797f1592774343f9649715313f46f54d748c1da2d492fa7ed000834f3c359e4a

Sharing

Copy URL Twitter E-mail

General

Target

797f1592774343f9649715313f46f54d748c1da2d492fa7ed000834f3c359e4a
Size

900KB
MD5

82c12e8218fbd699930d4125fc20f373
SHA1

e942993a18f724be1cb5d00ad6110bbd7cc2e76a
SHA256

797f1592774343f9649715313f46f54d748c1da2d492fa7ed000834f3c359e4a
SHA512

b361485a314ed54788269cf4ad1a54d3ffa4a1979ef6318350f4127e8c811d4e233bde7a667e82ae9c62a73fe6a4c1d3827ec8de862ca8753056b95b01d8e8ae
SSDEEP

24576:efIZ2OoJITSa1hUyCqRiQO+fELhd3zX0o2CT6Q:eAohAhUyC2O8Mdbc+6

Score

N/A

Malware Config

Signatures

Files

797f1592774343f9649715313f46f54d748c1da2d492fa7ed000834f3c359e4a
.exe windows x86

f65dc9d69796c401f72b10536f7acaff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadImageW
GetClassInfoA
OpenClipboard
DispatchMessageW
GetDesktopWindow
GetKeyboardLayout
UpdateWindow
CallNextHookEx
GetClientRect
TranslateAcceleratorA
BringWindowToTop
UnhookWindowsHookEx
GrayStringA
SetScrollInfo
SetDlgItemTextA
TabbedTextOutA
SetWindowPlacement
PostThreadMessageA
GetWindowLongA
LockWindowUpdate
SetParent
SetWindowsHookExW
GetWindowRgn
GetWindowRect
OffsetRect
SetForegroundWindow
SetWindowsHookExA
EnumChildWindows
GetDlgCtrlID
GetMenuItemID
GetClassNameW
CopyIcon
EnumWindows
CreateWindowExA
DestroyIcon
GetMenuItemCount
GetDC
GetMenuItemInfoA
DefDlgProcA
DestroyMenu
AttachThreadInput
DrawEdge
GetScrollPos
PtInRect
DrawTextA
CopyRect
SetClipboardData
GetMessageW
SetMenuItemInfoA
UnionRect
SetActiveWindow
LoadBitmapW
GetMessagePos
MsgWaitForMultipleObjects
LoadMenuW
SetMenuItemBitmaps
MapDialogRect
LoadAcceleratorsW
SendMessageW
TrackPopupMenu
GetParent
ScrollWindow
HideCaret
SetWindowRgn
GetWindowTextA
TabbedTextOutW
ShowCaret
ShowWindow
GetMenuStringW
SetCapture
GetClassLongA
CloseClipboard
PostMessageA
RegisterClipboardFormatA
GetMenuState
GetWindowPlacement
MessageBoxA
IsIconic
CharUpperBuffA
CopyAcceleratorTableA
WindowFromPoint
IntersectRect
DrawFocusRect
CharLowerBuffA
SendMessageA
HiliteMenuItem
CreateDialogIndirectParamA
SetCursor
SetTimer
IsZoomed
RegisterWindowMessageA
UnregisterClassW
LoadIconW
keybd_event
GetSystemMenu
GetClassNameA
GetMenuItemRect
SetWindowPos
SetWindowTextA
SetPropA
RemovePropA
DefWindowProcA
GetSysColor
MessageBeep
GetClipboardData
IsChild
DestroyCaret
ValidateRgn
IsDialogMessageA
MessageBoxW
InvertRect
SetRect
DispatchMessageA
ModifyMenuA
CheckDlgButton
EndDialog
CopyAcceleratorTableW
LoadStringW
IsWindowUnicode
DeferWindowPos
WindowFromDC
DrawStateW
GetWindowDC
KillTimer
IsWindowVisible
GetWindow
RedrawWindow
TrackPopupMenuEx
wvsprintfA
GetMenu
EnableWindow
CallWindowProcA
LoadBitmapA
ReleaseDC
EqualRect
GetScrollRange
wsprintfA
ShowCursor
GetMessageTime
GetClassInfoExW
EnableMenuItem
GetWindowTextW
SetFocus
MapWindowPoints
SystemParametersInfoA
EndPaint
InflateRect
DestroyWindow
GetClassInfoExA
SetWindowLongA
SetWindowTextW
CharUpperW
PeekMessageA
RegisterClassExA
EndDeferWindowPos
wsprintfW
LoadCursorA
DdeConnect
CreateIconIndirect
InsertMenuW
SendDlgItemMessageA
IsMenu
ValidateRect
GetMenuStringA
GetCursorPos
ChangeClipboardChain
WaitForInputIdle
SetMenu
DeleteMenu
GetActiveWindow
GetSubMenu
RegisterClassExW
DrawStateA
PeekMessageW
GetIconInfo
AppendMenuA
SetWindowContextHelpId
GetDoubleClickTime
CharLowerA
SetRectEmpty
GetDlgItemInt
SetScrollRange
IsDialogMessageW
RegisterClassA
InvalidateRect
MoveWindow
GetFocus
ShowScrollBar
IsWindow
CloseWindow
IsWindowEnabled
InsertMenuA
IsCharLowerA
GetMenuCheckMarkDimensions
CreatePopupMenu
OpenIcon
IsRectEmpty
CharUpperA
ScreenToClient
ExcludeUpdateRgn
SetScrollPos
WinHelpA
GrayStringW
ReleaseCapture
IsCharAlphaNumericA
SetMenuDefaultItem
ClientToScreen
LoadCursorW
GetNextDlgTabItem
IsClipboardFormatAvailable
TranslateMessage
CheckMenuRadioItem
GetSysColorBrush
GetForegroundWindow
DrawIcon
GetAsyncKeyState
CreateWindowExW
AdjustWindowRectEx
FindWindowA
GetClassInfoW
GetUpdateRect
GetLastActivePopup
GetKeyState
LoadIconA
GetWindowLongW
SetMenuItemInfoW
SetWindowLongW
GetTopWindow
DrawIconEx
GetCapture
LoadStringA
ChildWindowFromPointEx
SetDlgItemTextW
CharNextA
GetPropA
DrawMenuBar
GetDlgItem
DefWindowProcW
FindWindowExW
BeginDeferWindowPos
PostQuitMessage
FillRect
BeginPaint
LoadMenuA

