351900b6967eb047808a1221ff8dfdc8aabb9572e5c770a65c8aa684488cdbd5

Sharing

Copy URL

Twitter E-mail

General

Target

351900b6967eb047808a1221ff8dfdc8aabb9572e5c770a65c8aa684488cdbd5
Size

321KB
MD5

11c331aa2a83af7358b86b747f7d6854
SHA1

e039a67b67851922e7bd4f40866756a78e96d95a
SHA256

351900b6967eb047808a1221ff8dfdc8aabb9572e5c770a65c8aa684488cdbd5
SHA512

4002c79afd11f56e283a901ed3b35c258fa166ef91585dbab6bd71cca32553b447b646a5c9b59f8b0acd12bb57f75b4626c8b15acf8035f0f63c585bf174ff83
SSDEEP

6144:nTFvhumXZoYt+8wBGUErC36rFd8ya010nvhrTugoYtGg92Iv:lhuG+Tw06rFd8c10nUgoKdz

Score

N/A

Malware Config

Signatures

Files

351900b6967eb047808a1221ff8dfdc8aabb9572e5c770a65c8aa684488cdbd5
.exe windows x86

601f9b70f64fb4d01bcf6718ed2d41d9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

DeleteObject
GetDIBits
TextOutW
SetPixel
SetTextJustification
SetBkMode
BitBlt
GetTextExtentPoint32W
SetStretchBltMode
MoveToEx
GetDeviceCaps
GetCurrentObject
GetTextFaceW
CreateCompatibleBitmap
GetTextMetricsW
GetObjectW
SetTextColor
StretchBlt
GetStockObject
CreateFontIndirectW
CreateDIBSection
LineTo
SetBkColor
CreateCompatibleDC
CreateSolidBrush
CreatePen
DeleteDC
GetPixel
SelectObject

oleaut32

VarUdateFromDate
VariantClear
SysAllocString
SysStringByteLen
SafeArrayDestroy
SafeArrayGetDim
SysStringLen
VariantInit
DispCallFunc
LoadTypeLi
SystemTimeToVariantTime
SafeArrayGetUBound
SafeArrayUnlock
SysFreeString
VariantTimeToSystemTime
SysAllocStringByteLen
VariantCopy
SafeArrayGetLBound
GetErrorInfo
LoadRegTypeLi

shell32

SHCreateDirectoryExW
ShellExecuteW
CommandLineToArgvW
SHGetFolderLocation
DragQueryFileW
SHGetPathFromIDListW
ShellExecuteExW
SHFileOperationW
SHBrowseForFolderW
SHGetFileInfoW
SHGetFolderPathW

psapi

EnumProcesses
GetModuleFileNameExA
EnumProcessModules

msimg32

AlphaBlend
GradientFill

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

user32

GetFocus
ReleaseCapture
GetKeyState
GetDC
CreateWindowExW
GetIconInfo
CopyImage
GetParent
MsgWaitForMultipleObjects
GetSystemMetrics
EnableWindow
GetDesktopWindow
KillTimer
DrawFocusRect
PtInRect
FrameRect
LoadImageW
SetTimer
MessageBoxW
IntersectRect
GetSysColorBrush
ReleaseDC
PostMessageW
SystemParametersInfoW
FillRect
SetWindowLongW
GetWindowThreadProcessId
GetSysColor
GetAncestor
SetRect
ScreenToClient
CallWindowProcW
LoadCursorW
InvalidateRect
InflateRect
CopyRect
ShowWindow
SetWindowPos
DestroyWindow
GetWindowPlacement
GetLastInputInfo
GetWindowDC
CreateIconIndirect
GetPropW
LoadIconW
DestroyIcon
AttachThreadInput
LoadBitmapW
IsWindow
IsWindowVisible
RegisterClipboardFormatW
PeekMessageW
TranslateMessage
MessageBeep
SetCapture
SetPropW
GetWindowRect
SetForegroundWindow
RemovePropW
RedrawWindow
GetCursor
GetDlgItem
SendMessageW
MapDialogRect
GetWindowLongW
SetFocus
SetCursor
GetForegroundWindow
FindWindowW
BringWindowToTop
ClientToScreen
GetWindowTextW
DispatchMessageW
RegisterWindowMessageW
UpdateWindow
DrawTextW
GetClientRect
GetCursorPos
OffsetRect

