bdc2330f894229a1f5e6e975b6325b5bf7d7e7bc387a71fdc8767c5c1a9ce7d2

Sharing

Copy URL Twitter E-mail

General

Target

bdc2330f894229a1f5e6e975b6325b5bf7d7e7bc387a71fdc8767c5c1a9ce7d2
Size

137KB
MD5

e21e46f24f2ae892e5dca154a69f9083
SHA1

2b0315fad5a52355fad6efd06621866687afa27f
SHA256

bdc2330f894229a1f5e6e975b6325b5bf7d7e7bc387a71fdc8767c5c1a9ce7d2
SHA512

13fc7713f401e4045827a9c07ec0777439874264855e1daad1ff9029692876a79190d86034f8ca6484df64b2730398d965700f5024d8c74a0aea3af173bafcab
SSDEEP

3072:1+Z4jUZq5jTBSh/YZa+ULIM7Fu9gIRUTzkq:1sSmq5RSh/Yw+UEMpuSAGIq

Score

N/A

Malware Config

Signatures

Files

bdc2330f894229a1f5e6e975b6325b5bf7d7e7bc387a71fdc8767c5c1a9ce7d2
.cab
0204a681.exe
.exe windows x86

f45e95ef696f44c3a8666b15e250073e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSpecialFolderLocation
SHBindToParent
SHSetLocalizedName
SHGetPathFromIDListA
SHGetFolderPathAndSubDirW
SHGetInstanceExplorer
SHGetPathFromIDListW
ExtractAssociatedIconExW
SHBrowseForFolderW
SHGetDesktopFolder
ShellAboutW
SHFileOperationW
SHGetFolderPathW
ShellExecuteA
SHGetFileInfoW
DragQueryFileW
Shell_NotifyIconA
ShellExecuteW
ShellExecuteExW
ExtractIconExW
SHGetSpecialFolderPathW
SHGetDataFromIDListW
SHPathPrepareForWriteW
SHCreateShellItem
SHGetFolderLocation
Shell_NotifyIconW
SHAppBarMessage
ExtractIconW
SHChangeNotify

rtutils

TraceDumpExW
TraceDumpExA

psapi

GetProcessImageFileNameW

advapi32

GetTraceLoggerHandle
TraceMessage
RegQueryValueExW
ConvertStringSidToSidW
TraceEvent
OpenProcessToken
RegisterTraceGuidsW
CryptDestroyHash
RegQueryValueW
RegOpenCurrentUser
ConvertStringSecurityDescriptorToSecurityDescriptorW
IsTextUnicode
RegSetValueExW
GetTokenInformation
UnregisterTraceGuids
CryptReleaseContext
ConvertSidToStringSidW
RegOpenKeyExW
GetUserNameW
RegQueryValueExA
CreateProcessAsUserW
RegOpenKeyExA
RegCreateKeyExW
RegEnumValueW
OpenThreadToken
RegEnumValueA
CryptAcquireContextW
RegEnumKeyW
SetThreadToken
RegCreateKeyExA
DuplicateTokenEx
GetTraceEnableFlags
SetTokenInformation
RegOpenKeyW
GetLengthSid
RegCloseKey
RegQueryInfoKeyW
RegDeleteValueA
CryptGetHashParam
RegDeleteKeyA
CryptCreateHash
ImpersonateSelf
GetTraceEnableLevel
RegCreateKeyA
CryptHashData
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegSetValueExA

user32

LoadStringA
SendMessageTimeoutA
SendNotifyMessageW
RegisterClassW
EndMenu
DestroyIcon
SystemParametersInfoW
DdeClientTransaction
GetActiveWindow
DdeNameService
InvalidateRect
ShowWindow
WaitMessage
CharPrevW
SetMenuItemBitmaps
GetWindow
UnhookWindowsHookEx
OpenClipboard
CloseClipboard
MessageBoxW
GetKeyState
LoadStringW
IsWindow
GetWindowTextW
GetProcessWindowStation
GetCursor
CreateIconIndirect
GetClassWord
wsprintfW
GetCursorPos
CopyRect
DeleteMenu
VkKeyScanExW
RedrawWindow
EnumThreadWindows
DrawIconEx
GetKeyNameTextW
RegisterClassExW
RemoveMenu
LoadImageW
EnableMenuItem
FindWindowA
GetMenuDefaultItem
ShowOwnedPopups
IsDlgButtonChecked
GetAsyncKeyState
ChildWindowFromPoint
DialogBoxParamW
SetWindowsHookExW
IsRectEmpty
MapDialogRect
CharPrevA
FillRect
ReleaseCapture
MonitorFromWindow
LoadIconW
LoadMenuW
CreateMenu
GetForegroundWindow
UnionRect
GetMonitorInfoW
TranslateMessage
DdeInitializeW
TrackPopupMenu
SetMenuItemInfoW
SetDlgItemInt
GetDesktopWindow
DdeConnect
CharNextW
GetMessageW
SetWindowPlacement
CallWindowProcW
LoadCursorA
GetDlgItemTextW
DdeQueryStringW
CheckRadioButton
GetLastInputInfo
GetScrollInfo
CopyIcon
LoadCursorW
GetCapture
GetSystemMetrics
LockSetForegroundWindow
DdeFreeDataHandle
SystemParametersInfoA
SendMessageW
TrackPopupMenuEx
KillTimer
DdeFreeStringHandle
IsWindowUnicode
SendMessageA
PeekMessageW
GetSysColor
EnumDisplaySettingsW
GetSubMenu
PeekMessageA
CheckMenuRadioItem
CreateDialogParamW
ClientToScreen
CheckMenuItem
FindWindowExW
DestroyWindow
FindWindowW
CharNextA
DialogBoxParamA
DestroyAcceleratorTable
GetClipboardFormatNameW
GetMenuState
MoveWindow
SetCursorPos
PostThreadMessageW
GetWindowRgnBox
DispatchMessageW
WaitForInputIdle
RegisterClipboardFormatW
CallNextHookEx
ScreenToClient
CharLowerBuffW
PostQuitMessage
CheckDlgButton
MapWindowPoints
DestroyMenu
ChangeClipboardChain
PostMessageA
SetClipboardData
GetMenuItemID
MessageBoxExA
GetMessagePos
SetMenu
PostThreadMessageA
IsWindowEnabled
CreatePopupMenu
GetWindowTextLengthW
GetMenuItemCount
SetTimer
BeginDeferWindowPos
AdjustWindowRect
SetWindowLongW
EmptyClipboard
GetClipboardData
WinHelpW
EnableWindow
PostMessageW
GetWindowLongA
GetMessageTime
GetWindowLongW
GetFocus
AppendMenuW
RemovePropW
SetPropA
DdeCreateDataHandle
DrawEdge
DefWindowProcW
IsHungAppWindow
InflateRect
SendMessageTimeoutW
GetLastActivePopup
AdjustWindowRectEx
LoadAcceleratorsW
IsIconic
CharLowerW
GetDlgItem
DialogBoxIndirectParamA
MonitorFromRect
WindowFromPoint
SetDlgItemTextW
GetWindowThreadProcessId
SendDlgItemMessageW
GetParent
TrackMouseEvent
EnumChildWindows
SetCursor
UpdateWindow
CharUpperW
GetWindowPlacement
DefWindowProcA
DispatchMessageA
GetWindowInfo
UnregisterClassW
SetScrollInfo
GetWindowDC
GetPropW
NotifyWinEvent
GetMenuStringW
EnumDesktopWindows
MapVirtualKeyW
GetDoubleClickTime
CreateWindowExW
SetMenuDefaultItem
IntersectRect
EqualRect
DdeUninitialize
GetSystemMenu
SetActiveWindow
DdeCreateStringHandleW
IsWindowVisible
GetWindowRect
GetMenuItemInfoA
SetPropW
AllowSetForegroundWindow
DdeDisconnect
RemovePropA
SetWindowLongA
MessageBoxIndirectW
IsCharAlphaNumericW
DrawTextExW
DrawFocusRect
MsgWaitForMultipleObjects
GetPropA
GetDC
GetClassNameW
IsDialogMessageW
IsChild
GetMenuItemInfoW
AnimateWindow
SetWindowRgn
SetCapture
MsgWaitForMultipleObjectsEx
BeginPaint
EndPaint
GetSysColorBrush
GetComboBoxInfo
MonitorFromPoint
SetRectEmpty
DrawTextW
EndDialog
GetClassInfoExW
DeferWindowPos
SetScrollPos
DrawFrameControl
SetWindowPos
RegisterClipboardFormatA
SetForegroundWindow
GetShellWindow
OffsetRect
InsertMenuItemW
GetDialogBaseUnits
EndDeferWindowPos
GetTopWindow
SetFocus
EnumWindows
AttachThreadInput
DialogBoxIndirectParamW
GetDlgCtrlID
ReleaseDC
ShowCaret
GetClassInfoW
LoadBitmapW
CopyImage
InsertMenuW
GetMessageA
RegisterWindowMessageW
SetRect
SetWindowTextW
PtInRect
IsMenu
GetClientRect
SetClipboardViewer
RegisterWindowMessageA
MessageBoxExW
SetParent
UpdateLayeredWindow
ShowScrollBar
DdeGetData
GetIconInfo
GetKeyboardLayout
GetClassLongW
GetNextDlgTabItem
TranslateAcceleratorW
MessageBeep
CallMsgFilterW
HideCaret
MessageBoxIndirectA
GetAncestor