shlwapi

PathRenameExtensionA
PathFindExtensionA
PathAddBackslashA
PathIsUNCA
PathFileExistsA
PathIsDirectoryA
SHDeleteValueA
PathRemoveFileSpecA
SHDeleteKeyA
PathRelativePathToA
PathMakePrettyA
PathAppendA
PathRemoveExtensionA
PathFindFileNameA
PathQuoteSpacesA
PathStripPathA
PathUnquoteSpacesA
PathCanonicalizeA
PathStripToRootA
PathParseIconLocationA
PathRemoveArgsA

mfc42

ord1576

advapi32

RegOpenKeyA
RegSetValueExW
RegisterServiceCtrlHandlerA
RegQueryValueExA
SetSecurityDescriptorDacl
GetUserNameA
RegEnumKeyExA
StartServiceW
ControlService
RegCreateKeyA
RegSetValueA
MapGenericMask
LookupPrivilegeValueA
AllocateAndInitializeSid
OpenServiceW
CryptHashData
CopySid
SetServiceStatus
RegQueryInfoKeyW
RegEnumValueA
RegDeleteValueW
RegOpenKeyExA
GetFileSecurityW
CreateServiceA
RegDeleteKeyA
SetFileSecurityA
LookupAccountSidW
CryptCreateHash
StartServiceA
InitializeSecurityDescriptor
RegQueryValueExW
RegQueryValueW
OpenSCManagerA
RegSetValueExA
GetSidSubAuthorityCount
OpenThreadToken
RegDeleteKeyW
RegEnumKeyExW
ReportEventA
RegQueryInfoKeyA
RegCreateKeyExA
AdjustTokenPrivileges
InitializeAcl
GetTokenInformation
StartServiceCtrlDispatcherA
AddAccessAllowedAce
DeleteService
DuplicateToken
EqualSid
RegCloseKey
OpenProcessToken
RegDeleteValueA
RegSetKeySecurity
OpenSCManagerW
GetLengthSid
RegQueryValueA
RegEnumValueW
GetUserNameW
RegCreateKeyExW
RegEnumKeyW
RegOpenKeyExW
GetSecurityInfo

oleaut32

LoadTypeLi

shell32

SHFileOperationA
DragQueryFileW
SHGetMalloc
SHBrowseForFolderW
ord155
SHFileOperationW
SHGetPathFromIDListW
SHBrowseForFolderA
SHAppBarMessage
ExtractIconExW
SHGetPathFromIDListA
SHGetSpecialFolderLocation
DragAcceptFiles
SHGetSpecialFolderPathA
ExtractIconW
ShellExecuteA
ShellExecuteW
SHGetFileInfoW
DragQueryPoint

comctl32

_TrackMouseEvent
ImageList_Replace
ImageList_LoadImageA
CreatePropertySheetPageW
ImageList_Draw
ImageList_Merge
ImageList_Write
DestroyPropertySheetPage
ImageList_Remove
CreatePropertySheetPageA
ImageList_BeginDrag
ImageList_DragMove
ImageList_SetBkColor
ImageList_SetDragCursorImage
ImageList_Add
ImageList_GetIcon
PropertySheetW
ImageList_ReplaceIcon
ImageList_Create
ImageList_GetImageCount
ImageList_EndDrag
ImageList_GetImageInfo
ImageList_DragEnter
ord17
ImageList_AddMasked
ImageList_SetOverlayImage
ImageList_GetIconSize
ImageList_DragLeave
ImageList_DrawEx
ImageList_GetDragImage
InitCommonControlsEx
ImageList_GetBkColor
ImageList_Destroy
ImageList_Read

