56804550b129d8e698711f54bf1146dd779615d10619a20f84868ff562d66dbf

Sharing

Copy URL Twitter E-mail

General

Target

56804550b129d8e698711f54bf1146dd779615d10619a20f84868ff562d66dbf
Size

412KB
MD5

a6b7ebc229020a1d1374ad847e704c40
SHA1

b34500ddbf14a4d84c3a757795ba00a6d32c6bca
SHA256

56804550b129d8e698711f54bf1146dd779615d10619a20f84868ff562d66dbf
SHA512

9a55b2e40ecd8cbd516e1f5acb720db951c4b8cb8124b598021321ac9566e39fb8d9aab193c0e2cd557805097b245f1a44c6fc364b447119b895b45def2f05e4
SSDEEP

12288:KkpxDUAosWaBcKFML4OcJxtrIVcCKLWPV:KkpdXoabuL4OcPgcCK

Score

N/A

Malware Config

Signatures

Files

56804550b129d8e698711f54bf1146dd779615d10619a20f84868ff562d66dbf
.dll windows x86

0ba7238d74134c2ba8a8fedb4c0c3e93

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

StartPage
StartDocW
SetLayout
SelectObject
GetTextMetricsW
GetObjectW
GetFontUnicodeRanges
GetDeviceCaps
EndPage
EndDoc
DeleteDC
CreateFontIndirectW
CreateCompatibleDC
CreateBitmap
ChoosePixelFormat

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

shell32

CommandLineToArgvW
SHGetFolderPathW
ShellExecuteExW
FreeIconList

user32

UnloadKeyboardLayout
SystemParametersInfoW
ShowWindow
SetWindowTextW
SetWindowLongW
SetFocus
SetDlgItemTextW
SendMessageW
SendDlgItemMessageW
ReleaseDC
RegisterClassExW
PostQuitMessage
PostMessageW
MessageBoxW
LoadImageW
LoadIconW
LoadBitmapW
InvalidateRect
GetWindowLongW
GetWindowInfo
GetUserObjectInformationW
GetSystemMetrics
GetParent
GetKBCodePage
GetIconInfo
GetDlgItem
GetDC
EndDialog
DrawTextExW
DrawIconEx
DialogBoxParamW
DestroyWindow
DestroyIcon
DefWindowProcW
CreateWindowExW
CreateIconIndirect
CreateIconFromResource
CheckDlgButton
CharLowerW
CallWindowProcW
AllowSetForegroundWindow
ValidateRect
WaitMessage
UnregisterClassA
GetProcessWindowStation
GetSysColor

setupapi

SetupDiOpenClassRegKey
SetupTermDefaultQueueCallback
SetupQueueCopyW
SetupQueueCopyIndirectW
SetupOpenInfFileW
SetupOpenFileQueue
SetupOpenAppendInfFileW
SetupInstallServicesFromInfSectionW
SetupInstallFromInfSectionW
SetupGetStringFieldW
SetupGetLineCountW
SetupGetIntField
SetupGetFieldCount
SetupFindNextMatchLineW
SetupFindNextLine
SetupFindFirstLineW
SetupDiSetSelectedDevice
SetupDiSetDeviceRegistryPropertyW
SetupDiOpenDeviceInfoW
SetupDiOpenDevRegKey
CMP_WaitNoPendingInstallEvents
SetupDiGetSelectedDriverW
SetupDiGetDriverInfoDetailW
SetupDiGetDeviceInstanceIdW
SetupDiGetDeviceInstallParamsW
SetupDiGetClassDevsW
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiCreateDeviceInfoList
SetupDiCallClassInstaller
SetupDiBuildDriverInfoList
SetupCopyOEMInfW
SetupCommitFileQueueW
SetupCloseInfFile
SetupCloseFileQueue
CM_Setup_DevNode
CM_Query_And_Remove_SubTreeW
CM_Locate_DevNodeW
CM_Get_Device_IDW
CM_Get_DevNode_Status
CM_Enumerate_Classes

