8afba9ecd051454d2c31aa418498772c849fcf90a6c6411c5362a0cb8abc02e7

Sharing

Copy URL Twitter E-mail

General

Target

8afba9ecd051454d2c31aa418498772c849fcf90a6c6411c5362a0cb8abc02e7
Size

2.2MB
MD5

565acd51bad09a526a454e2aa894645d
SHA1

a8b5fd1f9d366d6ce1fdcb94bda9b23e0d340e9a
SHA256

8afba9ecd051454d2c31aa418498772c849fcf90a6c6411c5362a0cb8abc02e7
SHA512

fa4388b8130bc4b5dd2bfbdf2983337531cacd11e026daec9a9ad89b199898cfc9776e1015b93c5c0a864f0065ba057c5584acbf3de274051eba5459ebbfb2d1
SSDEEP

49152:s3T/KlZFChz4TzTethYdLTbNplVh6vJLgh:MilChzGDp9u9O

Score

N/A

Malware Config

Signatures

Files

8afba9ecd051454d2c31aa418498772c849fcf90a6c6411c5362a0cb8abc02e7
.exe windows x86

1c8b3c14591bfcd20a98b80b33899b88

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

gethostbyname
inet_ntoa
gethostname
WSASetLastError
WSAGetLastError
htons
getservbyname
htonl
ntohs
getservbyport
socket
gethostbyaddr
closesocket
WSAStartup
WSACleanup
inet_addr

kernel32

FindClose
SetUnhandledExceptionFilter
OpenFileMappingW
CreateFileMappingW
Thread32Next
Thread32First
CreateToolhelp32Snapshot
OpenEventW
GetExitCodeProcess
CreateProcessW
GetVersionExA
TerminateProcess
OpenProcess
ExitProcess
GetCurrentProcessId
InterlockedCompareExchange
GetVersion
SetErrorMode
GetCurrentThreadId
RaiseException
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
InterlockedExchange
GetTimeZoneInformation
QueryPerformanceFrequency
QueryPerformanceCounter
GetSystemTimeAsFileTime
CreateFileA
SetFilePointer
GetUserDefaultLangID
GetSystemDirectoryA
CreateEventA
GetTickCount
GetModuleHandleA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrlenW
VirtualQuery
SetCurrentDirectoryA
GetModuleFileNameA
GetCurrentDirectoryA
ResetEvent
WaitForSingleObject
DeleteFileW
UnmapViewOfFile
MapViewOfFile
GetSystemInfo
GetFileSize
OutputDebugStringW
MultiByteToWideChar
GetComputerNameExW
InterlockedDecrement
InterlockedIncrement
GetThreadLocale
CreateMutexW
HeapFree
HeapAlloc
GetVersionExW
GetProcessHeap
FileTimeToSystemTime
FileTimeToLocalFileTime
GetModuleFileNameW
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalFree
DeleteFileA
GetPrivateProfileStringA
GetTempFileNameA
GetTempPathA
LoadLibraryA
LocalAlloc
SetEnvironmentVariableA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
lstrcpynW
GetFileAttributesW
GetCommandLineW
LocalFree
FreeLibrary
FreeResource
Sleep
GetCurrentProcess
FormatMessageW
SetLastError
GetModuleHandleW
MulDiv
ReadFile
DisconnectNamedPipe
WaitForMultipleObjects
ConnectNamedPipe
SetEvent
CreateEventW
CreateNamedPipeW
GetProcAddress
LoadLibraryW
GetLastError
CloseHandle
FlushFileBuffers
WriteFile
SetNamedPipeHandleState
CreateFileW
WaitNamedPipeW
FindResourceW
LoadResource
LockResource
SizeofResource
GetComputerNameW
HeapSize
CreateThread
ExitThread
RtlUnwind
HeapReAlloc
IsDebuggerPresent
UnhandledExceptionFilter
GetStartupInfoW
SetStdHandle
GetConsoleMode
GetConsoleCP
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
WritePrivateProfileStringW
FindResourceExW
LocalReAlloc
GlobalHandle
GlobalReAlloc
GlobalFlags
lstrlenA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
LoadLibraryExW
CompareStringA
VirtualProtect
GetUserDefaultLCID
GetFullPathNameA
LCMapStringW
WideCharToMultiByte
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
GetStdHandle
FindFirstFileA
GetDriveTypeA
lstrcmpW
SetConsoleCtrlHandler

