6e5ba3f09a6743e781a3195fcdebeab76dbc1b9077dadd907fe618412abeea0f

Sharing

Copy URL

Twitter E-mail

General

Target

6e5ba3f09a6743e781a3195fcdebeab76dbc1b9077dadd907fe618412abeea0f
Size

441KB
MD5

a26b9f5b63e8340f02edb0f2834f55e0
SHA1

4b88f833a882680eb0d1df45ae8a180b914921b1
SHA256

6e5ba3f09a6743e781a3195fcdebeab76dbc1b9077dadd907fe618412abeea0f
SHA512

ae0b84c157c17d72a4f1c44ef70cf30ac952046d7b7854df41d80ebb901c008139a2e70253eeb4889b1a9b0c180dbad598e560375e4921be582d8fd2d5e94d20
SSDEEP

12288:6Sqn0x7CiKhFVlydEuurOjPZDRR46pgZsGXymtf4:zqn09AVUdEuurOjPZnIsGXlN4

Score

N/A

Malware Config

Signatures

Files

6e5ba3f09a6743e781a3195fcdebeab76dbc1b9077dadd907fe618412abeea0f
.dll windows x86

90cd8cae1ae4db03469c872806b0fbbf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalFileTimeToFileTime
LocalFree
LocalReAlloc
LockFile
LockResource
MapViewOfFileEx
MoveFileA
MoveFileExA
MulDiv
MultiByteToWideChar
OpenMutexA
OpenProcess
QueryPerformanceCounter
RaiseException
ReadFile
ResumeThread
RtlUnwind
SetCurrentDirectoryA
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetFileAttributesA
InterlockedIncrement
SetFileTime
SetHandleCount
SetLastError
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
SuspendThread
SystemTimeToFileTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnlockFile
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
WritePrivateProfileStringA
lstrcmpA
lstrcmpW
lstrcmpiA
lstrcmpiW
lstrlenA
lstrlenW
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
InitializeCriticalSection
HeapSize
HeapReAlloc
HeapFree
HeapDestroy
HeapCreate
HeapAlloc
GlobalUnlock
GlobalSize
GlobalReAlloc
GlobalLock
GlobalHandle
GlobalGetAtomNameA
GlobalFree
GlobalFlags
GlobalFindAtomA
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomA
GetVolumeInformationW
GetVolumeInformationA
GetVersionExW
GetVersionExA
GetVersion
GetUserDefaultLCID
GetTimeZoneInformation
GetTimeFormatA
GetTickCount
GetThreadLocale
GetTempPathW
GetSystemTimeAsFileTime
GetSystemInfo
GetStringTypeW
GetStringTypeExW
GetStringTypeExA
GetStringTypeA
GetStdHandle
GetStartupInfoA
GetShortPathNameA
GetProcessPriorityBoost
GetProcessHeap
GetProcAddress
GetPrivateProfileStringA
GetPrivateProfileIntA
GetOEMCP
GetNumberFormatW
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetModuleFileNameA
GetLocaleInfoW
GetLocaleInfoA
GetLastError
GetFullPathNameA
GetFileType
GetFileTime
GetFileSize
GetFileAttributesW
GetFileAttributesExW
GetFileAttributesA
GetExitCodeProcess
GetEnvironmentVariableW
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStringsA
GetDriveTypeA
GetDateFormatA
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetCurrentDirectoryW
GetCurrentDirectoryA
GetConsoleOutputCP
GetConsoleMode
GetConsoleCP
GetCommandLineW
GetCommandLineA
GetCPInfo
GetAtomNameA
CloseHandle
GetACP
FreeResource
FreeLibrary
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FormatMessageA
FlushInstructionCache
FlushFileBuffers
FindVolumeClose
FindResourceW
FindResourceExW
FindResourceA
FindNextVolumeW
FindNextFileW
FindNextFileA
FindFirstVolumeW
FindFirstFileA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FatalAppExitA
ExitThread
ExitProcess
EnumSystemLocalesA
EnumResourceLanguagesA
EnterCriticalSection
DuplicateHandle
DeleteFileW
DeleteFileA
DeleteCriticalSection
CreateThread
CreateProcessW
CreateMutexA
CreateFileMappingW
CreateFileA
CreateEventA
CreateDirectoryW
CreateDirectoryA
CopyFileA
ConvertDefaultLocale
CompareStringW
CompareStringA
SetFilePointer

