67f593d20fd1ef6c464a56e3cbbff6f76b842b9f720b5797165551f9a376ad6a

Sharing

Copy URL Twitter E-mail

General

Target

67f593d20fd1ef6c464a56e3cbbff6f76b842b9f720b5797165551f9a376ad6a
Size

300KB
MD5

bdbc116f8f59411e5685c3bfa421e300
SHA1

d250cd75bdd3d3b0c2d616ef637a6444e19afc66
SHA256

67f593d20fd1ef6c464a56e3cbbff6f76b842b9f720b5797165551f9a376ad6a
SHA512

a4456062bd5238c3a2a4bc5278bd30f3ee1a25419137c54fea5cba071434b849c2a2e11a898fe6f489b15b3b906ff4515cdb1ba8d55c4614523f8332230bfa54
SSDEEP

6144:FCpP38p3aqEq6ppI/GM+7iY3lTswfs712EE9:QP3YEhpqeMrY1/f/EE9

Score

N/A

Malware Config

Signatures

Files

67f593d20fd1ef6c464a56e3cbbff6f76b842b9f720b5797165551f9a376ad6a
.exe windows x86

c0b237b5dc89a2086865ca9400aba240

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend
GradientFill

shlwapi

PathCompactPathW
PathStripPathW
PathFileExistsW
PathAppendW
PathRemoveFileSpecW
ColorAdjustLuma
PathCompactPathExW
StrChrW
PathIsDirectoryW
StrRetToStrW
StrRStrIW

ole32

CoRegisterClassObject
CoRevokeClassObject
CoGetInterfaceAndReleaseStream
CoUninitialize
OleRun
CoResumeClassObjects
CoInitializeSecurity
StringFromGUID2
CLSIDFromString
CoInitializeEx
CoTaskMemFree
CoInitialize
CreateStreamOnHGlobal
CoCreateInstance
CoMarshalInterThreadInterfaceInStream
CLSIDFromProgID
StringFromCLSID

comdlg32

GetOpenFileNameW
GetSaveFileNameW
FindTextW

activeds

ord3
ord9
ord7

comctl32

CreatePropertySheetPageW
InitCommonControlsEx
ImageList_Create
CreateStatusWindowW
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_LoadImageW
_TrackMouseEvent
ImageList_DrawIndirect
ImageList_GetIcon
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_Draw
ImageList_Destroy
DestroyPropertySheetPage
ord8
PropertySheetW

kernel32

SetUnhandledExceptionFilter
SetThreadPriority
CreateFileW
lstrcmpW
FreeLibrary
ReadFile
LoadResource
lstrcmpiW
VirtualFree
CreateWaitableTimerW
SystemTimeToTzSpecificLocalTime
LeaveCriticalSection
FileTimeToSystemTime
lstrlenW
CreateThread
DuplicateHandle
ResumeThread
GetWindowsDirectoryW
GetSystemTime
IsProcessorFeaturePresent
GlobalUnlock
WaitForMultipleObjects
RaiseException
GetModuleHandleW
GetCurrentDirectoryW
lstrcatW
SetLastError
GetTempPathW
lstrcpyW
UnhandledExceptionFilter
SizeofResource
LocalFree
GetSystemInfo
HeapSize
FindFirstFileW
EnterCriticalSection
GetCurrentThreadId
DeleteCriticalSection
WriteFile
GetDriveTypeW
FindResourceExW
GetSystemTimeAsFileTime
GetFileInformationByHandle
GetProcessHeap
LockResource
ResetEvent
MulDiv
TerminateThread
GetThreadLocale
WaitForSingleObject
lstrcpynA
SetCurrentDirectoryW
CloseHandle
LocalAlloc
FindClose
GetFileType
OpenEventW
GetUserDefaultLangID
GetTimeFormatW
GetUserDefaultLCID
GlobalAlloc
DeleteFileW
GlobalLock
FormatMessageW
CreateEventW
HeapReAlloc
FlushInstructionCache
LoadLibraryExW
lstrlenA
FatalAppExitW
GetExitCodeThread
FindResourceW
SetWaitableTimer
ExpandEnvironmentStringsA
GetFileSize
IsDebuggerPresent
HeapFree
GetNumberFormatW
HeapAlloc
GlobalFree
VirtualAlloc
SetFilePointer
WideCharToMultiByte
GetCommandLineW
GetLogicalDriveStringsW
GetFullPathNameW
GetComputerNameW
GetACP
GetDateFormatW
lstrcpynW
GetLongPathNameW
HeapDestroy
VirtualAllocEx
lstrcmpA

