6a598afc978087c5be0539af1348fc85b1488bd72726e11b952a4f3328d61393

Sharing

Copy URL

Twitter E-mail

General

Target

6a598afc978087c5be0539af1348fc85b1488bd72726e11b952a4f3328d61393
Size

447KB
MD5

b96966c6fde582ed25ce11d599e94990
SHA1

0d8fe42dadf2b76bc562617d53bda278180a25cf
SHA256

6a598afc978087c5be0539af1348fc85b1488bd72726e11b952a4f3328d61393
SHA512

a97b3a54489633ea65feb89c6f184f217b6e59b2c3b6179aa86f4ed786e46f0a7bc31e28fd4c11a5fd0c0bfac21aa31702fe5e0557678bab83a6855d11da81b7
SSDEEP

12288:WW9tvyx69RL9JlSxcZWdUFL3dlTtS9tlnfJ26axt:WW9dyg9RJSxJCNlTA9nfVaxt

Score

N/A

Malware Config

Signatures

Files

6a598afc978087c5be0539af1348fc85b1488bd72726e11b952a4f3328d61393
.dll windows x86

6414e1fffd1ea0558e78695d304c1fd5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalFileTimeToFileTime
LocalFree
LocalReAlloc
LockFile
LockResource
MapViewOfFileEx
MoveFileA
MoveFileExA
MulDiv
MultiByteToWideChar
OpenMutexA
OpenProcess
QueryPerformanceCounter
RaiseException
ReadFile
ResumeThread
RtlUnwind
SetCurrentDirectoryA
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetFileAttributesA
SetFilePointer
SetFileTime
SetHandleCount
SetLastError
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
SuspendThread
SystemTimeToFileTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnlockFile
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
WritePrivateProfileStringA
lstrcmpA
lstrcmpW
lstrcmpiA
lstrcmpiW
lstrlenA
lstrlenW
CompareStringA
CompareStringW
ConvertDefaultLocale
CopyFileA
CreateDirectoryA
CreateDirectoryW
CreateEventA
CreateFileA
CreateFileMappingW
CreateMutexA
CreateProcessW
CreateThread
DeleteCriticalSection
DeleteFileA
DeleteFileW
DuplicateHandle
EnterCriticalSection
EnumResourceLanguagesA
EnumSystemLocalesA
ExitProcess
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
InitializeCriticalSection
HeapSize
HeapReAlloc
HeapFree
HeapDestroy
HeapCreate
HeapAlloc
GlobalUnlock
GlobalSize
GlobalReAlloc
GlobalLock
GlobalHandle
GlobalGetAtomNameA
GlobalFree
GlobalFlags
GlobalFindAtomA
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomA
GetVolumeInformationW
GetVolumeInformationA
GetVersionExW
GetVersionExA
GetVersion
GetUserDefaultLCID
GetTimeZoneInformation
GetTimeFormatA
GetTickCount
GetThreadLocale
GetTempPathW
GetSystemTimeAsFileTime
GetSystemInfo
GetStringTypeW
GetStringTypeExW
GetStringTypeExA
GetStringTypeA
GetStdHandle
GetStartupInfoA
GetShortPathNameA
GetProcessPriorityBoost
GetProcessHeap
GetProcAddress
GetPrivateProfileStringA
GetPrivateProfileIntA
GetOEMCP
GetNumberFormatW
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetModuleFileNameA
GetLocaleInfoW
GetLocaleInfoA
GetLastError
GetFullPathNameA
GetFileType
GetFileTime
GetFileSize
GetFileAttributesW
GetFileAttributesExW
GetFileAttributesA
GetExitCodeProcess
GetEnvironmentVariableW
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStringsA
GetDriveTypeA
GetDateFormatA
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetCurrentDirectoryW
GetCurrentDirectoryA
GetConsoleOutputCP
GetConsoleMode
GetConsoleCP
GetCommandLineW
GetCommandLineA
GetCPInfo
GetAtomNameA
GetACP
FreeResource
FreeLibrary
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FormatMessageA
FlushInstructionCache
FlushFileBuffers
ExitThread
FatalAppExitA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindFirstVolumeW
FindNextFileA
FindNextFileW
FindNextVolumeW
FindResourceA
FindResourceExW
FindResourceW
FindVolumeClose
CloseHandle

ole32

WriteFmtUserTypeStg
WriteClassStg
StringFromGUID2
StringFromCLSID
SetConvertStg
ReadFmtUserTypeStg
ReadClassStg
OleRegGetUserType
OleDuplicateData
CreateStreamOnHGlobal
CreateBindCtx
CoTreatAsClass
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
CoDisconnectObject
CoCreateInstance
CLSIDFromString
ReleaseStgMedium