oleaut32

SafeArrayAccessData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayCreate
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayGetDim
SafeArrayGetElement
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayLock
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayRedim
SafeArrayUnaccessData
SafeArrayUnlock
SysAllocStringByteLen
SysAllocStringLen
SysFreeString
SysReAllocStringLen
SysStringByteLen
SysStringLen
SystemTimeToVariantTime
VarBstrFromCy
VarBstrFromDate
VarBstrFromDec
VarCyFromStr
VarDateFromStr
VarDecCmp
VarDecFromStr
VarI4FromStr
VarR8FromStr
VarUI4FromStr
VariantChangeType
VariantClear
VariantCopy
VariantInit
VariantTimeToSystemTime
SafeArrayAllocData

comctl32

ImageList_Draw
ImageList_GetIconSize
ImageList_LoadImageW
ord17
_TrackMouseEvent
ImageList_Destroy

shlwapi

PathRemoveExtensionA
PathRemoveFileSpecW
PathIsUNCA
UrlUnescapeA
PathCanonicalizeW
PathFindFileNameA
PathFindExtensionA
PathCombineW
PathStripToRootA

user32

PostMessageA
PostMessageW
PostQuitMessage
PostThreadMessageW
PtInRect
RegisterClassA
RegisterClassExW
RegisterClassW
RegisterWindowMessageA
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropA
ScreenToClient
ScrollWindow
ScrollWindowEx
SendDlgItemMessageA
SendMessageA
SendMessageW
SetActiveWindow
SetCapture
SetCursor
SetDlgItemInt
SetDlgItemTextA
SetDlgItemTextW
SetFocus
SetForegroundWindow
SetMenuItemBitmaps
SetPropA
SetRect
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowLongA
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowTextA
SetWindowTextW
SetWindowsHookExA
ShowOwnedPopups
ShowScrollBar
ShowWindow
SystemParametersInfoA
SystemParametersInfoW
TabbedTextOutA
TrackPopupMenu
TrackPopupMenuEx
TranslateMessage
UnhookWindowsHookEx
UnregisterClassA
UpdateWindow
ValidateRect
WinHelpA
PeekMessageW
PeekMessageA
OffsetRect
MoveWindow
IsWindowVisible
ModifyMenuA
GetMenu
GetLastActivePopup
GetKeyState
GetForegroundWindow
GetFocus
GetDlgItemTextA
GetDlgItemInt
GetDlgItem
GetDlgCtrlID
GetDialogBaseUnits
GetDesktopWindow
GetDC
GetCursorPos
GetClientRect
GetClassNameA
GetClassLongA
GetClassInfoExW
GetClassInfoExA
GetClassInfoA
GetCapture
GetActiveWindow
FindWindowW
FillRect
ExitWindowsEx
EqualRect
EndPaint
EndDialog
EndDeferWindowPos
EnableWindow
EnableMenuItem
DrawTextW
DrawTextExA
DrawTextA
DrawFocusRect
DrawEdge
DispatchMessageW
DispatchMessageA
DialogBoxParamW
DestroyWindow
DestroyMenu
DestroyIcon
DeleteMenu
DefWindowProcW
DefWindowProcA
DefDlgProcW
CreateWindowExW
CreateWindowExA
CreateDialogParamW
CreateDialogIndirectParamA
CopyRect
ClientToScreen
CheckRadioButton
CheckMenuItem
CheckDlgButton
CharUpperW
CharUpperA
CharNextW
CharLowerW
CharLowerA
CallWindowProcW
CallWindowProcA
CallNextHookEx
BeginPaint
BeginDeferWindowPos
AppendMenuA
AdjustWindowRectEx
MessageBoxW
MessageBoxA
MapWindowPoints
LoadImageW
LoadIconW
LoadIconA
LoadCursorW
LoadCursorA
LoadBitmapA
GetMenuCheckMarkDimensions
IsWindowEnabled
IsWindow
IsIconic
IsDlgButtonChecked
IsDialogMessageA
IsChild
InvalidateRect
IntersectRect
InsertMenuA
InflateRect
GrayStringA
GetWindowThreadProcessId
GetWindowTextW
GetWindowTextLengthA
GetWindowTextA
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindowLongA
GetWindowDC
GetWindow
GetTopWindow
GetSystemMetrics
GetSysColorBrush
GetSysColor
GetSubMenu
GetScrollRange
GetScrollPos
GetScrollInfo
GetPropA
GetParent
GetNextDlgTabItem
GetMessageW
GetMessageTime
GetMessagePos
GetMessageA
GetMenuStringA
GetMenuState
GetMenuItemInfoA
GetMenuItemID
KillTimer
GetMenuItemCount
DeferWindowPos

