af4ce0099ad41c6fdbabebd9244d4dd3fc459a8b8c7f3e0376625faca07e5dc3

Sharing

Copy URL

Twitter E-mail

General

Target

af4ce0099ad41c6fdbabebd9244d4dd3fc459a8b8c7f3e0376625faca07e5dc3
Size

307KB
MD5

b93f604981bd46d3321193c1808cbc4c
SHA1

215344139ee7f2dd406773c0c9092e39c4be5289
SHA256

af4ce0099ad41c6fdbabebd9244d4dd3fc459a8b8c7f3e0376625faca07e5dc3
SHA512

843e864a73ae5eb38f7a39ba86b812c51fea2280dfb8764ca371db5b2afb026264d22b2fa814b539c06ab14e32a982891bef825083e97d71dc5caf22de4a82ff
SSDEEP

6144:xDksaszLFCy9g8AqnqZyN+DoApNh3IYNgmF39Qz7x7v8/BJi7fdy5:xH5z5VnUyATh77/IF78+7

Score

N/A

Malware Config

Signatures

Files

af4ce0099ad41c6fdbabebd9244d4dd3fc459a8b8c7f3e0376625faca07e5dc3
.exe windows x86

e9c89215eda3907c2e988d1b352bb1ee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetBkColor
PtInRegion
GetTextExtentPoint32W
CreateRectRgnIndirect
CreateCompatibleBitmap
GetStockObject
GetClipRgn
Polygon
DeleteObject
GetTextExtentExPointW
CombineRgn
SetViewportOrgEx
TextOutW
CreatePen
CreateFontIndirectW
GetTextMetricsW
SelectClipRgn
GetObjectType
DeleteDC
SetTextColor
CreateSolidBrush
SetTextAlign
CreateRectRgn
ExtCreatePen
ExtTextOutW
BitBlt
SelectObject
SetROP2
SetBkMode
SetBkColor
CreateCompatibleDC
GetObjectW
RoundRect

kernel32

lstrcpynA
HeapReAlloc
SizeofResource
GetLongPathNameW
DeleteCriticalSection
SetLastError
HeapFree
FlushInstructionCache
FormatMessageW
CloseHandle
LocalFree
GetCurrentThreadId
OpenEventW
FindFirstFileW
SetUnhandledExceptionFilter
LoadResource
GlobalFree
RaiseException
VirtualAlloc
lstrcmpiW
FindNextFileW
OutputDebugStringA
DeleteFileW
HeapAlloc
GetACP
WaitForSingleObject
FatalAppExitW
lstrcmpW
UnhandledExceptionFilter
FreeLibrary
GetProcessHeap
FindResourceW
lstrcpyW
lstrcpynW
GetModuleHandleW
GlobalAlloc
LeaveCriticalSection
EnterCriticalSection
LocalAlloc
CreateThread
IsProcessorFeaturePresent
IsDebuggerPresent
lstrlenW
HeapDestroy
GetThreadLocale
GetModuleHandleA
GetSystemTimeAsFileTime
FindClose
FindResourceExW
LockResource
GlobalLock
VirtualFree
WideCharToMultiByte
HeapSize
GlobalUnlock
GetCurrentDirectoryA
lstrlenA

oleaut32

SafeArrayUnlock
LoadTypeLi
VariantInit
VariantClear
SafeArrayDestroy
SafeArrayCreate
SafeArrayGetVartype
SafeArrayGetUBound
DispCallFunc
SysStringLen
SysAllocStringByteLen
SafeArrayCopy
SysFreeString
SysAllocString
LoadRegTypeLi
VarBstrCmp
VariantCopyInd
SysStringByteLen
SafeArrayRedim
SafeArrayAccessData
SafeArrayGetLBound
SafeArrayLock
SafeArrayUnaccessData

msimg32

GradientFill

advapi32

ImpersonateSelf
RegOpenKeyExW
GetSidSubAuthorityCount
CopySid
IsValidSid
RegDeleteValueW
InitializeSid
GetSidLengthRequired
RegCloseKey
RevertToSelf
RegCreateKeyExW
RegQueryValueExW
RegSetValueExW
OpenThreadToken
EqualSid
RegDeleteKeyW
GetSidSubAuthority
GetTokenInformation
GetLengthSid

userenv

UnloadUserProfile

user32

GetGUIThreadInfo
InvalidateRect
DrawFocusRect
GetWindow
SetDlgItemTextW
ReleaseCapture
GetClientRect
UnregisterClassA
DrawTextW
SetCursor
GetCursorPos
ScreenToClient
SetWindowsHookExW
GetWindowTextW
GetActiveWindow
MapWindowPoints
GetCapture
GetDlgItem
SetWindowTextW
EmptyClipboard
MessageBoxW
DrawStateW
ReleaseDC
SetTimer
OpenClipboard
RedrawWindow
GetWindowThreadProcessId
MoveWindow
GetDlgCtrlID
GetClassNameW
UnhookWindowsHookEx
DefWindowProcW
DestroyIcon
DialogBoxParamW
GetFocus
CloseClipboard
InsertMenuW
PtInRect
OffsetRect
IsWindow
RegisterClipboardFormatW
SetFocus
KillTimer
GetTopWindow
BeginPaint
IsWindowEnabled
SetForegroundWindow
CreateWindowExW
GetParent
EndDialog
LoadImageW
SetWindowPos
GetTabbedTextExtentW
PostMessageW
GetSystemMetrics
LoadCursorW
SystemParametersInfoW
GetKeyState
CallNextHookEx
GetWindowDC
DestroyWindow
InflateRect
SetWindowPlacement
CallWindowProcW
GetWindowRect
GetNextDlgTabItem
IsRectEmpty
SendMessageW
DrawIconEx
TabbedTextOutW
GetSysColor
CopyRect
EndPaint
GetDC
GetWindowPlacement
SetCapture
ShowWindow
GetWindowTextLengthW
SetWindowLongW
SetRectEmpty
IsCharAlphaNumericW
MapDialogRect
SetClipboardData
GetWindowLongW

shlwapi

StrChrW
ColorAdjustLuma

ole32

CoGetObject
CreateStreamOnHGlobal
StringFromGUID2
CoCreateInstance
ReleaseStgMedium

shell32

SHGetMalloc
SHGetDesktopFolder
SHGetPathFromIDListW
SHGetFolderLocation
ShellExecuteExW
DragQueryFileW

certcli

CASetCAExpiration
CAEnumNextCA
CACountCAs
CAIsCertTypeCurrent
CAOIDFreeProperty
CAGetCertTypePropertyEx
CAOIDAdd

qedit

DllRegisterServer

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 72KB - Virtual size: 771KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 139KB - Virtual size: 456KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 978KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e9c89215eda3907c2e988d1b352bb1ee

Headers

File Characteristics

Imports

gdi32

kernel32

oleaut32

msimg32

advapi32

userenv

user32

shlwapi

ole32

shell32

certcli

qedit

Sections

.text Size: 16KB - Virtual size: 15KB

.bss Size: 72KB - Virtual size: 771KB

.reloc Size: 139KB - Virtual size: 456KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 59KB - Virtual size: 978KB

.rsrc Size: 14KB - Virtual size: 98KB

.text
Size: 16KB - Virtual size: 15KB

.bss
Size: 72KB - Virtual size: 771KB

.reloc
Size: 139KB - Virtual size: 456KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 59KB - Virtual size: 978KB

.rsrc
Size: 14KB - Virtual size: 98KB