e1aecd084a53ba33aecd53caeb211478b383ca8a8f013432b098dcb1aec1d60a

Sharing

Copy URL

Twitter E-mail

General

Target

e1aecd084a53ba33aecd53caeb211478b383ca8a8f013432b098dcb1aec1d60a
Size

346KB
MD5

061428120269762bf4162575820ab0b2
SHA1

19d23ef983b108d9a94baa1f59a14d8f5e19fbc3
SHA256

e1aecd084a53ba33aecd53caeb211478b383ca8a8f013432b098dcb1aec1d60a
SHA512

7f5a51d648f88b2047107cc1a53ddcba9a8f4e2d027207473ac75a2ad516ee93d5518d147e176370ad4edc7e04ad69ebbfdd0c2e486114f673be49339c2ed4a0
SSDEEP

6144:nhzFlexKc484oO8593S2k5NZHnn/5k6c+D4:BF/c4n2LSlNZH/5kF+D4

Score

N/A

Malware Config

Signatures

Files

e1aecd084a53ba33aecd53caeb211478b383ca8a8f013432b098dcb1aec1d60a
.exe windows x86

b2921a1b4168c3f415889ba81323a87f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

netapi32

NetQueryDisplayInformation
NetApiBufferFree

ole32

CreateStreamOnHGlobal
CoCreateInstance
CLSIDFromProgID
CoInitializeSecurity
CoInitialize
CoRegisterClassObject
CoInitializeEx
CoTaskMemFree
CoUninitialize
CoMarshalInterThreadInterfaceInStream
StringFromGUID2
OleRun
CoResumeClassObjects
StringFromCLSID
CoGetInterfaceAndReleaseStream
CLSIDFromString
CoRevokeClassObject

oleaut32

SysAllocString
VarBstrCmp
SystemTimeToVariantTime
SafeArrayLock
SafeArrayUnaccessData
SafeArrayGetElement
LoadTypeLi
GetRecordInfoFromGuids
VarBstrFromDate
VariantTimeToSystemTime
SafeArrayGetVartype
VariantCopy
SysAllocStringLen
SysStringByteLen
SysFreeString
DispCallFunc
SafeArrayRedim
SafeArrayCreate
VariantInit
VarDateFromUdate
SafeArrayAccessData
VariantChangeType
VarDateFromStr
VariantCopyInd
SafeArrayGetUBound
LoadRegTypeLi
GetErrorInfo
SafeArrayCreateVectorEx
SafeArrayGetDim
SafeArrayCopy
SysStringLen
SysAllocStringByteLen
SafeArrayUnlock
VariantClear
SafeArrayGetLBound
SafeArrayDestroy

advapi32

StartServiceW
GetLengthSid
RegOpenKeyExA
CheckTokenMembership
RegNotifyChangeKeyValue
AllocateAndInitializeSid
QueryServiceStatus
AddAce
AdjustTokenPrivileges
GetUserNameW
GetTokenInformation
IsValidSid
LookupAccountNameW
OpenSCManagerW
RegQueryValueExA
GetSidSubAuthority
MakeAbsoluteSD
RegQueryValueExW
SetSecurityDescriptorDacl
CloseServiceHandle
EqualSid
RegCloseKey
GetSecurityDescriptorControl
GetFileSecurityW
LookupAccountSidW
GetSidLengthRequired
GetSecurityDescriptorLength
GetSecurityDescriptorDacl
GetSecurityDescriptorOwner
RegOpenKeyW
GetAclInformation
CopySid
ConvertSidToStringSidW
OpenServiceW
FreeSid
GetSecurityDescriptorGroup
RegCreateKeyExW
InitializeSecurityDescriptor
LookupPrivilegeValueW
ConvertStringSidToSidW
MakeSelfRelativeSD
RegOpenKeyExW
GetSecurityDescriptorSacl
GetAce
OpenProcessToken
SetFileSecurityW
RegSetValueExW
InitializeAcl
InitializeSid