user32

SendMessageW
RegisterWindowMessageW
InvalidateRect
ReleaseDC
GetDC
GetWindowRect
UpdateWindow
EnableWindow
GetParent
CharNextExA
SetRectEmpty
MsgWaitForMultipleObjects
GetSubMenu
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
GetWindow
CheckDlgButton
GetDlgItemTextW
SendDlgItemMessageW
IsDlgButtonChecked
IsDialogMessageW
GetDlgCtrlID
IsWindowEnabled
SetFocus
GetWindowTextLengthW
GetWindowPlacement
SystemParametersInfoA
CallWindowProcW
SetScrollInfo
GetScrollInfo
AdjustWindowRectEx
RegisterClassW
GetClassInfoExW
CreateWindowExW
GetMenu
GetScrollPos
SetScrollPos
GetScrollRange
ScrollWindow
MapWindowPoints
PeekMessageW
GetMessagePos
GetMessageTime
UnhookWindowsHookEx
DestroyWindow
GetTopWindow
DispatchMessageW
GetLastActivePopup
GetForegroundWindow
RemovePropW
GetPropW
SetPropW
CallNextHookEx
SetWindowsHookExW
GetCapture
WinHelpW
SendDlgItemMessageA
GetNextDlgTabItem
CreateDialogIndirectParamW
GetActiveWindow
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
ClientToScreen
BeginPaint
EndPaint
GetWindowThreadProcessId
GetAsyncKeyState
MapDialogRect
ValidateRect
GetCursorPos
TranslateMessage
GetMessageW
SetCursor
WindowFromPoint
GetSysColorBrush
DestroyMenu
UnregisterClassW
UnregisterClassA
GetMenuItemID
GetMenuItemCount
EnumChildWindows
SetWindowTextW
GetDlgItem
OffsetRect
SetClassLongW
GetClassLongW
GetSysColor
SetActiveWindow
GetWindowTextW
SendNotifyMessageW
SetDlgItemTextW
LoadStringW
IsWindowVisible
DestroyIcon
DrawIconEx
SetRect
GetIconInfo
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
EndDialog
MoveWindow
GetTabbedTextExtentW
SetWindowPos
CopyRect
ShowWindow
PostQuitMessage
DrawIcon
IsIconic
SetLayeredWindowAttributes
GetKeyState
BringWindowToTop
SetForegroundWindow
FindWindowW
MessageBoxW
SystemParametersInfoW
PostMessageW
KillTimer
SetTimer
LoadBitmapW
SetWindowRgn
IsWindow
LoadIconW
GetWindowLongW
SetWindowLongW
TrackMouseEvent
GetDesktopWindow
GetWindowDC
PtInRect
ScreenToClient
RedrawWindow
DrawFocusRect
GetFocus
LoadCursorW
DefWindowProcW
GetClassInfoW
AllowSetForegroundWindow
EqualRect
GetClassNameW
GetClientRect
GetSystemMetrics

gdi32

CreateRectRgn
Rectangle
GetTextExtentPointW
GetDIBits
GetTextExtentPoint32W
GetStockObject
CreateCompatibleBitmap
BitBlt
CreateRoundRectRgn
CreateFontW
DeleteDC
CreateDIBSection
CreateCompatibleDC
DeleteObject
CreateFontIndirectW
GetObjectW
SetBkMode
GetDeviceCaps
SelectObject
GetTextMetricsW
CreateBitmap
GetClipBox
SetTextColor
SetBkColor
SaveDC
RestoreDC
SetMapMode
SelectClipRgn
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePen
EnumFontFamiliesExW

comdlg32

GetOpenFileNameW

advapi32

RegEnumKeyW
RegQueryValueW
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
LookupPrivilegeValueW
AdjustTokenPrivileges
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
GetSecurityDescriptorSacl
SetSecurityDescriptorSacl
SetNamedSecurityInfoW
OpenSCManagerW
EqualSid
GetTokenInformation
OpenProcessToken
AllocateAndInitializeSid
RegOpenKeyW
RegDeleteKeyW
FreeSid
RegQueryValueExA
RegOpenKeyExA
CloseServiceHandle
QueryServiceStatus
OpenServiceW
RegCloseKey

shell32

ShellExecuteW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFolderPathW
SHGetMalloc
SHGetDesktopFolder

ole32

CoFreeUnusedLibraries
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoInitialize
CoUninitialize
CoInitializeSecurity

oleaut32

SafeArrayGetUBound
SafeArrayGetLBound
SysAllocString
SafeArrayGetElement
SafeArrayGetElemsize
SafeArrayPutElement
SafeArrayCreateVector
VarBstrCmp
VariantClear
VariantInit
SysFreeString
SafeArrayUnlock
VariantChangeType
SafeArrayDestroy

msimg32

AlphaBlend

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameW
PathFindExtensionW

urlmon

URLDownloadToFileA

wininet

InternetQueryOptionA
DetectAutoProxyUrl

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueA
GetFileVersionInfoA

oleacc

CreateStdAccessibleObject
LresultFromObject

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

Sections

.text
Size: 784KB - Virtual size: 783KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 220KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 944KB - Virtual size: 941KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.vmp0
Size: 192KB - Virtual size: 496KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1c8b3c14591bfcd20a98b80b33899b88

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

msimg32

comctl32

shlwapi

urlmon

wininet

version

oleacc

winspool.drv

Sections

.text Size: 784KB - Virtual size: 783KB

.rdata Size: 220KB - Virtual size: 217KB

.data Size: 20KB - Virtual size: 61KB

.tls Size: 4KB - Virtual size: 2KB

.rsrc Size: 944KB - Virtual size: 941KB

.reloc Size: 88KB - Virtual size: 85KB

.vmp0 Size: 192KB - Virtual size: 496KB

.text
Size: 784KB - Virtual size: 783KB

.rdata
Size: 220KB - Virtual size: 217KB

.data
Size: 20KB - Virtual size: 61KB

.tls
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 944KB - Virtual size: 941KB

.reloc
Size: 88KB - Virtual size: 85KB

.vmp0
Size: 192KB - Virtual size: 496KB