aac17eee5680edd9e7dd6eebc8c149eb0f38a7d2d579ce39bf885544f54a0af7

Sharing

Copy URL Twitter E-mail

General

Target

aac17eee5680edd9e7dd6eebc8c149eb0f38a7d2d579ce39bf885544f54a0af7
Size

413KB
MD5

e19c4a999177af36d760de5da3e010f7
SHA1

9ce983a508463bbdd7d0e11a6584bcc994156c72
SHA256

aac17eee5680edd9e7dd6eebc8c149eb0f38a7d2d579ce39bf885544f54a0af7
SHA512

c8ae650086db5cf895b8f3badd58f1db31f226748a2f341597c34c57fabc5550fc40345eb0936e7293434e01c014f5437b0cc1c30c34875fbce15ca5e130176d
SSDEEP

6144:oxtkby1w7HTbHAZiexAlnLYe3ijr6HJ3+KnSJdHNkJVoH:obkblbHKiewnMqQrqnc0IH

Score

N/A

Malware Config

Signatures

Files

aac17eee5680edd9e7dd6eebc8c149eb0f38a7d2d579ce39bf885544f54a0af7
.exe windows x86

d95f99f02de2d0f2faf3edf783f4e781

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
CreateEventW
SetEvent
TerminateThread
CreateMutexW
WaitForMultipleObjects
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
OpenProcess
lstrlenA
HeapFree
HeapAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitThread
CreateThread
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapSize
ExitProcess
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapReAlloc
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
WriteFile
GetModuleFileNameA
LCMapStringW
CreateProcessW
ReadFile
GetCommandLineW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
LoadLibraryA
InitializeCriticalSectionAndSpinCount
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEndOfFile
GetProcessHeap
CreateFileA
VirtualQuery
GetStartupInfoW
DuplicateHandle
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileSizeEx
SetFilePointerEx
GetEnvironmentVariableW
SetEnvironmentVariableW
OpenThread
OutputDebugStringW
GetModuleHandleA
FormatMessageW
GetSystemTime
LocalFree
IsProcessorFeaturePresent
InterlockedCompareExchange
GetEnvironmentStringsW
Sleep
CreatePipe
GetFileSize
GetTempPathW
WaitForSingleObject
WideCharToMultiByte
GetVersion
GlobalAlloc
GlobalUnlock
GlobalReAlloc
GlobalLock
ReleaseMutex
CreateFileW
DeviceIoControl
CloseHandle
GetCurrentProcessId
LoadLibraryW
GetProcAddress
TerminateProcess
InterlockedIncrement
InterlockedDecrement
DeleteCriticalSection
InitializeCriticalSection
GetModuleFileNameW
GetModuleHandleW
LoadLibraryExW
MultiByteToWideChar
lstrcmpiW
FreeLibrary
FlushInstructionCache
GetCurrentProcess
SetLastError
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
GetLastError
lstrlenW
RaiseException
FindResourceExW
FreeResource
FindResourceW
LoadResource
SizeofResource
FreeEnvironmentStringsW
LockResource

user32

OffsetRect
SendMessageW
UpdateWindow
PostMessageW
InvalidateRect
FillRect
GetClassLongW
IntersectRect
ReleaseCapture
SetCapture
GetCapture
KillTimer
GetDC
LoadImageW
GetActiveWindow
UnregisterClassA
SetWindowLongW
DefWindowProcW
SetTimer
WindowFromPoint
PtInRect
GetCursorPos
EndPaint
BeginPaint
ScreenToClient
DrawTextW
DrawIconEx
LoadCursorW
IsWindow
FindWindowW
EndDialog
GetWindow
GetWindowLongW
MonitorFromWindow
SetCursor
SetWindowRgn
ShowWindow
DestroyWindow
GetMonitorInfoW
GetWindowRect
CharNextW
MessageBoxW
RegisterWindowMessageW
SetWindowTextW
PostQuitMessage
ReleaseDC
GetParent
GetClientRect
MapWindowPoints
SetWindowPos
CreateDialogIndirectParamW
PeekMessageW
TranslateMessage
DispatchMessageW
GetMessageW

gdi32

TextOutW
GetTextExtentPoint32W
ExcludeClipRect
CreateRectRgn
CreateRoundRectRgn
SetViewportOrgEx
CreateFontIndirectW
SetBkMode
DeleteObject
CreateCompatibleDC
DeleteDC
SelectObject
StretchBlt
SetStretchBltMode
GetObjectW
BitBlt
CreateCompatibleBitmap
GetTextColor
SetTextColor
IntersectClipRect
GetClipBox
CreatePen
OffsetViewportOrgEx
CombineRgn
GetStockObject
CreateSolidBrush

advapi32

RegQueryValueExA
RegQueryValueW
GetTokenInformation
OpenProcessToken
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW
RegQueryValueExW

shell32

DragFinish
ShellExecuteW
ord680
ShellExecuteExW
DragAcceptFiles
DragQueryFileW

ole32

CoUninitialize
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoInitialize

oleaut32

VarUI4FromStr

shlwapi

PathCombineW
PathAppendW
PathFindFileNameW
StrCmpIW
PathRemoveFileSpecW
PathFileExistsW

comctl32

ImageList_ReplaceIcon
ImageList_Draw
ImageList_Destroy
InitCommonControlsEx
ImageList_Create

msimg32

AlphaBlend

wininet

InternetGetConnectedState

iphlpapi

GetAdaptersInfo

version

VerQueryValueW

psapi

EnumProcesses
EnumProcessModules
GetModuleFileNameExW

Sections

.text
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

ahpgd
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 148KB - Virtual size: 148KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d95f99f02de2d0f2faf3edf783f4e781

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msimg32

wininet

iphlpapi

version

psapi

Sections

.text Size: 168KB - Virtual size: 167KB

.rdata Size: 35KB - Virtual size: 34KB

.data Size: 8KB - Virtual size: 16KB

.rsrc Size: 44KB - Virtual size: 43KB

ahpgd Size: 4KB - Virtual size: 4KB

Size: 148KB - Virtual size: 148KB

.text
Size: 168KB - Virtual size: 167KB

.rdata
Size: 35KB - Virtual size: 34KB

.data
Size: 8KB - Virtual size: 16KB

.rsrc
Size: 44KB - Virtual size: 43KB

ahpgd
Size: 4KB - Virtual size: 4KB