kernel32

GetDriveTypeA
IsDebuggerPresent
GlobalSize
GetCurrentProcess
InterlockedDecrement
lstrcmpW
GetSystemTime
DeleteFileA
HeapReAlloc
SetEndOfFile
WaitForSingleObject
GetPriorityClass
UnhandledExceptionFilter
lstrlenA
lstrcmpA
GetSystemDirectoryA
MoveFileExA
GetProcessHeap
lstrcpynA
GetFileInformationByHandle
SetFilePointer
ResetEvent
GetEnvironmentStrings
SetFileTime
ResumeThread
GetTimeFormatA
RtlUnwind
TlsGetValue
EnumResourceLanguagesA
FatalAppExitA
FreeEnvironmentStringsW
SetHandleCount
CreateDirectoryA
DebugBreak
GetSystemDefaultLCID
LoadLibraryExW
CreateFileW
GetStartupInfoA
RaiseException
GetTimeZoneInformation
GetDiskFreeSpaceW
GetConsoleMode
GetPrivateProfileStringA
CloseHandle
HeapAlloc
IsValidCodePage
GetWindowsDirectoryW
VirtualQuery
GetLocaleInfoW
GetOverlappedResult
GetLastError
GetOEMCP
GetFileType
TlsFree
LCMapStringA
GetCurrentProcessId
GetFileSize
IsBadCodePtr
IsValidLocale
ExitThread
UnmapViewOfFile
LockFile
CopyFileW
MoveFileW
CreateEventA
HeapSize
lstrcatW
MoveFileA
CreateFileA
GetStartupInfoW
FreeLibrary
WriteConsoleW
DeleteCriticalSection
DuplicateHandle
InterlockedIncrement
GetExitCodeThread
IsBadStringPtrA
GetCommandLineA
SuspendThread
CompareStringW
VirtualFree
InterlockedExchange
SetConsoleCtrlHandler
CopyFileA
WinExec
VirtualAlloc
SetLastError
GlobalUnlock
GetACP
lstrcpyA
GetCPInfo
SetThreadPriority
VirtualProtect
GetProcAddress
SetEvent
Sleep
GlobalFree
EnumSystemLocalesA
GetFullPathNameA
MulDiv
SystemTimeToFileTime
TerminateProcess
SetStdHandle
MultiByteToWideChar
GetTempFileNameA
GetSystemTimeAsFileTime
GetVersionExW
WritePrivateProfileStringA
GetUserDefaultLCID
GetCurrentThread
FindFirstFileW
GlobalAddAtomA
TlsAlloc
WideCharToMultiByte
SetErrorMode
GetConsoleOutputCP
FindFirstFileA
GlobalAddAtomW
GetDiskFreeSpaceA
GetModuleHandleA
RemoveDirectoryA
QueryPerformanceCounter
GetVolumeInformationA
GetEnvironmentVariableA
GetConsoleCP
WriteFile
LoadLibraryW
LocalFileTimeToFileTime
GlobalDeleteAtom
GetModuleFileNameA
LeaveCriticalSection
FileTimeToLocalFileTime
FindNextFileW
SetUnhandledExceptionFilter
ReadFile
GetThreadLocale
lstrcpyW
LoadResource
GetFileAttributesA
EnterCriticalSection
GetStdHandle
GetExitCodeProcess
InitializeCriticalSection
UnlockFile
GetWindowsDirectoryA
FindResourceExA
FileTimeToSystemTime
GetVersionExA
HeapFree
CreateThread
ConvertDefaultLocale
ExitProcess
FreeResource
GetLocaleInfoA
LocalReAlloc
FindClose
CreateProcessA
WriteConsoleA
LocalAlloc
TlsSetValue
lstrcpynW
GetCommandLineW
FindNextFileA
GetDateFormatA
CreateMutexA
CompareStringA
HeapDestroy
GetProfileStringA
FreeEnvironmentStringsA
GlobalHandle
OpenProcess
OpenMutexA
FindResourceA
GetModuleFileNameW
GetEnvironmentStringsW
lstrlenW
GlobalFindAtomW
LocalFree
LoadLibraryA
GetSystemInfo
OutputDebugStringA
GetTickCount
SetFileAttributesW
lstrcmpiA
HeapValidate
HeapCreate
LockResource
GetCurrentDirectoryA
GetSystemDefaultLangID
LCMapStringW
GetStringTypeExA
GetStringTypeA
SetEnvironmentVariableA
FlushFileBuffers
FormatMessageW
GetCurrentThreadId
IsBadReadPtr
GetVersion
CreateFileMappingW
GetStringTypeW
OutputDebugStringW
GlobalFlags
SizeofResource

Sections

.text
Size: 224KB - Virtual size: 221KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 496KB - Virtual size: 493KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f65dc9d69796c401f72b10536f7acaff

Headers

File Characteristics

Imports

user32

shlwapi

mfc42

advapi32

oleaut32

shell32

comctl32

kernel32

Sections

.text Size: 224KB - Virtual size: 221KB

.rdata Size: 496KB - Virtual size: 493KB

.data Size: 144KB - Virtual size: 143KB

.rsrc Size: 32KB - Virtual size: 28KB

.text
Size: 224KB - Virtual size: 221KB

.rdata
Size: 496KB - Virtual size: 493KB

.data
Size: 144KB - Virtual size: 143KB

.rsrc
Size: 32KB - Virtual size: 28KB