5aafd0c843a17c131d9e03078dab95ef76eac3a1c8a9cc39127bba989d52291a

Sharing

Copy URL

Twitter E-mail

General

Target

5aafd0c843a17c131d9e03078dab95ef76eac3a1c8a9cc39127bba989d52291a
Size

2.4MB
MD5

99960f3f46ec0f1744bfa7b74fd2e230
SHA1

8a1b891f15508bbb686c74df546af63255d78a4d
SHA256

5aafd0c843a17c131d9e03078dab95ef76eac3a1c8a9cc39127bba989d52291a
SHA512

ca7e3fb2b806d114c255c4d3aebe4898e66fadb81924d68d13a1147808690327cb2a52a0f222465ff2420ec7e6d54c8ebabb99a72c4d0b3ceb2d9cb7a32c8377
SSDEEP

49152:WvGa2YbgJIfwmMFhUJzt4KBT/qrn0KtX2pVf:WuPYieFMFIqKVqptXoJ

Score

N/A

Malware Config

Signatures

Files

5aafd0c843a17c131d9e03078dab95ef76eac3a1c8a9cc39127bba989d52291a
.exe windows x86

68caa5f6ec5bcb6872e6cf76582ece26

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHAutoComplete
PathRemoveFileSpecA

winmm

waveInReset
waveInStop
waveOutClose
waveOutUnprepareHeader
waveOutReset
waveOutWrite
waveInStart
waveInAddBuffer
waveInPrepareHeader
waveInOpen
waveInGetNumDevs
waveOutPrepareHeader
waveOutOpen
waveOutGetNumDevs
sndPlaySoundA
waveInClose
PlaySoundA
waveInUnprepareHeader

kernel32

GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetStringTypeA
LCMapStringW
LCMapStringA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStdHandle
SetHandleCount
UnhandledExceptionFilter
IsBadWritePtr
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetFileType
SetStdHandle
HeapSize
TerminateProcess
GetACP
GetLocalTime
GetSystemTime
GetTimeZoneInformation
GetCommandLineA
GetStartupInfoA
ExitThread
HeapReAlloc
RaiseException
HeapFree
HeapAlloc
RtlUnwind
SetErrorMode
SetFileAttributesA
SystemTimeToFileTime
LocalFileTimeToFileTime
FindResourceExA
GetProfileIntA
GetProfileStringA
GetTempPathA
GetPrivateProfileSectionNamesA
GetExitCodeThread
ResetEvent
EnumResourceLanguagesA
EnumResourceNamesA
EnumResourceTypesA
CreateEventA
GetOEMCP
CloseHandle
TerminateThread
GetProcAddress
LoadLibraryA
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
SetEvent
ResumeThread
CreateThread
WaitForSingleObject
Sleep
VirtualFree
VirtualAlloc
DeleteFileA
WriteFile
lstrlenA
SetFilePointer
EndUpdateResourceA
UpdateResourceA
BeginUpdateResourceA
CopyFileA
ReadFile
GetFileSize
CreateFileA
GetFileAttributesA
lstrcatA
lstrcpyA
GetModuleFileNameA
GetTickCount
GetCurrentDirectoryA
LockResource
GlobalAlloc
LoadResource
SizeofResource
FindResourceA
GetDiskFreeSpaceExA
GetVolumeInformationA
GetLogicalDriveStringsA
LocalFree
GetStringTypeW
LocalAlloc
lstrcpynA
TlsAlloc
GlobalFlags
GetDiskFreeSpaceA
GetFileTime
SetFileTime
GetTempFileNameA
SetThreadPriority
GetCurrentThread
lstrcmpA
SetLastError
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetCurrentProcess
DuplicateHandle
MulDiv
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrlenW
FormatMessageA
MultiByteToWideChar
WideCharToMultiByte
FreeLibrary
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
LocalSize
GetVersion
GlobalSize
GlobalFree
OutputDebugStringA
GlobalLock
GlobalUnlock
ExitProcess
lstrcmpiA
DeleteCriticalSection
CancelIo
InterlockedExchange
InterlockedIncrement
InterlockedDecrement
GetQueuedCompletionStatus
CreateIoCompletionPort
GetSystemInfo
EnterCriticalSection
FindClose
PostQueuedCompletionStatus
LeaveCriticalSection
InitializeCriticalSection
WritePrivateProfileStringA
GetPrivateProfileIntA
GetPrivateProfileStringA
SetUnhandledExceptionFilter
CreateDirectoryA
GetLastError
MoveFileA
RemoveDirectoryA
FindFirstFileA
FindNextFileA

