD
GetSecurityDescriptorSacl
GetSidSubAuthority
InitializeAcl
OpenServiceW
RegOpenKeyExA
LookupAccountNameW
GetSidLengthRequired
GetSecurityDescriptorDacl
GetFileSecurityW
StartServiceW
ConvertStringSidToSidW
RegOpenKeyW
SetSecurityDescriptorDacl
GetTokenInformation
GetSecurityDescriptorControl
RegOpenKeyExW
OpenProcessToken
RegQueryValueExA
GetAce
GetUserNameW
EqualSid
FreeSid
CopySid

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

kernel32

LocalFree
CreateWaitableTimerW
RaiseException
GetFullPathNameW
GetLogicalDriveStringsW
SetWaitableTimer
HeapSize
GetSystemTime
GetUserDefaultLangID
GetFileSize
CreateFileW
GetWindowsDirectoryW
SetLastError
GetCurrentDirectoryW
GetProcessHeap
lstrlenW
HeapFree
WriteFile
lstrcmpiW
FindClose
GetFileType
HeapReAlloc
SystemTimeToTzSpecificLocalTime
WideCharToMultiByte
MulDiv
SetUnhandledExceptionFilter
ResumeThread
LoadResource
GetSystemInfo
SetThreadPriority
lstrcpyW
OpenEventW
GetTimeFormatW
LoadLibraryExW
FindResourceW
FlushInstructionCache
GetModuleHandleW
FormatMessageW
EnterCriticalSection
GetComputerNameW
GetThreadLocale
WaitForMultipleObjects
GetFileInformationByHandle
UnhandledExceptionFilter
FindResourceExW
VirtualFree
DuplicateHandle
GetExitCodeThread
LockResource
lstrcpynW
ResetEvent
FreeLibrary
GetUserDefaultLCID
GetACP
GetDateFormatW
SizeofResource
lstrcmpW
IsProcessorFeaturePresent
HeapDestroy
WaitForSingleObject
DeleteFileW
ReadFile
FileTimeToSystemTime
GlobalAlloc
VirtualAlloc
GetNumberFormatW
LocalAlloc
GetCurrentThreadId
CreateEventW
GlobalLock
IsDebuggerPresent
CloseHandle
ExpandEnvironmentStringsA
lstrcatW
GetCommandLineW
HeapAlloc
GetTempPathW
lstrcpynA
FatalAppExitW
SetCurrentDirectoryW
GlobalFree
LeaveCriticalSection
lstrlenA
SetFilePointer
GetDriveTypeW
TerminateThread
GetSystemTimeAsFileTime
CreateThread
FindFirstFileW
GlobalUnlock
GetLongPathNameW
DeleteCriticalSection

secur32

GetUserNameExW
TranslateNameW

comdlg32

GetOpenFileNameW
FindTextW
GetSaveFileNameW

comctl32

ord8
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_Destroy
PropertySheetW
ImageList_DrawIndirect
CreatePropertySheetPageW
InitCommonControlsEx
CreateStatusWindowW
ImageList_LoadImageW
DestroyPropertySheetPage
ImageList_AddMasked
_TrackMouseEvent
ImageList_GetImageInfo
ImageList_Create
ImageList_GetImageCount
ImageList_Draw

shell32

ShellExecuteExW
SHAppBarMessage
SHGetMalloc
SHGetFileInfoW
SHGetFolderPathW
SHGetDesktopFolder
DragQueryFileW
SHBrowseForFolderW
DragAcceptFiles
SHGetSpecialFolderLocation
SHGetSpecialFolderPathW
SHGetPathFromIDListW
ShellExecuteW

netapi32

NetApiBufferFree
NetQueryDisplayInformation

gdi32

CreatePen
GetObjectW
SetTextAlign
GetCurrentObject
SetPixel
SetROP2
CreateRectRgnIndirect
ExtTextOutW
CreateCompatibleBitmap
SetBkColor
PtInRegion
GetTextMetricsW
CombineRgn
MoveToEx
DeleteObject
GetStockObject
SetTextColor
LineTo
CreateRectRgn
SetViewportOrgEx
CreateFontIndirectW
CreateCompatibleDC
CreateDIBSection
GetBkColor
SelectClipRgn
GetTextExtentExPointW
CreateBitmap
GetTextExtentPoint32W
Rectangle
GetObjectType
SetBrushOrgEx
CreateSolidBrush
CreatePolygonRgn
Polygon
SetBkMode
GetPixel
DeleteDC
UnrealizeObject
CreatePatternBrush
GetClipRgn
TextOutW
SelectObject
BitBlt
PatBlt
RoundRect
ExtCreatePen
IntersectClipRect
GetDeviceCaps