advapi32

SetSecurityDescriptorDacl
GetSecurityDescriptorOwner
FreeSid
LookupAccountSidW
RegOpenKeyExW
GetSecurityDescriptorGroup
RegQueryValueExA
RegCloseKey
SetFileSecurityW
RegQueryValueExW
OpenSCManagerW
GetAce
MakeSelfRelativeSD
OpenServiceW
GetSecurityDescriptorDacl
OpenProcessToken
RegOpenKeyW
RegSetValueExW
AdjustTokenPrivileges
StartServiceW
MakeAbsoluteSD
LookupPrivilegeValueW
CheckTokenMembership
GetLengthSid
InitializeSid
GetSidSubAuthority
AllocateAndInitializeSid
IsValidSid
InitializeSecurityDescriptor
AddAce
ConvertStringSidToSidW
QueryServiceStatus
GetSecurityDescriptorControl
RegNotifyChangeKeyValue
GetUserNameW
RegOpenKeyExA
LookupAccountNameW
CopySid
EqualSid
InitializeAcl
ConvertSidToStringSidW
GetSecurityDescriptorSacl
GetSidLengthRequired
CloseServiceHandle
GetSecurityDescriptorLength
GetTokenInformation
GetAclInformation
GetFileSecurityW
RegCreateKeyExW

user32

RegisterClassExW
GetWindowPlacement
SetWindowTextW
GetKeyState
EqualRect
ExitWindowsEx
GetTopWindow
DrawAnimatedRects
GetDC
IsClipboardFormatAvailable
GetClassInfoExW
FindWindowW
MapDialogRect
GetWindowDC
GetWindowRect
CopyRect
LockWindowUpdate
GetWindow
GetDlgCtrlID
GetParent
MessageBoxW
LoadStringW
CharUpperBuffW
SetForegroundWindow
GetScrollInfo
EndPaint
GetClassNameW
FillRect
LoadIconW
SetMenuItemInfoW
IsWindowVisible
ClientToScreen
CreateDialogParamW
IsCharAlphaW
CallNextHookEx
DestroyWindow
OffsetRect
DestroyIcon
IsMenu
RegisterWindowMessageW
IsDialogMessageW
ReleaseDC
GetActiveWindow
SetWindowsHookExW
EnableMenuItem
UnregisterClassA
GetCursor
GetMonitorInfoW
ModifyMenuW
InvalidateRect
LoadBitmapW
EndDialog
GetMenuItemInfoW
PostQuitMessage
SetTimer
CharLowerW
GetMessageW
IsIconic
ScreenToClient
CloseClipboard
SetMenuDefaultItem
SetClipboardData
GetCapture
GetDlgItem
MessageBeep
IsRectEmpty
CallWindowProcW
IsChild
GetWindowLongW
MsgWaitForMultipleObjects
MonitorFromPoint
DrawFrameControl
GetClipboardData
SetScrollPos
DeleteMenu
SystemParametersInfoW
wsprintfW
ScrollWindowEx
SendMessageW
DestroyMenu
TabbedTextOutW
FrameRect
IsWindow
GetSubMenu
CreateWindowExW
DrawStateW
IsCharLowerW
DrawFocusRect
LoadCursorW
GetMessagePos
PostMessageW
GetWindowTextLengthW
DefWindowProcW
TrackPopupMenu
GetTabbedTextExtentW
SetCapture
GetClientRect
SetCursorPos
SetFocus
InflateRect
GetScrollPos
SetWindowPos
OpenClipboard
CharNextW
LoadImageW
GetMenu
TrackPopupMenuEx
ReleaseCapture
GetGUIThreadInfo
BeginDeferWindowPos
DispatchMessageW
WindowFromPoint
MoveWindow
GetMenuItemCount
WindowFromDC
IsCharAlphaNumericW
GetFocus
IntersectRect
KillTimer
TranslateMessage
UpdateWindow
GetDesktopWindow
DrawEdge
GetSystemMenu
GetSystemMetrics
DrawIconEx
PtInRect
DialogBoxParamW
EnableWindow
RemoveMenu
SetWindowLongW
BeginPaint
RedrawWindow
DeferWindowPos
SetCursor
SetRectEmpty
AppendMenuW
GetSysColor
TranslateAcceleratorW
ShowWindow
AttachThreadInput
EmptyClipboard
GetWindowThreadProcessId
SetMenu
MapWindowPoints
GetNextDlgTabItem
DrawTextW
GetWindowTextW
GetCursorPos
CreatePopupMenu
GetSysColorBrush
SetScrollInfo
SetDlgItemTextW
LoadMenuW
AnimateWindow
UnhookWindowsHookEx
PeekMessageW
LoadAcceleratorsW
LoadStringA
EndDeferWindowPos
GetForegroundWindow
IsWindowEnabled
SetWindowPlacement
CharUpperW