shell32

SHGetFileInfoA
SHGetSpecialFolderPathW
ShellExecuteW
ExtractIconA

gdi32

GetObjectType
GetObjectW
GetPixel
GetStockObject
GetTextExtentPoint32A
GetTextMetricsA
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
ModifyWorldTransform
MoveToEx
OffsetClipRgn
OffsetViewportOrgEx
OffsetWindowOrgEx
PatBlt
PlayMetaFile
PlayMetaFileRecord
PolyBezierTo
PolyDraw
Polygon
GetObjectA
PtVisible
RectVisible
RestoreDC
SaveDC
ScaleViewportExtEx
ScaleWindowExtEx
ExtTextOutA
SelectClipRgn
SelectObject
SelectPalette
SetArcDirection
SetBkColor
SetBkMode
SetColorAdjustment
SetDIBColorTable
SetGraphicsMode
SetMapMode
SetMapperFlags
SetPolyFillMode
SetROP2
GetClipBox
GetMapMode
GetDeviceCaps
GetDCOrgEx
GetCurrentPositionEx
GetClipRgn
PolylineTo
SetRectRgn
SetStretchBltMode
SetTextAlign
SetTextCharacterExtra
SetTextColor
SetTextJustification
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
SetWorldTransform
StartDocA
StretchBlt
TextOutA
ExtSelectClipRgn
ExtCreatePen
ExcludeClipRect
Escape
EnumMetaFile
DeleteObject
DeleteDC
DPtoLP
CreateSolidBrush
CreateRectRgnIndirect
CreateRectRgn
CreatePen
CreatePatternBrush
CreateHatchBrush
CreateFontIndirectW
CreateFontIndirectA
CreateDIBitmap
CreateDIBSection
CreateDIBPatternBrushPt
CreateDCA
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
CopyMetaFileA
CombineRgn
BitBlt
SelectClipPath
ArcTo

comdlg32

ChooseFontW
GetFileTitleA

advapi32

RegSetValueA
RegQueryValueExA
RegQueryValueA
RegQueryInfoKeyW
RegOpenKeyExW
RegOpenKeyExA
RegOpenKeyA
RegEnumKeyExW
RegEnumKeyA
RegDeleteValueW
RegDeleteValueA
RegDeleteKeyW
RegDeleteKeyA
RegCreateKeyW
RegCreateKeyExW
RegCreateKeyExA
RegCreateKeyA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueW
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
AdjustTokenPrivileges
RegSetValueExA
RegSetValueExW
RegQueryValueExW

wininet

InternetQueryDataAvailable
InternetWriteFile
FtpCommandA
FtpCreateDirectoryA
FtpDeleteFileA
FtpFindFirstFileA
FtpGetCurrentDirectoryA
FtpGetFileA
FtpOpenFileA
FtpPutFileA
FtpRemoveDirectoryA
FtpRenameFileA
FtpSetCurrentDirectoryA
GopherCreateLocatorA
GopherFindFirstFileA
GopherGetAttributeA
GopherOpenFileA
HttpAddRequestHeadersA
HttpEndRequestA
HttpOpenRequestA
HttpQueryInfoA
HttpSendRequestA
HttpSendRequestExA
InternetCanonicalizeUrlA
InternetCloseHandle
InternetConnectA
InternetCrackUrlA
InternetErrorDlg
InternetFindNextFileA
InternetGetCookieA
InternetGetLastResponseInfoA
InternetOpenA
InternetOpenUrlA
InternetSetStatusCallbackA
InternetQueryOptionA
InternetReadFile
InternetSetCookieA
InternetSetFilePointer
InternetSetOptionExA

winmm

PlaySoundW

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

ole32

CLSIDFromString
CoCreateInstance
CoDisconnectObject
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoTreatAsClass
CreateBindCtx
CreateStreamOnHGlobal
OleDuplicateData
OleRegGetUserType
ReadClassStg
ReadFmtUserTypeStg
ReleaseStgMedium
SetConvertStg
StringFromCLSID
StringFromGUID2
WriteClassStg
WriteFmtUserTypeStg

Exports

Exports

ExtendInittab
Fetch
FromReadWriteObject
InPlaceXor
OverflowError

Sections

.text
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 271KB - Virtual size: 270KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

90cd8cae1ae4db03469c872806b0fbbf

Headers

File Characteristics

Imports

kernel32

oleaut32

comctl32

shlwapi

user32

shell32

gdi32

comdlg32

advapi32

wininet

winmm

winspool.drv

ole32

Exports

Exports

Sections

.text Size: 65KB - Virtual size: 64KB

.rdata Size: 271KB - Virtual size: 270KB

.data Size: 70KB - Virtual size: 71KB

.rsrc Size: 29KB - Virtual size: 29KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 65KB - Virtual size: 64KB

.rdata
Size: 271KB - Virtual size: 270KB

.data
Size: 70KB - Virtual size: 71KB

.rsrc
Size: 29KB - Virtual size: 29KB

.reloc
Size: 4KB - Virtual size: 4KB