kernel32

GetModuleFileNameW
lstrlenW
lstrcmpW
WriteFile
WriteConsoleOutputW
WriteConsoleA
WideCharToMultiByte
WaitForSingleObjectEx
WaitForSingleObject
WaitForMultipleObjectsEx
VirtualQuery
VirtualFree
VirtualAlloc
VerifyVersionInfoW
VerSetConditionMask
TlsSetValue
TlsAlloc
Thread32First
TerminateProcess
SuspendThread
Sleep
SizeofResource
SetUnhandledExceptionFilter
SetThreadLocale
SetThreadContext
SetLastError
SetHandleCount
SetFileAttributesW
SetEvent
SetCurrentDirectoryW
SearchPathW
ReleaseMutex
ReadFile
RaiseException
QueryPerformanceCounter
OutputDebugStringA
MultiByteToWideChar
MapViewOfFile
LockResource
LocalShrink
LocalReAlloc
LocalAlloc
LoadResource
LoadLibraryW
LoadLibraryExW
LoadLibraryExA
LoadLibraryA
IsValidLocale
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
InitializeCriticalSection
HeapSize
HeapCreate
HeapAlloc
GlobalUnlock
GlobalMemoryStatusEx
GlobalLock
GlobalFree
GetWindowsDirectoryW
GetVersionExW
GetVersionExA
GetTickCount
GetTempFileNameW
GetSystemTimeAsFileTime
GetSystemInfo
GetSystemDirectoryW
GetStringTypeW
CloseHandle
CompareStringW
CopyFileW
CreateDirectoryW
CreateEventW
CreateFileA
CreateFileMappingW
CreateMutexW
CreateTapePartition
DeleteCriticalSection
DeviceIoControl
EnterCriticalSection
ExitProcess
FillConsoleOutputCharacterW
FindNextFileW
FindResourceExW
FindResourceW
FlushFileBuffers
GetStringTypeA
FreeConsole
FreeEnvironmentStringsW
GetACP
GetCPInfo
GetCommandLineW
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStringsA
GetEnvironmentStringsW
GetEnvironmentVariableW
GetExitCodeProcess
GetFileAttributesW
GetFileInformationByHandle
GetFileSize
GetFileType
GetLastError
GetLocaleInfoA
GetLocaleInfoW
FormatMessageW
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetProcessPriorityBoost
GetProcessVersion
GetShortPathNameW
GetStartupInfoA
GetStartupInfoW
GetStdHandle

advapi32

AllocateAndInitializeSid
CheckTokenMembership
CloseServiceHandle
ControlService
DeleteService
EqualSid
FreeSid
GetLengthSid
GetSecurityDescriptorControl
GetTokenInformation
InitializeAcl
InitializeSecurityDescriptor
IsTextUnicode
LsaOpenTrustedDomain
MakeSelfRelativeSD
SetEntriesInAclW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
ReadEncryptedFileRaw
QueryServiceStatus
OpenSCManagerW
OpenProcessToken
AddAccessAllowedAce

Exports

Exports

GetGlobals
_Contains
mem_level
set_invert_alpha

Sections

.text
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 194KB - Virtual size: 194KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 102KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0ba7238d74134c2ba8a8fedb4c0c3e93

Headers

File Characteristics

Imports

gdi32

version

shell32

user32

setupapi

kernel32

advapi32

Exports

Exports

Sections

.text Size: 89KB - Virtual size: 89KB

.rdata Size: 194KB - Virtual size: 194KB

.data Size: 102KB - Virtual size: 103KB

.rsrc Size: 22KB - Virtual size: 21KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 89KB - Virtual size: 89KB

.rdata
Size: 194KB - Virtual size: 194KB

.data
Size: 102KB - Virtual size: 103KB

.rsrc
Size: 22KB - Virtual size: 21KB

.reloc
Size: 3KB - Virtual size: 2KB