user32

FillRect
CreateDialogParamW
AnimateWindow
PostMessageW
MsgWaitForMultipleObjects
ReleaseDC
ShowWindow
TrackPopupMenu
GetSysColorBrush
GetClientRect
SetScrollInfo
MonitorFromPoint
GetCapture
DeleteMenu
DestroyIcon
LockWindowUpdate
PeekMessageW
SetDlgItemTextW
GetSystemMetrics
MapWindowPoints
GetScrollInfo
IsClipboardFormatAvailable
GetTopWindow
GetClassNameW
GetDesktopWindow
LoadBitmapW
LoadImageW
IsCharLowerW
GetDC
GetWindowPlacement
GetWindowThreadProcessId
UnhookWindowsHookEx
CallWindowProcW
IsCharAlphaNumericW
CharNextW
SetWindowLongW
DefWindowProcW
GetCursor
CallNextHookEx
GetMenu
DispatchMessageW
IsWindowVisible
GetActiveWindow
EnableMenuItem
SetRectEmpty
GetTabbedTextExtentW
DrawFrameControl
MapDialogRect
GetKeyState
GetScrollPos
GetNextDlgTabItem
SetWindowPos
DeferWindowPos
DrawTextW
GetMonitorInfoW
EqualRect
SetCapture
ReleaseCapture
SetCursor
EnableWindow
GetGUIThreadInfo
DestroyWindow
TrackPopupMenuEx
GetWindowTextW
GetDlgItem
GetMenuItemInfoW
ModifyMenuW
GetSysColor
GetFocus
TranslateAcceleratorW
EndDeferWindowPos
GetMenuItemCount
ExitWindowsEx
CharLowerW
GetWindowTextLengthW
WindowFromDC
PtInRect
IsWindowEnabled
SetWindowPlacement
SetMenuDefaultItem
BeginDeferWindowPos
FindWindowW
IntersectRect
TranslateMessage
BeginPaint
IsRectEmpty
EndPaint
IsWindow
GetMessageW
SetFocus
GetClipboardData
SetMenu
SetTimer
SetWindowsHookExW
EndDialog
DestroyMenu
EmptyClipboard
SetForegroundWindow
CloseClipboard
GetSubMenu
LoadIconW
OffsetRect
GetSystemMenu
SendMessageW
GetDlgCtrlID
MessageBeep
DrawIconEx
GetWindow
ClientToScreen
OpenClipboard
FrameRect
TabbedTextOutW
SetClipboardData
DrawAnimatedRects
GetWindowDC
GetMessagePos
UnregisterClassA
KillTimer
RegisterWindowMessageW
DrawStateW
LoadStringW
CharUpperBuffW
GetForegroundWindow
DrawFocusRect
SetWindowTextW
SetScrollPos
LoadCursorW
LoadAcceleratorsW
DrawEdge
RedrawWindow
SetCursorPos
GetWindowRect
SystemParametersInfoW
IsMenu
IsIconic
AppendMenuW
PostQuitMessage
RegisterClassExW
LoadMenuW
MessageBoxW
MoveWindow
SetMenuItemInfoW
RemoveMenu
DialogBoxParamW
GetParent
CharUpperW
IsCharAlphaW
ScrollWindowEx
IsChild
InflateRect
UpdateWindow
AttachThreadInput
CreatePopupMenu
LoadStringA
wsprintfW
CreateWindowExW
ScreenToClient
CopyRect
InvalidateRect
WindowFromPoint
IsDialogMessageW
GetClassInfoExW
GetCursorPos
GetWindowLongW

activeds

ord9
ord7
ord3

comdlg32

FindTextW
GetSaveFileNameW
GetOpenFileNameW

shell32

SHGetPathFromIDListW
SHGetSpecialFolderPathW
DragQueryFileW
SHGetDesktopFolder
ShellExecuteExW
SHGetMalloc
SHBrowseForFolderW
DragAcceptFiles
SHAppBarMessage
SHGetSpecialFolderLocation
SHGetFileInfoW
SHGetFolderPathW
ShellExecuteW

userenv

UnloadUserProfile

gdi32

CreateCompatibleDC
SetTextColor
GetTextMetricsW
CreatePatternBrush
CreateRectRgn
GetBkColor
GetDeviceCaps
BitBlt
UnrealizeObject
CombineRgn
CreatePen
GetClipRgn
CreateDIBSection
CreateRectRgnIndirect
GetStockObject
SelectClipRgn
SelectObject
SetBrushOrgEx
DeleteDC
SetPixel
GetTextExtentExPointW
IntersectClipRect
SetBkColor
SetTextAlign
PatBlt
DeleteObject
GetPixel
GetTextExtentPoint32W
SetViewportOrgEx
RoundRect
GetCurrentObject
CreateCompatibleBitmap
CreatePolygonRgn
SetBkMode
CreateBitmap
ExtTextOutW
ExtCreatePen
PtInRegion
CreateFontIndirectW
SetROP2
Rectangle
LineTo
MoveToEx
GetObjectW
Polygon
CreateSolidBrush
TextOutW
GetObjectType

