ca10cf42f48a1777fb016736ca58b6dc6c7646174bb6489ca8086a7e5c1c9c2b

Sharing

Copy URL Twitter E-mail

General

Target

ca10cf42f48a1777fb016736ca58b6dc6c7646174bb6489ca8086a7e5c1c9c2b
Size

1.2MB
MD5

c8a4f7aab59fa31f62c683c68cee2798
SHA1

b2f3d2ff528b9d47fd54529f7e0ea2f4a0c0ca5f
SHA256

ca10cf42f48a1777fb016736ca58b6dc6c7646174bb6489ca8086a7e5c1c9c2b
SHA512

f520ab11e15f6ec8792970359c722e48bf9017602318f4634dec0e346fa22cce719fc384c0a802acc10ec04972d4ec33f17ea2c480609053d3fe79bbab4565a5
SSDEEP

24576:pjKjUVmSLgz7CIQCVhQiz0Z3SFzJKxkOH0HAGmSFwivxcDJoSK7kaPG/g2BV2:5aUVrLA7CIRVEknKW40rqcxcDJoSI/ss

Score

N/A

Malware Config

Signatures

Files

ca10cf42f48a1777fb016736ca58b6dc6c7646174bb6489ca8086a7e5c1c9c2b
.cab
0.exe
.exe windows x86

5e1e45635a3e7fe930a5295e8bd63268

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSection
DeleteCriticalSection
WriteFile
lstrcpynA
ResumeThread
CloseHandle
SetPriorityClass
GetCurrentProcess
GetCurrentThread
SetThreadPriority
CreateProcessA
GetModuleFileNameA
RemoveDirectoryA
DeleteFileA
GetExitCodeProcess
WaitForSingleObject
SizeofResource
LockResource
LoadResource
FindResourceA
lstrcmpA
MultiByteToWideChar
lstrlenA
CreateDirectoryA
GetTempFileNameA
GetTempPathA
lstrcmpiA
GetLastError
TerminateProcess
OpenProcess
WaitForMultipleObjects
CreateEventA
SetEnvironmentVariableA
lstrcpyA
GetEnvironmentVariableA
SetFilePointer
CreateFileA
InterlockedDecrement
LoadLibraryA
FreeLibrary
GetProcAddress
LocalFree
GetSystemInfo
VirtualProtect
GetCPInfo
GetOEMCP
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
RaiseException
GetVersionExA
GetThreadLocale
GetLocaleInfoA
InterlockedExchange
GetACP
Sleep
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
LCMapStringW
WideCharToMultiByte
LCMapStringA
HeapSize
IsBadWritePtr
VirtualAlloc
ExitProcess
RtlUnwind
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
HeapReAlloc
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
SetUnhandledExceptionFilter
VirtualQuery
HeapDestroy
HeapCreate
VirtualFree

user32

MessageBoxA

wininet

InternetReadFile

shlwapi

StrStrA
PathAppendA
PathRemoveFileSpecA

wintrust

WinVerifyTrust

crypt32

CryptMsgGetParam
CryptQueryObject
CertFindCertificateInStore
CertGetNameStringA
CryptMsgClose
CertCloseStore

rpcrt4

UuidCreate

ole32

CoInitializeEx
CoUninitialize
CoInitializeSecurity
CoSetProxyBlanket
CoCreateInstance

oleaut32

VariantClear
VariantChangeType
VariantInit
SysFreeString
SysAllocString

Sections

.text
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
1000.exe
.exe windows x86

aa72e093aa1136aff986b4531eb07c46

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetCloseHandle
HttpQueryInfoA
HttpSendRequestW
HttpOpenRequestW
InternetConnectW
InternetOpenW
InternetReadFile
InternetOpenUrlW
HttpQueryInfoW

