33716e6481ce4b64854ce2f158d4ae6f4c7d437ac379340311f40ee2274839a7

Sharing

Copy URL

Twitter E-mail

General

Target

33716e6481ce4b64854ce2f158d4ae6f4c7d437ac379340311f40ee2274839a7
Size

399KB
MD5

bcd920f4f425d67fd5727c0d3235ebd8
SHA1

79f04a2c42b2b63943048a085c37096f6ac1f68e
SHA256

33716e6481ce4b64854ce2f158d4ae6f4c7d437ac379340311f40ee2274839a7
SHA512

bb25cf50079849d941a0264b9c82aae34f6f43363f9c6374a667aa2e3f71555be4c0b6e08d76702baea861d7bc27ced8e732138ceaa41b3e189f810a66aa47a1
SSDEEP

12288:CyyOek26OPvdtl8ypXZrbLBbDww6MPa+rThVuCB5:KOejPPlXXOCT

Score

N/A

Malware Config

Signatures

Files

33716e6481ce4b64854ce2f158d4ae6f4c7d437ac379340311f40ee2274839a7
.exe windows x86

9eb058be6721ddcd02b0599aaa273714

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileIntW
WritePrivateProfileStringW
CreateFileW
GetLocalTime
Sleep
GetCurrentProcessId
MultiByteToWideChar
FindResourceW
SizeofResource
LockResource
LoadResource
GlobalAlloc
GlobalLock
GlobalUnlock
FindFirstFileW
FindNextFileW
lstrcmpW
SetLastError
SetEvent
CreateEventW
CreateThread
FlushInstructionCache
EnterCriticalSection
LeaveCriticalSection
RaiseException
lstrcmpiW
TerminateThread
CreateFileA
SetEndOfFile
GetModuleHandleA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
HeapReAlloc
GetPrivateProfileStringW
QueryPerformanceCounter
HeapCreate
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetConsoleMode
GetConsoleCP
ReadFile
GetStartupInfoA
GetFileType
SetHandleCount
SetFilePointer
InitializeCriticalSectionAndSpinCount
GetStdHandle
WriteFile
HeapSize
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
RtlUnwind
GetStartupInfoW
GetSystemTimeAsFileTime
CreateDirectoryA
GetFileAttributesA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
ExitProcess
DeleteCriticalSection
InitializeCriticalSection
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
CreateDirectoryW
OutputDebugStringW
WinExec
GetModuleFileNameW
WideCharToMultiByte
GetModuleFileNameA
FreeLibrary
lstrlenW
GetCurrentThreadId
VirtualFreeEx
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
GetModuleHandleW
GetLastError
OpenProcess
GetCurrentProcess
lstrcpyW
GetExitCodeProcess
WaitForSingleObject
CreateProcessW
lstrcatW
ReleaseSemaphore
OpenSemaphoreW
CloseHandle
CreateMutexW
GetProcAddress
LoadLibraryW
GetTickCount

user32

SetWindowTextW
EnableWindow
CreateDialogParamW
IsWindow
PostMessageW
CallWindowProcW
RemovePropW
ScreenToClient
GetWindowDC
SetPropW
GetFocus
RedrawWindow
FindWindowW
GetSysColor
InflateRect
DrawFocusRect
SetForegroundWindow
LoadAcceleratorsW
GetSysColorBrush
GetSystemMetrics
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
GetWindowThreadProcessId
GetClassInfoW
LoadCursorW
RegisterClassW
IsWindowEnabled
IsDlgButtonChecked
GetWindowTextW
CreateWindowExW
CallNextHookEx
SendMessageW
SetWindowsHookExW
UnhookWindowsHookEx
GetWindowLongW
SetWindowLongW
DefWindowProcW
OffsetRect
PtInRect
IsRectEmpty
SetRect
ClientToScreen
wsprintfW
DestroyWindow
GetWindowRect
SetCapture
ReleaseCapture
InvalidateRect
TrackMouseEvent
UpdateWindow
GetClientRect
BeginPaint
EndPaint
IsWindowVisible
FillRect
DrawTextW
FrameRect
SetWindowPos
ShowWindow
UpdateLayeredWindow
SetWindowRgn
GetDC
ReleaseDC
RegisterWindowMessageW
LoadIconW
UnregisterClassA
RegisterClassExW
SetTimer
KillTimer
SetRectEmpty
IntersectRect
GetCursorPos
WindowFromPoint
GetClassNameW
SendDlgItemMessageW
CheckDlgButton
GetDlgItem
MoveWindow
SetClassLongW
GetClassLongW
GetPropW
GetWindow
MonitorFromWindow
GetMonitorInfoW
GetParent
MapWindowPoints
UnionRect
PostQuitMessage
FindWindowExW
GetForegroundWindow
SetFocus
SetActiveWindow
BringWindowToTop
SystemParametersInfoW

gdi32

DeleteDC
TextOutW
GetTextExtentPoint32W
CombineRgn
BitBlt
GetStockObject
SetBkMode
SelectObject
SetTextColor
CreateSolidBrush
DeleteObject
CreateRectRgn
CreateCompatibleDC
CreateCompatibleBitmap
GetPixel

advapi32

RegCloseKey
RegCreateKeyExW
RegQueryValueExW
RegDeleteValueW
RegSetValueExW
OpenProcessToken
RegQueryValueW
RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW

shell32

SHGetSpecialFolderPathW
ShellExecuteW

ole32

CreateStreamOnHGlobal

shlwapi

PathRemoveFileSpecA
PathRemoveFileSpecW
PathFileExistsW

psapi

GetModuleFileNameExW
EnumProcessModules

winmm

timeBeginPeriod

msimg32

GradientFill

ws2_32

gethostbyname
inet_ntoa

resloader

Rdb_LoadSkinRes

comctl32

InitCommonControlsEx

gdiplus

GdipCloneImage
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdiplusShutdown
GdiplusStartup
GdipRestoreGraphics
GdipSetClipRectI
GdipSaveGraphics
GdipFillRectangle
GdipCreateTexture2
GdipFillRectangleI
GdipTranslateTextureTransform
GdipCreateTexture2I
GdipGetImageWidth
GdipGetImageHeight
GdipDrawImageRectRect
GdipDisposeImage
GdipCreateFromHDC
GdipSetStringFormatFlags
GdipDrawString
GdipCloneBrush
GdipAlloc
GdipFree
GdipDeleteBrush
GdipCreateSolidFill
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDeleteFont
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipGetGenericFontFamilySansSerif
GdipCreateFont
GdipLoadImageFromFile
GdipImageSelectActiveFrame
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipBitmapLockBits
GdipSetStringFormatTrimming
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipLoadImageFromFileICM

Sections

.text
Size: 272KB - Virtual size: 271KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9eb058be6721ddcd02b0599aaa273714

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

psapi

winmm

msimg32

ws2_32

resloader

comctl32

gdiplus

Sections

.text Size: 272KB - Virtual size: 271KB

.rdata Size: 52KB - Virtual size: 52KB

.data Size: 12KB - Virtual size: 20KB

.rsrc Size: 57KB - Virtual size: 56KB

.text
Size: 272KB - Virtual size: 271KB

.rdata
Size: 52KB - Virtual size: 52KB

.data
Size: 12KB - Virtual size: 20KB

.rsrc
Size: 57KB - Virtual size: 56KB