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

kernel32

ResetEvent
CloseHandle
GetUserDefaultLangID
CreateEventW
IsDebuggerPresent
SetCurrentDirectoryW
IsProcessorFeaturePresent
SetWaitableTimer
lstrcpynW
GetSystemTime
GetNumberFormatW
GetFileType
GetFullPathNameW
FindResourceW
FatalAppExitW
SystemTimeToTzSpecificLocalTime
VirtualFree
GetProcessHeap
GetACP
GlobalUnlock
ExpandEnvironmentStringsA
FindClose
GetTempPathW
lstrlenW
WideCharToMultiByte
DeleteFileW
GetCommandLineW
WaitForMultipleObjects
ReadFile
HeapSize
FileTimeToSystemTime
SetThreadPriority
DuplicateHandle
LocalAlloc
GetSystemInfo
CreateThread
GetExitCodeThread
WriteFile
lstrcpyW
LeaveCriticalSection
HeapReAlloc
GetLongPathNameW
HeapAlloc
GetDriveTypeW
FreeLibrary
lstrcmpiW
GlobalLock
GetFileSize
GetFileInformationByHandle
UnhandledExceptionFilter
MulDiv
CreateFileW
RaiseException
GetSystemTimeAsFileTime
FindResourceExW
GetTimeFormatW
lstrlenA
FlushInstructionCache
LoadResource
SizeofResource
GetCurrentThreadId
GlobalAlloc
LocalFree
GetWindowsDirectoryW
VirtualAlloc
GetThreadLocale
FindFirstFileW
GetLogicalDriveStringsW
GlobalFree
lstrcpynA
GetDateFormatW
lstrcmpW
EnterCriticalSection
GetComputerNameW
FormatMessageW
lstrcatW
HeapFree
DeleteCriticalSection
SetUnhandledExceptionFilter
ResumeThread
HeapDestroy
OpenEventW
TerminateThread
GetModuleHandleW
SetLastError
GetUserDefaultLCID
GetCurrentDirectoryW
LockResource
SetFilePointer
LoadLibraryExW
WaitForSingleObject
CreateWaitableTimerW
lstrcmpA
VirtualAllocEx

comctl32

PropertySheetW
CreatePropertySheetPageW
ImageList_AddMasked
InitCommonControlsEx
ImageList_GetIcon
ImageList_GetImageInfo
ImageList_LoadImageW
ord8
ImageList_Create
ImageList_DrawIndirect
CreateStatusWindowW
ImageList_GetImageCount
DestroyPropertySheetPage
ImageList_Destroy
ImageList_Draw
ImageList_ReplaceIcon
_TrackMouseEvent

secur32

GetUserNameExW
TranslateNameW

shlwapi

PathStripPathW
PathRemoveFileSpecW
PathIsDirectoryW
ColorAdjustLuma
PathFileExistsW
PathCompactPathExW
StrRStrIW
StrRetToStrW
PathCompactPathW
PathAppendW
StrChrW

msimg32

AlphaBlend
GradientFill

cmutil

CmAtolW
CmLoadImageW
CmIsSpaceW
CmLoadIconA
SzToWzWithAlloc
CmFree
MakeBold
CmStrtokA

shdocvw

DoAddToFavDlg
AddUrlToFavorites

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 304KB - Virtual size: 542KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b2921a1b4168c3f415889ba81323a87f

Headers

File Characteristics

Imports

netapi32

ole32

oleaut32

advapi32

user32

activeds

comdlg32

shell32

userenv

gdi32

version

kernel32

comctl32

secur32

shlwapi

msimg32

cmutil

shdocvw

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 304KB - Virtual size: 542KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 304KB - Virtual size: 542KB

.rsrc
Size: 512B - Virtual size: 4KB