155de94cfe1344bf12d70dc67bbb8a417163ed4062b19a08526ef213f7125456

Sharing

Copy URL

Twitter E-mail

General

Target

155de94cfe1344bf12d70dc67bbb8a417163ed4062b19a08526ef213f7125456
Size

281KB
MD5

e050ff820d3f4786ad2f05931ed62a7d
SHA1

70048d7c1fe1ddce89dc2be347ba696789c55512
SHA256

155de94cfe1344bf12d70dc67bbb8a417163ed4062b19a08526ef213f7125456
SHA512

3066533f768db777c15201ebc5875f1077484b39d4a90c3ef78c9afddc84895391942e1be8e524d121c5ed6621b5b47fc2380e4e99111b6c53004398ca0a8335
SSDEEP

6144:YAjYIKd4yigl6vffQGe1gGoSFInOl4Dtb73:Y6XdffQaFVn+w3

Score

N/A

Malware Config

Signatures

Files

155de94cfe1344bf12d70dc67bbb8a417163ed4062b19a08526ef213f7125456
.exe windows x86

ddd41cabade267a857ad89d12239e73f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EnableWindow
SetCursor
GetMonitorInfoW
MonitorFromWindow
UnhookWindowsHookEx
DestroyWindow
SetWindowContextHelpId
GetWindowTextW
MapDialogRect
IsWindowEnabled
SetWindowPos
ShowWindow
GetWindowTextLengthW
EndPaint
MessageBoxExW
SetFocus
SendMessageA
GetKeyState
EqualRect
CharToOemBuffA
IsWindow
IntersectRect
IsChild
GetClientRect
LoadCursorW
InvalidateRect
GetFocus
SendMessageW
AdjustWindowRectEx
MapWindowPoints
PostMessageW
GetWindow
GetClassInfoExW
ReleaseDC
SetWindowTextW
BeginPaint
DefWindowProcW
GetWindowRect
OffsetRect
UnionRect
CallWindowProcW
RegisterClassExW
SetWindowRgn
UnregisterClassA
CreateWindowExW
GetDC
EndDialog
GetParent
PtInRect
SetWindowLongW
GetMenu
GetWindowLongW
CallNextHookEx
GetClassNameW
SetWindowsHookExW
CharNextW

ole32

ProgIDFromCLSID
StringFromGUID2
CoCreateGuid
StringFromCLSID
OleRegEnumVerbs
OleRegGetUserType
CLSIDFromString
CreateOleAdviseHolder
CoCreateInstance
CreateStreamOnHGlobal
CreateDataAdviseHolder
CLSIDFromProgID
OleRegGetMiscStatus
CoTaskMemAlloc
IIDFromString
CoTaskMemFree

gdi32

DeleteDC
DeleteMetaFile
GetDeviceCaps
CloseMetaFile
RestoreDC
SetWindowOrgEx
CreateMetaFileW
TextOutW
SaveDC
CreateFontIndirectW
SetViewportOrgEx
SetTextAlign
SetMapMode
SetWindowExtEx
CreateRectRgnIndirect
DeleteObject
LPtoDP

shlwapi

PathFindFileNameW
PathIsRootW
PathCanonicalizeW
PathStripPathW
PathIsRelativeW
PathRemoveExtensionW
PathStripToRootW
PathFileExistsW
PathIsURLW

kernel32

GlobalUnlock
GetFileSize
MapViewOfFile
GetSystemDefaultLCID
SetFileAttributesA
CreateDirectoryW
FindNextFileW
HeapAlloc
EnumResourceNamesW
UnmapViewOfFile
CreateFileMappingW
GetSystemTimeAsFileTime
HeapDestroy
GetFullPathNameW
CloseHandle
MulDiv
HeapReAlloc
IsValidCodePage
ReadFile
GetShortPathNameW
InterlockedPopEntrySList
GetModuleHandleW
SetUnhandledExceptionFilter
GlobalLock
FreeLibrary
GetProcessHeap
FindFirstFileW
CreateEventW
SwitchToThread
FlushInstructionCache
LocalAlloc
LeaveCriticalSection
GetCurrentThreadId
TlsSetValue
SetFileAttributesW
FindClose
GetComputerNameW
UnhandledExceptionFilter
SizeofResource
InitializeCriticalSectionAndSpinCount
WaitForSingleObject
RemoveDirectoryW
SetLastError
VirtualFree
CreateFileA
CopyFileW
ExpandEnvironmentStringsW
TlsAlloc
lstrlenA
IsProcessorFeaturePresent
HeapSize
lstrcmpW
SetThreadPriority
HeapFree
GetACP
OutputDebugStringW
GlobalAlloc
DeleteCriticalSection
TlsGetValue
CopyFileA
InterlockedPushEntrySList
GetCurrentDirectoryW
WideCharToMultiByte
FindResourceW
VirtualAlloc
IsDebuggerPresent
LoadResource
EnterCriticalSection
RaiseException
CreateFileW
FindResourceExW
TlsFree
lstrlenW
CreateThread
LockResource
GetVersion
VirtualAllocEx

advapi32

RegEnumKeyExW
RegOpenKeyExA
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegCloseKey
RegSetValueExW

oleaut32

SysFreeString
SafeArrayCopy
SafeArrayGetUBound
SafeArrayCreate
VarBstrCmp
SafeArrayLock
SafeArrayUnaccessData
SafeArrayGetElement
SafeArrayGetVartype
OleCreatePropertyFrame
VariantClear
UnRegisterTypeLi
SafeArrayGetLBound
DispCallFunc
LoadTypeLi
SysAllocString
SysAllocStringLen
GetErrorInfo
VariantInit
SysStringByteLen
SafeArrayAccessData
VariantCopy
SafeArrayDestroy
VariantChangeType
VarBstrCat
SafeArrayUnlock
SysStringLen
RegisterTypeLi
SysAllocStringByteLen
LoadRegTypeLi

userenv

GetProfileType
UnloadUserProfile
FreeGPOListA
ExpandEnvironmentStringsForUserA
DllRegisterServer
GetGPOListW
GetAllUsersProfileDirectoryW

compstui

CommonPropertySheetUIA
CommonPropertySheetUIW
SetCPSUIUserData

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 229KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ddd41cabade267a857ad89d12239e73f

Headers

File Characteristics

Imports

user32

ole32

gdi32

shlwapi

kernel32

advapi32

oleaut32

userenv

compstui

Sections

.text Size: 17KB - Virtual size: 17KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 229KB - Virtual size: 232KB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 17KB - Virtual size: 17KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 229KB - Virtual size: 232KB

.rsrc
Size: 28KB - Virtual size: 27KB