shell32

SHGetDesktopFolder
ShellExecuteW
SHGetMalloc
ShellExecuteExW
SHAppBarMessage
SHGetSpecialFolderPathW
SHGetPathFromIDListW
DragQueryFileW
SHBrowseForFolderW
SHGetFileInfoW
SHGetFolderPathW
SHGetSpecialFolderLocation
DragAcceptFiles

userenv

UnloadUserProfile

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

gdi32

CombineRgn
UnrealizeObject
GetPixel
GetCurrentObject
RoundRect
CreateDIBSection
GetTextExtentExPointW
CreatePatternBrush
DeleteObject
IntersectClipRect
PatBlt
Polygon
MoveToEx
SetTextColor
SelectObject
SetViewportOrgEx
CreateSolidBrush
Rectangle
SetROP2
CreateBitmap
ExtTextOutW
GetStockObject
CreatePolygonRgn
SetBkMode
GetBkColor
SetBkColor
CreateFontIndirectW
GetDeviceCaps
SelectClipRgn
GetTextExtentPoint32W
SetPixel
GetTextMetricsW
CreateRectRgn
GetObjectType
SetBrushOrgEx
CreateRectRgnIndirect
PtInRegion
DeleteDC
LineTo
CreateCompatibleBitmap
SetTextAlign
BitBlt
CreatePen
TextOutW
GetClipRgn
ExtCreatePen
CreateCompatibleDC
GetObjectW

oleaut32

SafeArrayDestroy
VariantInit
SafeArrayCreateVectorEx
VariantChangeType
SysAllocStringByteLen
SafeArrayUnlock
SafeArrayCreate
SafeArrayUnaccessData
SysStringLen
SafeArrayLock
SafeArrayGetDim
LoadRegTypeLi
VarDateFromStr
VariantClear
VarBstrFromDate
SafeArrayGetLBound
VarBstrCmp
SafeArrayRedim
SysAllocString
SafeArrayGetUBound
VariantCopyInd
GetRecordInfoFromGuids
SystemTimeToVariantTime
DispCallFunc
SysAllocStringLen
VarDateFromUdate
SafeArrayGetVartype
SafeArrayGetElement
LoadTypeLi
SafeArrayCopy
GetErrorInfo
VariantCopy
SysFreeString
SysStringByteLen
SafeArrayAccessData
VariantTimeToSystemTime

secur32

GetUserNameExW
TranslateNameW

netapi32

NetApiBufferFree
NetQueryDisplayInformation

security

ExportSecurityContext
AcceptSecurityContext
ImpersonateSecurityContext

dinput8

DllRegisterServer
DllCanUnloadNow
DllUnregisterServer

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 258KB - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c0b237b5dc89a2086865ca9400aba240

Headers

File Characteristics

Imports

msimg32

shlwapi

ole32

comdlg32

activeds

comctl32

kernel32

advapi32

user32

shell32

userenv

version

gdi32

oleaut32

secur32

netapi32

security

dinput8

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 258KB - Virtual size: 258KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 258KB - Virtual size: 258KB

.rsrc
Size: 8KB - Virtual size: 7KB