advapi32

GetUserNameW
RegOpenKeyExW
ImpersonateLoggedOnUser
GetSecurityDescriptorSacl
SetEntriesInAclW
RegQueryValueW
GetSidSubAuthorityCount
SetSecurityDescriptorDacl
CryptDestroyHash
GetLengthSid
CryptHashData
CryptGetHashParam
GetSidIdentifierAuthority
AddAccessAllowedAce
AllocateAndInitializeSid
CryptGenRandom
SetSecurityDescriptorSacl
GetSidSubAuthority
CryptReleaseContext
RegSetValueExW
RegEnumValueW
FreeSid
CryptCreateHash
InitializeSecurityDescriptor
RegQueryInfoKeyW
GetAce
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegQueryValueExW
RegCloseKey
SetNamedSecurityInfoW
RegDeleteValueW
AddAce
GetNamedSecurityInfoW
CryptAcquireContextW
InitializeAcl
RegCreateKeyExW
GetAclInformation
RegEnumKeyExW
LogonUserW

ole32

CoCreateInstance
OleRun
CoInitializeEx
PropVariantClear
CoTaskMemFree
OleInitialize
CoTaskMemAlloc
CoUninitialize
CoInitialize
OleUninitialize

shlwapi

PathIsDirectoryW
SHDeleteKeyW
PathRemoveFileSpecW
PathFileExistsW
PathFindExtensionW
PathRemoveExtensionW
PathIsUNCServerShareW
SHCreateStreamOnFileW
PathUnquoteSpacesW
PathIsUNCW
PathStripPathW
PathRemoveBlanksW
PathIsDirectoryEmptyW
SHDeleteEmptyKeyW
PathAppendW
PathFindFileNameW
PathFileExistsA

comctl32

ImageList_DrawEx
InitCommonControlsEx
ImageList_GetIconSize
_TrackMouseEvent

kernel32

FindFirstFileW
GetLogicalDrives
FlushFileBuffers
GlobalFree
LocalFree
lstrlenW
ReleaseMutex
GetFileTime
SetFileTime
LocalAlloc
CreateDirectoryW
IsDebuggerPresent
GetCurrentThreadId
GetShortPathNameW
SetFilePointer
UnhandledExceptionFilter
LockResource
DeleteFileW
OpenMutexW
HeapAlloc
WaitForSingleObject
OpenProcess
GetSystemInfo
ResumeThread
CreateProcessW
FindNextFileW
SetFilePointerEx
SetUnhandledExceptionFilter
CreateFileW
ResetEvent
GetModuleHandleW
FormatMessageW
ExpandEnvironmentStringsW
CreateEventW
GetProcessTimes
RemoveDirectoryW
CreateMutexW
lstrcpyW
WaitForMultipleObjects
LocalUnlock
MoveFileW
LeaveCriticalSection
HeapFree
QueryDosDeviceW
WaitNamedPipeW
RaiseException
PeekNamedPipe
WideCharToMultiByte
GetCommandLineW
GetDiskFreeSpaceExW
SetFileAttributesW
LocalLock
DeleteCriticalSection
UnmapViewOfFile
ReadFile
LoadResource
DuplicateHandle
OpenFileMappingW
CopyFileW
GlobalMemoryStatus
GetSystemTimeAsFileTime
MapViewOfFile
SetNamedPipeHandleState
WriteFile
FindClose
FindResourceW
CreateFileMappingW
GetFileSizeEx
InitializeCriticalSectionAndSpinCount
FreeLibrary
GetDriveTypeW
GetProcessHeap
GlobalAlloc
SetLastError
GlobalUnlock
GetLocalTime
EnterCriticalSection
OpenEventW
MoveFileExW
CloseHandle
VirtualQuery
FormatMessageA
GlobalLock
GetFullPathNameA
VirtualAlloc
lstrlenA

certcli

CASetCAExpiration
CASetCertTypeExpiration
CAEnumFirstCA
CAFindByCertType
CACreateLocalAutoEnrollmentObject
CAFreeCertTypeProperty
CACertTypeUnregisterQuery
DllInstall
CASetCAFlags
DllGetClassObject
CAAddCACertificateType

credui

CredUIReadSSOCredW
CredUIParseUserNameA

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 45KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 166KB - Virtual size: 923KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 681KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

601f9b70f64fb4d01bcf6718ed2d41d9

Headers

File Characteristics

Imports

gdi32

oleaut32

shell32

psapi

msimg32

version

user32

advapi32

ole32

shlwapi

comctl32

kernel32

certcli

credui

Sections

.text Size: 24KB - Virtual size: 23KB

.bss Size: 45KB - Virtual size: 276KB

.reloc Size: 166KB - Virtual size: 923KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 57KB - Virtual size: 681KB

.rsrc Size: 18KB - Virtual size: 61KB

.text
Size: 24KB - Virtual size: 23KB

.bss
Size: 45KB - Virtual size: 276KB

.reloc
Size: 166KB - Virtual size: 923KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 57KB - Virtual size: 681KB

.rsrc
Size: 18KB - Virtual size: 61KB