1b72b74205022b1338257fa6189e1027d8177d1826e999524c08d2e1593e6b78

Sharing

Copy URL Twitter E-mail

General

Target

1b72b74205022b1338257fa6189e1027d8177d1826e999524c08d2e1593e6b78
Size

820KB
MD5

bd6651d7fcf939d6f70a3f85fe209990
SHA1

030a8a6c2f6f953e8e0c4089467c389f834017b4
SHA256

1b72b74205022b1338257fa6189e1027d8177d1826e999524c08d2e1593e6b78
SHA512

7ed79ea2c06f964f6d2c7efe8a9754d05f64d68c4cf7678ffaed3450394e7a9705e269fbc7e4db68a68f9ef28dd3b8e245b7a8c99da0f4113f90555d42a9dd9b
SSDEEP

24576:g3D8jEUkmJVFSuPqhJz80/Kd2/QYoZdIkTbXgW+qP:gz1mrFfPax8lJDTbP

Score

N/A

Malware Config

Signatures

Files

1b72b74205022b1338257fa6189e1027d8177d1826e999524c08d2e1593e6b78
.exe windows x86

f8aa70fdb125486159e3e0caed14ed47

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
SetFileTime
FlushFileBuffers
CloseHandle
GlobalAlloc
CreateFileA
InterlockedIncrement
SetHandleCount
FreeEnvironmentStringsA
GlobalFlags
GetSystemInfo
FileTimeToSystemTime
DuplicateHandle
GetConsoleCP
FreeResource
QueryPerformanceCounter
SetFilePointer
GetSystemTimeAsFileTime
InitializeCriticalSection
lstrcmpA
GlobalHandle
GetModuleFileNameA
InterlockedDecrement
GetSystemDirectoryA
UnlockFile
GlobalLock
RaiseException
GetVersionExA
GetLocaleInfoA
HeapDestroy
HeapCreate
HeapSize
TerminateProcess
GlobalUnlock
GlobalReAlloc
SystemTimeToFileTime
GlobalFree
CompareStringA
TlsFree
EnumResourceLanguagesW
lstrlenA
GetFileSize
GlobalDeleteAtom
ReadFile
GetConsoleMode
GetCurrentThread
Sleep
GetStringTypeA
SetLastError
DeleteCriticalSection
HeapReAlloc
FileTimeToLocalFileTime
TlsSetValue
WriteFile
GetWindowsDirectoryA
GetProcessHeap
SetErrorMode
LockResource
GetCommandLineW
VirtualFree
VirtualQuery
SetEnvironmentVariableA
FreeLibrary
GetStdHandle
IsDebuggerPresent
ConvertDefaultLocale
MulDiv
TlsAlloc
LeaveCriticalSection
UnhandledExceptionFilter
InterlockedExchange
LockFile
SetEndOfFile
RtlUnwind
LoadResource
VirtualAlloc
GetVersion
GetEnvironmentStrings
SetUnhandledExceptionFilter
SetStdHandle
GetThreadLocale
GetConsoleOutputCP
EnterCriticalSection
GetFileType
GetStartupInfoA
HeapAlloc
TlsGetValue
VirtualProtect
GetCurrentProcessId
GetTimeZoneInformation
LCMapStringA
LocalFileTimeToFileTime
GetACP
GetCommandLineA
GetFileTime
LocalReAlloc
SizeofResource
HeapFree
ExitProcess
LocalFree
GetCurrentThreadId
GetModuleHandleA
GetOEMCP
FindAtomA
AddAtomA
LocalAlloc
WriteConsoleA
LoadLibraryA
GetProcAddress
ReadConsoleInputA
FindClose
GetTickCount