kernel32

TlsFree
FileTimeToSystemTime
WritePrivateProfileStringW
GlobalFlags
CompareStringW
GetModuleHandleA
GetVersionExA
LoadLibraryA
GlobalFindAtomW
SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesW
GetFileTime
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoW
RtlUnwind
GetSystemTimeAsFileTime
RaiseException
HeapReAlloc
ExitProcess
HeapSize
DeleteCriticalSection
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
TerminateProcess
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedDecrement
InterlockedIncrement
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
GetThreadLocale
GetCurrentProcessId
GlobalAddAtomW
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
GetLocaleInfoW
LoadLibraryW
CompareStringA
InterlockedExchange
lstrcmpW
FreeLibrary
GlobalDeleteAtom
GetModuleHandleW
GetProcAddress
WideCharToMultiByte
MultiByteToWideChar
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
lstrlenW
LoadResource
LockResource
SizeofResource
FindResourceW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
CreateProcessW
GetVersionExW
SetLastError
lstrcmpiW
GetCommandLineW
GetModuleFileNameW
CreateDirectoryW
CopyFileW
DeleteFileW
Sleep
CreateMutexW
GetLastError
ReleaseMutex
GetTempPathW
CreateFileW
ReadFile
CloseHandle
GetStdHandle

user32

RegisterWindowMessageW
LoadIconW
WinHelpW
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
IsWindow
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
CopyRect
DefWindowProcW
SetWindowLongW
UnregisterClassA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
ClientToScreen
GetWindow
GetWindowRect
GetClassNameW
PtInRect
SetWindowTextW
GetWindowTextW
UnhookWindowsHookEx
LoadCursorW
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
CharUpperW
GetSystemMetrics
GetWindowThreadProcessId
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxW
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageW
DestroyMenu
UnregisterClassW
ShowWindow
CallWindowProcW
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
SendMessageW
ModifyMenuW
EnableMenuItem
CheckMenuItem
PostMessageW
PostQuitMessage
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetDlgCtrlID
SetWindowPos

gdi32

Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
ExtTextOutW
TextOutW
RectVisible
PtVisible
SetBkColor
RestoreDC
SaveDC
DeleteObject
CreateBitmap
GetDeviceCaps
GetClipBox
SetMapMode
SetTextColor

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegSetValueExW
RegCreateKeyExW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
SetNamedSecurityInfoW

shell32

SHGetSpecialFolderPathW
ShellExecuteW

shlwapi

SHSetValueW
StrStrW
PathAppendW
PathFindExtensionW
PathRemoveFileSpecW
PathFileExistsW
SHGetValueW
PathFindFileNameW
PathStripToRootW
PathIsDirectoryW
PathIsUNCW

oleaut32

VariantChangeType
VariantClear
VariantInit

Sections

.text
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
3.exe
.exe windows x86

ec20276f48b38eba12079ff1cb005b33

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetErrorMode
GetCPInfo
GetOEMCP
RtlUnwind
GetSystemTimeAsFileTime
VirtualAlloc
HeapAlloc
HeapFree
HeapReAlloc
GetCommandLineA
GetProcessHeap
GetStartupInfoA
ExitProcess
RaiseException
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualFree
HeapDestroy
HeapCreate
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetACP
IsValidCodePage
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetCurrentProcess
FlushFileBuffers
SetFilePointer
ReadFile
GetThreadLocale
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetVersionExA
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
InterlockedDecrement
GetModuleFileNameW
WritePrivateProfileStringA
GlobalFree
GlobalUnlock
FormatMessageA
LocalFree
GetCurrentProcessId
SetLastError
GlobalAddAtomA
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
GetModuleFileNameA
EnumResourceLanguagesA
GetLocaleInfoA
GlobalLock
lstrcmpA
GlobalAlloc
GetModuleHandleA
GetLastError
CompareStringA
InterlockedExchange
GetVersion
WideCharToMultiByte
LoadResource
LockResource
FindResourceA
MultiByteToWideChar
CreateProcessA
GetSystemDirectoryA
lstrlenA
LoadLibraryA
GetProcAddress
FreeLibrary
CreateFileA
SizeofResource
WriteFile
Sleep
CloseHandle

user32

LoadCursorA
GetSysColorBrush
ShowWindow
RegisterWindowMessageA
LoadIconA
WinHelpA
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
IsWindow
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
CreateWindowExA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
CopyRect
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameA
PtInRect
GetWindowTextA
SetWindowTextA
GetSysColor
ReleaseDC
GetDC
ClientToScreen
PostQuitMessage
PostMessageA
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
UnhookWindowsHookEx
GetMenuItemID
GetMenuItemCount
UnregisterClassA
DestroyMenu
GetClassInfoA
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuA
SendMessageA
GetParent
GetFocus
LoadBitmapA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
GetCursorPos
PeekMessageA
GetKeyState
IsWindowVisible
GetActiveWindow
DispatchMessageA
TranslateMessage
GetMessageA
CallNextHookEx
GetSubMenu
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxA
SetCursor
SetWindowsHookExA

gdi32

ScaleWindowExtEx
DeleteDC
GetStockObject
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
CreateBitmap
DeleteObject
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
GetDeviceCaps
PtVisible