gdi32

TextOutA
StretchBlt
StartDocA
SetWorldTransform
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
SetTextJustification
SetTextColor
SetTextCharacterExtra
SetTextAlign
SetStretchBltMode
SetRectRgn
SetROP2
SetPolyFillMode
SetMapperFlags
SetMapMode
SetGraphicsMode
SetDIBColorTable
SetColorAdjustment
SetBkMode
SetBkColor
SetArcDirection
SelectPalette
SelectObject
SelectClipRgn
SelectClipPath
ScaleWindowExtEx
ScaleViewportExtEx
SaveDC
RestoreDC
RectVisible
PtVisible
PolylineTo
Polygon
PolyDraw
PolyBezierTo
PlayMetaFileRecord
PlayMetaFile
PatBlt
OffsetWindowOrgEx
OffsetViewportOrgEx
OffsetClipRgn
MoveToEx
ModifyWorldTransform
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetTextMetricsA
GetTextExtentPoint32A
GetStockObject
GetPixel
GetObjectW
GetObjectType
GetObjectA
GetMapMode
GetDeviceCaps
GetDCOrgEx
GetCurrentPositionEx
GetClipRgn
GetClipBox
ExtTextOutA
ExtSelectClipRgn
ExtCreatePen
ExcludeClipRect
Escape
EnumMetaFile
DeleteObject
DeleteDC
DPtoLP
CreateSolidBrush
CreateRectRgnIndirect
CreateRectRgn
CreatePen
CreatePatternBrush
CreateHatchBrush
CreateFontIndirectW
CreateFontIndirectA
CreateDIBitmap
CreateDIBSection
CreateDIBPatternBrushPt
CreateDCA
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
CopyMetaFileA
CombineRgn
BitBlt
ArcTo

wininet

GopherOpenFileA
FtpCommandA
FtpCreateDirectoryA
FtpDeleteFileA
FtpFindFirstFileA
FtpGetCurrentDirectoryA
FtpGetFileA
FtpPutFileA
FtpRemoveDirectoryA
InternetWriteFile
InternetSetStatusCallbackA
InternetSetOptionExA
InternetSetFilePointer
InternetSetCookieA
InternetReadFile
InternetQueryOptionA
InternetQueryDataAvailable
InternetOpenUrlA
InternetOpenA
InternetGetLastResponseInfoA
InternetGetCookieA
InternetFindNextFileA
InternetErrorDlg
InternetCrackUrlA
InternetConnectA
InternetCloseHandle
InternetCanonicalizeUrlA
HttpSendRequestExA
HttpSendRequestA
HttpQueryInfoA
HttpOpenRequestA
HttpEndRequestA
HttpAddRequestHeadersA
FtpOpenFileA
GopherGetAttributeA
GopherFindFirstFileA
GopherCreateLocatorA
FtpSetCurrentDirectoryA
FtpRenameFileA

comdlg32

GetFileTitleA
ChooseFontW

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

shell32

ExtractIconA
ShellExecuteW
SHGetSpecialFolderPathW
SHGetFileInfoA

shlwapi

PathStripToRootA
PathRemoveFileSpecW
UrlUnescapeA
PathCanonicalizeW
PathCombineW
PathRemoveExtensionA
PathIsUNCA
PathFindFileNameA
PathFindExtensionA

comctl32

_TrackMouseEvent
ord17
ImageList_LoadImageW
ImageList_GetIconSize
ImageList_Draw
ImageList_Destroy

oleaut32

VariantTimeToSystemTime
VariantInit
VariantCopy
VariantClear
VariantChangeType
VarUI4FromStr
VarR8FromStr
VarI4FromStr
VarDecFromStr
VarDecCmp
VarDateFromStr
VarCyFromStr
VarBstrFromDec
VarBstrFromDate
VarBstrFromCy
SystemTimeToVariantTime
SysStringLen
SysStringByteLen
SysReAllocStringLen
SysFreeString
SysAllocStringLen
SysAllocStringByteLen
SafeArrayUnlock
SafeArrayUnaccessData
SafeArrayRedim
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayLock
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetElement
SafeArrayGetDim
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayCreate
SafeArrayCopy
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayAccessData

advapi32

RegSetValueExW
RegSetValueExA
RegSetValueA
RegQueryValueExW
RegQueryValueExA
RegQueryValueA
RegQueryInfoKeyW
RegOpenKeyExW
RegOpenKeyExA
RegOpenKeyA
RegEnumKeyExW
RegEnumKeyA
RegDeleteValueW
RegDeleteValueA
RegDeleteKeyW
RegDeleteKeyA
RegCreateKeyW
RegCreateKeyExW
RegCreateKeyExA
RegCreateKeyA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueW
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
AdjustTokenPrivileges