user32

IsWindowEnabled
GetWindowLongW
TranslateMessage
UnhookWindowsHookEx
LoadBitmapW
GetCapture
BeginPaint
UnregisterClassA
LoadStringW
GetSystemMenu
DrawAnimatedRects
GetWindow
GetSysColor
IsRectEmpty
AttachThreadInput
IsDialogMessageW
SystemParametersInfoW
AnimateWindow
SetScrollPos
CreatePopupMenu
DeleteMenu
EndDialog
GetDlgItem
IsChild
LoadIconW
GetScrollInfo
TabbedTextOutW
GetParent
SetDlgItemTextW
CharNextW
InvalidateRect
ReleaseDC
IsClipboardFormatAvailable
WindowFromDC
MessageBoxW
GetClassNameW
WindowFromPoint
IsMenu
GetTabbedTextExtentW
GetWindowThreadProcessId
EmptyClipboard
CharUpperW
GetSysColorBrush
SetMenuItemInfoW
SetFocus
ShowWindow
SetMenuDefaultItem
GetMenuItemCount
IntersectRect
MsgWaitForMultipleObjects
SetWindowLongW
EndDeferWindowPos
IsWindow
MonitorFromPoint
GetCursorPos
GetSystemMetrics
DeferWindowPos
LoadCursorW
KillTimer
ClientToScreen
SendMessageW
SetWindowTextW
EnableMenuItem
SetRectEmpty
GetDlgCtrlID
IsWindowVisible
GetClientRect
TrackPopupMenuEx
CloseClipboard
GetNextDlgTabItem
CreateWindowExW
GetClipboardData
DestroyIcon
MessageBeep
PeekMessageW
LoadStringA
GetSubMenu
SetForegroundWindow
DestroyWindow
DrawStateW
ReleaseCapture
SetMenu
GetForegroundWindow
BeginDeferWindowPos
MapDialogRect
DrawTextW
AppendMenuW
LoadImageW
GetScrollPos
EqualRect
PostQuitMessage
GetFocus
UpdateWindow
CharLowerW
ScrollWindowEx
GetWindowPlacement
LoadMenuW
DispatchMessageW
ScreenToClient
LoadAcceleratorsW
PtInRect
OpenClipboard
CreateDialogParamW
SetCursorPos
GetMenu
GetTopWindow
GetCursor
LockWindowUpdate
SetCapture
GetMessagePos
MapWindowPoints
TranslateAcceleratorW
IsIconic
SetScrollInfo
CallNextHookEx
MoveWindow
RemoveMenu
RedrawWindow
DrawEdge
GetWindowRect
GetDesktopWindow
wsprintfW
CallWindowProcW
DrawFrameControl
EndPaint
SetWindowsHookExW
IsCharAlphaW
DefWindowProcW
DestroyMenu
OffsetRect
CopyRect
GetKeyState
FindWindowW
GetMenuItemInfoW
GetWindowDC
DrawIconEx
SetClipboardData
EnableWindow
InflateRect
PostMessageW
GetDC
ModifyMenuW
GetMessageW
GetMonitorInfoW
DrawFocusRect
ExitWindowsEx
IsCharLowerW
IsCharAlphaNumericW
GetWindowTextLengthW
FillRect
GetGUIThreadInfo
FrameRect
DialogBoxParamW
SetTimer
SetWindowPos
SetWindowPlacement
RegisterWindowMessageW
GetClassInfoExW
RegisterClassExW
CharUpperBuffW
GetWindowTextW
GetActiveWindow
SetCursor
TrackPopupMenu

esent

JetCreateIndex
JetGetLS
JetUpgradeDatabase
JetStopBackupInstance
JetDeleteIndex
JetTruncateLog
JetAttachDatabase2
JetRetrieveColumn
JetCloseDatabase
JetSetCurrentIndex2
JetGetCursorInfo
JetGetSecondaryIndexBookmark
JetDeleteTable
JetPrepareUpdate
JetSetColumns

inetmib1

SnmpExtensionInitEx

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 274KB - Virtual size: 593KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bc404441115deeee62a12f480e338ab8

Headers

File Characteristics

Imports

userenv

shlwapi

ole32

msimg32

oleaut32

activeds

advapi32

version

kernel32

secur32

comdlg32

comctl32

shell32

netapi32

gdi32

user32

esent

inetmib1

Sections

.text Size: 25KB - Virtual size: 24KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 274KB - Virtual size: 593KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 25KB - Virtual size: 24KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 274KB - Virtual size: 593KB

.rsrc
Size: 2KB - Virtual size: 2KB