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

SHGetSpecialFolderPathA

shlwapi

PathFindExtensionA
PathFindFileNameA

ole32

CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 140KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 792KB - Virtual size: 788KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
stub_9945.exe
.exe windows x86

d40c9a065935dd3b1b3e1bb5618bf50a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msi

ord70

kernel32

GetModuleFileNameW
GetCommandLineW
CloseHandle
GetLastError
CreateMutexW
GetExitCodeProcess
WaitForSingleObject
CreateProcessW
GetCurrentProcess
GetProcAddress
GetModuleHandleA
GetFileAttributesW
CreateThread
ExpandEnvironmentStringsW
Sleep
CreateFileW
GetTempFileNameW
GetTempPathW
FormatMessageW
SetLastError
GetCurrentThread
GetVersionExW
OpenProcess
GetModuleHandleW
FreeResource
WriteFile
LockResource
LoadResource
SizeofResource
FindResourceW
FlushFileBuffers
CreateFileA
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
LocalFree
SetFilePointer
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
TerminateProcess
RtlUnwind
GetLocaleInfoA
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
GetConsoleMode
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoA
HeapReAlloc
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
HeapSize
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
VirtualAlloc
MultiByteToWideChar
InitializeCriticalSection
LoadLibraryA
GetConsoleCP

user32

CreateDialogParamW
ShowWindow
GetMessageW
GetDesktopWindow
IsDialogMessageW
SetWindowPos
PostThreadMessageW
ExitWindowsEx
LoadStringW
MessageBoxW
DestroyWindow

advapi32

RegQueryValueExW
RegCloseKey
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenThreadToken

shell32

ShellExecuteW
CommandLineToArgvW

oleaut32

SysAllocString
SysFreeString

Sections

.text
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 600KB - Virtual size: 598KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e1e45635a3e7fe930a5295e8bd63268

Headers

File Characteristics

Imports

kernel32

user32

wininet

shlwapi

wintrust

crypt32

rpcrt4

ole32

oleaut32

Sections

.text Size: 64KB - Virtual size: 60KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 200KB

.rsrc Size: 4KB - Virtual size: 2KB

aa72e093aa1136aff986b4531eb07c46

Headers

File Characteristics

Imports

wininet

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oleaut32

Sections

.text Size: 192KB - Virtual size: 191KB

.rdata Size: 44KB - Virtual size: 41KB

.data Size: 8KB - Virtual size: 27KB

.rsrc Size: 4KB - Virtual size: 500B

ec20276f48b38eba12079ff1cb005b33

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

Sections

.text Size: 140KB - Virtual size: 138KB

.rdata Size: 32KB - Virtual size: 30KB

.data Size: 8KB - Virtual size: 23KB

.rsrc Size: 792KB - Virtual size: 788KB

d40c9a065935dd3b1b3e1bb5618bf50a

Headers

File Characteristics

Imports

msi

kernel32

user32

advapi32

shell32

oleaut32

Sections

.text Size: 76KB - Virtual size: 72KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 8KB - Virtual size: 64KB

.rsrc Size: 600KB - Virtual size: 598KB

.text
Size: 64KB - Virtual size: 60KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 200KB

.rsrc
Size: 4KB - Virtual size: 2KB

.text
Size: 192KB - Virtual size: 191KB

.rdata
Size: 44KB - Virtual size: 41KB

.data
Size: 8KB - Virtual size: 27KB

.rsrc
Size: 4KB - Virtual size: 500B

.text
Size: 140KB - Virtual size: 138KB

.rdata
Size: 32KB - Virtual size: 30KB

.data
Size: 8KB - Virtual size: 23KB

.rsrc
Size: 792KB - Virtual size: 788KB

.text
Size: 76KB - Virtual size: 72KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 8KB - Virtual size: 64KB

.rsrc
Size: 600KB - Virtual size: 598KB