user32

ReuseDDElParam
SetMenu
TranslateAcceleratorA
LoadAcceleratorsA
MapDialogRect
SetWindowContextHelpId
ValidateRect
ShowOwnedPopups
PostQuitMessage
DestroyMenu
LoadStringA
PtInRect
IsZoomed
SetRectEmpty
CharUpperA
IsRectEmpty
FillRect
InvalidateRect
wvsprintfA
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
SetMenuItemBitmaps
ShowWindow
UnpackDDElParam
BringWindowToTop
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
GrayStringA
DispatchMessageA
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SetDlgItemInt
CheckDlgButton
SendDlgItemMessageA
MapWindowPoints
GetSysColor
PeekMessageA
KillTimer
GetClassNameA
GetSysColorBrush
InsertMenuA
GetMenuStringA
DestroyIcon
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
GetScrollRange
SetScrollRange
TranslateMessage
GetMessageA
LoadIconA
SendMessageA
EnableWindow
RegisterWindowMessageA
SetRect
PostMessageA
FindWindowA
SetTimer
MessageBoxA
wsprintfA
GetWindow
GetClientRect
SetCapture
LoadCursorA
SetCursor
ScreenToClient
UpdateWindow
WindowFromPoint
CopyAcceleratorTableA
ReleaseCapture
GetParent
IsWindowVisible
SetWindowPos
GetDlgCtrlID
GetFocus
GetCursorPos
EnableMenuItem
GetMenuItemCount
DeleteMenu
GetSubMenu
LoadMenuA
CharNextA
OffsetRect
GetNextDlgGroupItem
GetDCEx
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemID
TrackPopupMenu
GetWindowTextLengthA
GetWindowTextA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
SetWindowLongA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
UnregisterClassA
GetAsyncKeyState
DrawMenuBar
TranslateMDISysAccel
DefFrameProcA
ExcludeUpdateRgn
DefDlgProcA
GetTabbedTextExtentA
GetClipboardFormatNameA
SendMessageTimeoutA
IsWindowUnicode
GetWindowLongW
SetWindowLongW
UnionRect
DrawEdge
GetDoubleClickTime
SetCursorPos
GetMenuDefaultItem
GetCursor
GetMenuStringW
LookupIconIdFromDirectoryEx
GetKeyboardLayoutList
GetKeyboardState
ToAsciiEx
GetKeyboardLayout
MapVirtualKeyExA
GetKeyNameTextA
IsCharLowerA
IsClipboardFormatAvailable
DrawFrameControl
GetWindowRgn
HideCaret
ShowCaret
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetKeyState
GetClipboardData
DrawTextA
GetMenuState
ShowScrollBar
DrawIconEx
IntersectRect
LockWindowUpdate
RegisterClipboardFormatA
SetParent
InvertRect
PostThreadMessageA
ClientToScreen
IsMenu
GetMenuItemInfoA
CopyIcon
CreateIconIndirect
CreateIconFromResourceEx
WaitMessage
MapVirtualKeyA
SetWindowRgn
CreatePopupMenu
DrawAnimatedRects
EnumChildWindows
SetMenuDefaultItem
DrawFocusRect
DrawStateA
GetSystemMetrics
InflateRect
MessageBeep
CheckMenuItem
AppendMenuA
GetSystemMenu
LoadImageA
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
RedrawWindow
GetDesktopWindow
DestroyCursor
SetClassLongA
ReleaseDC
GetDC
GetIconInfo
CheckMenuRadioItem
GetWindowRect