ntdll

NtSetSystemEnvironmentValueEx
NtQuerySemaphore
RtlAddAccessAllowedObjectAce
RtlAdjustPrivilege

kernel32

VirtualAlloc

uxtheme

GetThemeFont
GetThemeMetric
SetWindowTheme
GetThemePartSize
OpenThemeData
GetThemeBackgroundContentRect
DrawThemeParentBackground
DrawThemeBackground
IsThemeActive
GetThemeColor
CloseThemeData
IsAppThemed
GetThemeBackgroundExtent
GetThemeMargins
GetThemeAppProperties

ddraw

DirectDrawCreate

gdi32

CreateDCA
CreateFontIndirectW
GetDeviceCaps
CreateRectRgnIndirect
SetTextAlign
GetTextExtentPoint32A
GetTextMetricsW
CreateBitmap
GetPaletteEntries
GetBkColor
DeleteDC
GetTextExtentPoint32W
CreateCompatibleBitmap
GetBrushOrgEx
ExtCreateRegion
GetTextColor
LineTo
Rectangle
GetClipBox
GetGlyphIndicesW
SetDCPenColor
SetBrushOrgEx
SelectPalette
CreateFontIndirectA
StretchDIBits
SetBkMode
GetObjectW
SetWindowOrgEx
TextOutW
GetTextAlign
CreatePolygonRgn
GetPixel
CloseEnhMetaFile
SetMapMode
RealizePalette
GetTextExtentPointW
RectVisible
CreateDIBPatternBrushPt
CombineRgn
GetDIBits
RestoreDC
GetDCOrgEx
CreateFontW
DeleteObject
ExtTextOutW
OffsetRgn
CreatePatternBrush
MoveToEx
StretchBlt
SetRectRgn
SelectObject
GetBkMode
PatBlt
GetLayout
GetRgnBox
CreateHalftonePalette
SetStretchBltMode
CreateRectRgn
TextOutA
CreateCompatibleDC
SetViewportExtEx
LPtoDP
GetTextCharset
SetPaletteEntries
GetObjectA
OffsetWindowOrgEx
CreateMetaFileW
GetRegionData
CreatePen
SetViewportOrgEx
GetStockObject
SaveDC
CreateSolidBrush
CreateEnhMetaFileA
GetSystemPaletteEntries
SetLayout
CloseMetaFile
SetTextColor
BitBlt
CreateDCW
IntersectClipRect
CreatePalette
SetBkColor
GetTextExtentExPointI
EqualRgn
DeleteEnhMetaFile
SetWindowExtEx
CreateDIBSection
PlayEnhMetaFile