user32

ReuseDDElParam
ScreenToClient
MoveWindow
SetMenu
CopyRect
KillTimer
TrackPopupMenu
CheckMenuItem
InvalidateRgn
GetClientRect
GetSubMenu
GetSysColorBrush
SetWindowPos
GetWindowDC
GetDlgCtrlID
GetMessageTime
AdjustWindowRectEx
GetWindowThreadProcessId
GetCursorPos
BeginDeferWindowPos
GetMenuItemID
GetSysColor
UpdateWindow
GetWindow
GetWindowRgn
GetDCEx
ReleaseCapture
SendDlgItemMessageA
InvalidateRect
GetActiveWindow
GetMenu
IsWindowEnabled
GetNextDlgGroupItem
DestroyMenu
ClientToScreen
SetRect
RedrawWindow
GetSystemMetrics
SetCursor
GetParent
DestroyIcon
GetNextDlgTabItem
IsChild
CallNextHookEx
MapDialogRect
GetKeyState
FillRect
SystemParametersInfoA
GetSystemMenu
ShowOwnedPopups
SetScrollInfo
DrawIcon
PtInRect
GetDlgItem
GetFocus
IsRectEmpty
IsWindow
ShowScrollBar
PostQuitMessage
InflateRect
CreatePopupMenu
GetScrollPos
IsIconic
GetMenuState
GetTopWindow
MessageBeep
SetParent
SetScrollRange
DestroyWindow
EndDialog
UnregisterClassA
IsWindowVisible
SetCapture
GetWindowRect
ScrollWindow
EndPaint
WindowFromPoint
EnableMenuItem
UnpackDDElParam
EndDeferWindowPos
MapWindowPoints
SetScrollPos
SetWindowRgn
SetFocus
GetDesktopWindow
SetForegroundWindow
ShowWindow
SetActiveWindow
ReleaseDC
BeginPaint
GetMenuCheckMarkDimensions
EqualRect
UnhookWindowsHookEx
GetMessagePos
SetWindowContextHelpId
SetRectEmpty
GetLastActivePopup
GetForegroundWindow
DeferWindowPos
DeleteMenu
SetMenuItemBitmaps
GetCapture
GetMenuItemCount
GetScrollRange
IntersectRect
TranslateMessage
GetScrollInfo
OffsetRect
IsZoomed
ValidateRect
SetTimer
GetDC
LockWindowUpdate
GetWindowPlacement
BringWindowToTop

gdi32

GetBkColor
DeleteObject
CreateBitmap
GetClipBox
IntersectClipRect
SetMapMode
GetDeviceCaps
DeleteDC
SaveDC
CreateCompatibleBitmap
Ellipse
CreateSolidBrush
GetRgnBox
RestoreDC
CreatePatternBrush
CombineRgn
GetWindowExtEx
SetWindowExtEx
OffsetRgn
CreateRectRgn
SelectClipRgn
SetViewportExtEx
SetViewportOrgEx
RectVisible
Escape
StretchDIBits
PtVisible
SelectObject
BitBlt
GetPixel
CreateEllipticRgn
SetBkColor
ExtSelectClipRgn
GetTextColor
SetTextColor
ScaleViewportExtEx
ExcludeClipRect
GetStockObject
PatBlt
SetRectRgn
CreateRectRgnIndirect
GetMapMode
OffsetViewportOrgEx
DPtoLP
SetBkMode
ScaleWindowExtEx
CreateCompatibleDC

advapi32

SetFileSecurityW
RegCloseKey

shell32

DragFinish
DragAcceptFiles

ole32

OleUninitialize
CoRegisterMessageFilter
CreateStreamOnHGlobal
OleIsCurrentClipboard
CoCreateInstance
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
OleInitialize
CoGetClassObject
CLSIDFromString
CoFreeUnusedLibraries
CLSIDFromProgID
CreateILockBytesOnHGlobal
CoRevokeClassObject
OleFlushClipboard

oleaut32

VariantInit
VariantCopy
SysAllocStringLen
SysAllocString
SafeArrayDestroy
VariantClear
SystemTimeToVariantTime
VariantChangeType
OleCreateFontIndirect
VariantTimeToSystemTime
SysFreeString
SysStringLen
OleLoadPicture

comctl32

ImageList_LoadImageW

shlwapi

PathFileExistsW
PathFindExtensionW
PathIsUNCW
PathFindFileNameW
PathRemoveExtensionW
PathStripToRootW

wldap32

ord201

Sections

.text
Size: 640KB - Virtual size: 639KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 153KB - Virtual size: 5.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 101B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f8aa70fdb125486159e3e0caed14ed47

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

wldap32

Sections

.text Size: 640KB - Virtual size: 639KB

.data Size: 153KB - Virtual size: 5.4MB

.tls Size: - Virtual size: 101B

.rsrc Size: 17KB - Virtual size: 16KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 640KB - Virtual size: 639KB

.data
Size: 153KB - Virtual size: 5.4MB

.tls
Size: - Virtual size: 101B

.rsrc
Size: 17KB - Virtual size: 16KB

.reloc
Size: 8KB - Virtual size: 7KB