gdi32

CreateCompatibleDC
CreateDIBSection
SelectObject
DeleteObject
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
SetTextAlign
GetCurrentPositionEx
RestoreDC
PolyBezierTo
GetClipRgn
StretchDIBits
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreatePen
CreatePatternBrush
PtVisible
RectVisible
Escape
CreateFontIndirectA
CopyMetaFileA
GetMapMode
SetRectRgn
CombineRgn
GetTextColor
GetBkColor
GetStockObject
BitBlt
ExtTextOutA
SetTextColor
SetBkColor
CreateSolidBrush
GetObjectA
TextOutA
SetBkMode
GetClipBox
CreateBitmap
LPtoDP
DPtoLP
PatBlt
CreateRectRgnIndirect
GetTextExtentPoint32A
GetTextMetricsA
DeleteDC
CreateCompatibleBitmap
GetCharWidthA
CreateFontA
ExtSelectClipRgn
SaveDC
SetStretchBltMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
CreateRectRgn
Polygon
GetWindowOrgEx
ExtCreateRegion
StretchBlt
GetDIBits
SetPixel
GetPixel
PtInRegion
GetCurrentObject
GetTextAlign
EnumFontFamiliesExA
GetBitmapBits
GetRgnBox
CreatePolygonRgn
RoundRect
Polyline
GetViewportOrgEx
ExtFloodFill
Ellipse
StrokePath
FillPath
StrokeAndFillPath
EndPath
CloseFigure
BeginPath
GetTextExtentPoint32W
ExtTextOutW
GetTextExtentPointA
CreateDIBitmap
SetViewportExtEx

comdlg32

ChooseColorA
GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
SetFileSecurityA
RegCreateKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegSetValueA
GetFileSecurityA

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHAppBarMessage
SHGetMalloc
SHGetFileInfoA
DragFinish
Shell_NotifyIconA
ExtractIconA
DragQueryFileA
ord71
ShellExecuteA

comctl32

CreatePropertySheetPageA
ImageList_LoadImageA
ImageList_Create
ImageList_Destroy
ord17
ImageList_AddMasked
ImageList_ReplaceIcon
DestroyPropertySheetPage
ImageList_Remove
ImageList_Draw
PropertySheetA
ImageList_GetImageInfo
ImageList_Add
ImageList_DrawEx
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_GetIcon
_TrackMouseEvent

oledlg

ord1
ord8

ole32

CoTaskMemFree
CoTaskMemAlloc
OleDuplicateData
CoDisconnectObject
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
CoUninitialize
CoInitialize
ReleaseStgMedium
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleGetClipboard

olepro32

ord253

oleaut32

SafeArrayGetDim
VariantClear
VariantCopy
SysAllocString
SysAllocStringByteLen
VariantChangeType
SysStringByteLen
VarDateFromStr
VarBstrFromDate
SafeArrayGetElemsize
SysFreeString
SysAllocStringLen
VariantTimeToSystemTime
SysStringLen
LoadTypeLi
SafeArrayGetLBound
SafeArrayAccessData
SafeArrayUnaccessData
OleLoadPicturePath
VariantChangeTypeEx
SafeArrayGetUBound

ws2_32

WSACreateEvent
WSAEventSelect
bind
listen
socket
ioctlsocket
htons
connect
select
WSAStartup
gethostname
gethostbyname
WSACleanup
WSASocketA
getpeername
inet_ntoa
WSAWaitForMultipleEvents
getsockname
ntohs
__WSAFDIsSet
inet_addr
send
recv
WSACloseEvent
WSASend
WSARecv
setsockopt
WSAGetLastError
WSAEnumNetworkEvents
closesocket
WSAIoctl
accept

pdh

PdhAddCounterA
PdhOpenQueryA
PdhGetFormattedCounterValue
PdhCollectQueryData
PdhCloseQuery

avifil32

AVIFileExit
AVIStreamSetFormat
AVIFileCreateStreamA
AVIFileOpenA
AVIStreamWrite
AVIFileRelease
AVIFileInit
AVIStreamRelease

msvfw32

ICDecompress
DrawDibOpen
DrawDibClose
DrawDibDraw

skinh

SkinH_AttachRes
SkinH_AdjustHSV
SkinH_AdjustAero
SkinH_SetMenuAlpha
SkinH_SetAero

wininet

InternetGetLastResponseInfoA
InternetCloseHandle
FtpPutFileA
InternetConnectA
InternetSetStatusCallback
InternetOpenA
InternetOpenUrlA
InternetReadFile

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 580KB - Virtual size: 580KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

68caa5f6ec5bcb6872e6cf76582ece26

Headers

File Characteristics

Imports

shlwapi

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

ws2_32

pdh

avifil32

msvfw32

skinh

wininet

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 260KB - Virtual size: 258KB

.data Size: 92KB - Virtual size: 114KB

.rsrc Size: 580KB - Virtual size: 580KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 260KB - Virtual size: 258KB

.data
Size: 92KB - Virtual size: 114KB

.rsrc
Size: 580KB - Virtual size: 580KB