Sections

.text
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
71976c3a.exe
.exe windows x86

34bfb1498481e639590792a634de33ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
GetVersionExA
FormatMessageA
InterlockedDecrement
GlobalUnlock
GetLastError
GetLocaleInfoA
WriteFile
GlobalFree
TerminateProcess
FreeEnvironmentStringsW
GetModuleHandleW
lstrcmpiW
DisconnectNamedPipe
GetLocalTime
GetOEMCP
LockResource
ExitProcess
GetProcAddress
HeapFree
GetModuleHandleA
LoadLibraryA
OpenConsoleW
GlobalLock

msvcrt

_wtol
isalpha
__getmainargs
wcslen
strchr
__set_app_type
free
_wcsicmp
wcstok
swprintf
isspace
atoi
memset
fclose
iswupper
wcstol
memcpy
isalnum
_vsnprintf
_adjust_fdiv
__dllonexit
wcscmp
wcscat
_acmdln

user32

IsWindowVisible
LoadMenuW
DrawTextW
FindWindowW
EndDialog
DefWindowProcW
GetMessageA
SetScrollPos
CopyRect
FrameRect
IsDlgButtonChecked
GetMenu
RedrawWindow
MessageBeep
ModifyMenuA
RegisterShellHookWindow
PeekMessageW
DrawEdge
LoadStringW
LoadStringA
AppendMenuW
GetWindowLongA
DrawIconEx
CharUpperW
SetWindowTextW
SystemParametersInfoA

gdi32

ExtTextOutW
GetTextExtentPointW
CreatePalette
TranslateCharsetInfo
GetTextExtentPoint32W
Rectangle
GetTextMetricsW
PatBlt
CreateSolidBrush
SetBkColor
CreateCompatibleDC
LineTo
DeleteObject
StretchBlt
MoveToEx
CreateFontIndirectW

tapi32

lineConfigDialogEdit
lineGetDevConfigW
lineCreateAgentSessionW
phoneGetButtonInfo
lineGetAddressCaps
lineSetAgentStateEx
lineDrop
phoneGetMessage

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

member1
Size: 512B - Virtual size: 278B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

member2
Size: 512B - Virtual size: 360B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

member3
Size: 512B - Virtual size: 401B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f45e95ef696f44c3a8666b15e250073e

Headers

DLL Characteristics

File Characteristics

Imports

shell32

rtutils

psapi

advapi32

user32

ntdll

kernel32

uxtheme

ddraw

gdi32

Sections

.text Size: 1024B - Virtual size: 1012B

.idata Size: 12KB - Virtual size: 12KB

.data Size: 512B - Virtual size: 80KB

.rsrc Size: 17KB - Virtual size: 16KB

.rdata Size: 1024B - Virtual size: 920B

34bfb1498481e639590792a634de33ce

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

tapi32

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 2KB - Virtual size: 2KB

member1 Size: 512B - Virtual size: 278B

member2 Size: 512B - Virtual size: 360B

member3 Size: 512B - Virtual size: 401B

.data Size: 7KB - Virtual size: 6KB

.rsrc Size: 111KB - Virtual size: 110KB

.reloc Size: 512B - Virtual size: 72B

.text
Size: 1024B - Virtual size: 1012B

.idata
Size: 12KB - Virtual size: 12KB

.data
Size: 512B - Virtual size: 80KB

.rsrc
Size: 17KB - Virtual size: 16KB

.rdata
Size: 1024B - Virtual size: 920B

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 2KB

member1
Size: 512B - Virtual size: 278B

member2
Size: 512B - Virtual size: 360B

member3
Size: 512B - Virtual size: 401B

.data
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 111KB - Virtual size: 110KB

.reloc
Size: 512B - Virtual size: 72B