winmm

PlaySoundW

user32

SetForegroundWindow
SetFocus
SetDlgItemTextW
SetDlgItemTextA
SetDlgItemInt
SetPropA
SetMenuItemBitmaps
LoadIconW
LoadImageW
MapWindowPoints
MessageBoxA
MessageBoxW
ModifyMenuA
MoveWindow
OffsetRect
PeekMessageA
PeekMessageW
PostMessageA
PostMessageW
PostQuitMessage
PostThreadMessageW
PtInRect
RegisterClassA
RegisterClassExW
RegisterClassW
RegisterWindowMessageA
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropA
ScreenToClient
ScrollWindow
ScrollWindowEx
SendDlgItemMessageA
SendMessageA
SendMessageW
SetActiveWindow
SetCapture
SetRect
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowLongA
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowTextA
SetWindowTextW
SetWindowsHookExA
ShowOwnedPopups
ShowScrollBar
ShowWindow
SystemParametersInfoA
SystemParametersInfoW
TabbedTextOutA
TrackPopupMenu
TrackPopupMenuEx
TranslateMessage
UnhookWindowsHookEx
UnregisterClassA
UpdateWindow
ValidateRect
WinHelpA
SetCursor
LoadIconA
LoadCursorW
AdjustWindowRectEx
AppendMenuA
BeginDeferWindowPos
BeginPaint
CallNextHookEx
CallWindowProcA
CallWindowProcW
CharLowerA
CharLowerW
CharNextW
CharUpperA
CharUpperW
CheckDlgButton
CheckMenuItem
CheckRadioButton
ClientToScreen
CopyRect
CreateDialogIndirectParamA
CreateDialogParamW
CreateWindowExA
CreateWindowExW
DefDlgProcW
DefWindowProcA
DefWindowProcW
DeferWindowPos
DeleteMenu
DestroyIcon
DestroyMenu
DestroyWindow
DialogBoxParamW
DispatchMessageA
DispatchMessageW
DrawEdge
DrawFocusRect
DrawTextA
DrawTextExA
DrawTextW
EnableMenuItem
EnableWindow
EndDeferWindowPos
EndDialog
EndPaint
EqualRect
ExitWindowsEx
FillRect
FindWindowW
GetActiveWindow
GetCapture
GetClassInfoA
GetClassInfoExA
GetClassInfoExW
GetClassLongA
GetClassNameA
GetClientRect
GetCursorPos
GetDC
GetDesktopWindow
GetDialogBaseUnits
GetDlgCtrlID
GetDlgItem
GetDlgItemInt
GetDlgItemTextA
GetFocus
GetForegroundWindow
GetKeyState
GetLastActivePopup
GetMenu
GetMenuCheckMarkDimensions
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoA
GetMenuState
GetMenuStringA
GetMessageA
GetMessagePos
GetMessageTime
GetMessageW
GetNextDlgTabItem
GetParent
GetPropA
GetScrollInfo
GetScrollPos
GetScrollRange
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMetrics
GetTopWindow
GetWindow
GetWindowDC
GetWindowLongA
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetWindowTextA
GetWindowTextLengthA
GetWindowTextW
GetWindowThreadProcessId
GrayStringA
InflateRect
InsertMenuA
IntersectRect
InvalidateRect
IsChild
IsDialogMessageA
IsDlgButtonChecked
IsIconic
IsWindow
IsWindowEnabled
IsWindowVisible
KillTimer
LoadBitmapA
LoadCursorA

Exports

Exports

NewMember
Repr
UnicodeWarning
free_default
get_cHRM

Sections

.text
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 266KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6414e1fffd1ea0558e78695d304c1fd5

Headers

File Characteristics

Imports

kernel32

ole32

gdi32

wininet

comdlg32

winspool.drv

shell32

shlwapi

comctl32

oleaut32

advapi32

winmm

user32

Exports

Exports

Sections

.text Size: 78KB - Virtual size: 77KB

.rdata Size: 266KB - Virtual size: 265KB

.data Size: 69KB - Virtual size: 70KB

.rsrc Size: 27KB - Virtual size: 27KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 78KB - Virtual size: 77KB

.rdata
Size: 266KB - Virtual size: 265KB

.data
Size: 69KB - Virtual size: 70KB

.rsrc
Size: 27KB - Virtual size: 27KB

.reloc
Size: 5KB - Virtual size: 4KB