fb74212ed7d82d617e3485ceecf7e0a56faa45e00d7a1c38e1652df88ea5c900

Sharing

Copy URL

Twitter E-mail

General

Target

fb74212ed7d82d617e3485ceecf7e0a56faa45e00d7a1c38e1652df88ea5c900
Size

255KB
MD5

17b31ea88c555f8629c0fb816f44a16c
SHA1

83b8f46f4bf1b873abfe2ebda56f46319bc2705d
SHA256

fb74212ed7d82d617e3485ceecf7e0a56faa45e00d7a1c38e1652df88ea5c900
SHA512

62e482efe23ae153fd9a57cdfbd05e3aff6bb712b0b132fa755c23cc85a17f5a3ba7944e982c84686d2dcfbc8ed37dfb7b84da4971adf10b180eb54df3edf8e4
SSDEEP

6144:sfK9TB2FX+3PUsyj4oVDyLiMRgxnnMACD3prIvxoO:sfK9ToYUs0PEi/RnDewx1

Score

N/A

Malware Config

Signatures

Files

fb74212ed7d82d617e3485ceecf7e0a56faa45e00d7a1c38e1652df88ea5c900
.exe windows x86

8d32783cf1879355ee8a047c61ef550d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToLocalFileTime
SetFileAttributesW
SetEndOfFile
SetFilePointerEx
SetFileTime
ReadFile
GetFileSizeEx
GetFileTime
DeleteFileW
GetFileInformationByHandle
GetNativeSystemInfo
GetDriveTypeW
GetSystemDefaultUILanguage
GetLogicalDrives
GetProcessTimes
GetModuleFileNameW
lstrcmpW
GlobalMemoryStatusEx
GetUserDefaultUILanguage
GetDiskFreeSpaceExW
GetVolumeInformationW
ExitProcess
SetErrorMode
GetComputerNameW
GetVersionExW
lstrcatW
OpenEventW
GetCurrentProcessId
HeapReAlloc
HeapAlloc
HeapFree
GetProcessHeap
HeapCreate
GetTempPathW
lstrcpyA
VirtualProtectEx
GetThreadContext
SetThreadContext
GetProcessId
TryEnterCriticalSection
SetThreadPriority
ResetEvent
TlsGetValue
TlsSetValue
TerminateProcess
GlobalLock
GlobalUnlock
CreateMutexW
OpenMutexW
MoveFileExW
FindFirstFileW
FindClose
FindNextFileW
InterlockedIncrement
InterlockedDecrement
TlsAlloc
TlsFree
CreateDirectoryW
VirtualFree
VirtualAlloc
RemoveDirectoryW
WTSGetActiveConsoleSessionId
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
RtlUnwind
OutputDebugStringA
SetFilePointer
GetTempFileNameW
DosDateTimeToFileTime
FileTimeToDosDateTime
Process32NextW
Process32FirstW
CreateRemoteThread
ReleaseMutex
GetCurrentThreadId
lstrlenW
TerminateThread
lstrcpyW
SetLastError
GetHandleInformation
WriteProcessMemory
VirtualAllocEx
VirtualFreeEx
IsBadReadPtr
ResumeThread
DuplicateHandle
GetCommandLineW
lstrcmpiA
lstrcmpA
GetLocalTime
GetTimeZoneInformation
SystemTimeToFileTime
LocalFree
ExpandEnvironmentStringsW
GetSystemTime
Sleep
WaitForMultipleObjects
CreateEventW
GetExitCodeThread
VirtualQueryEx
SetEvent
lstrcpynA
CreateThread
CreateToolhelp32Snapshot
lstrcmpiW
LoadLibraryA
GetLastError
Thread32Next
LoadLibraryW
Thread32First
OpenProcess
GetCurrentThread
CreateProcessW
FreeLibrary
GetEnvironmentVariableW
GetProcAddress
GetPrivateProfileIntW
FlushFileBuffers
GetFileAttributesW
GetPrivateProfileStringW
GetModuleHandleW
lstrlenA
VirtualProtect
WriteFile
WaitForSingleObject
GetVolumeNameForVolumeMountPointW
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
MapViewOfFile
GetTickCount
QueryPerformanceCounter
MultiByteToWideChar
WideCharToMultiByte
CloseHandle
CreateFileMappingW
CreateFileW
UnmapViewOfFile
ReadProcessMemory

user32

GetUpdateRect
IntersectRect
GetDCEx
PostThreadMessageW
EqualRect
PrintWindow
DefWindowProcW
GetUpdateRgn
EndPaint
ToUnicode
GetClipboardData
GetKeyboardState
TranslateMessage
DispatchMessageW
MsgWaitForMultipleObjects
OpenWindowStationW
GetUserObjectInformationW
SetThreadDesktop
CloseDesktop
OpenDesktopW
GetProcessWindowStation
BeginPaint
CloseWindowStation
GetThreadDesktop
SetProcessWindowStation
CreateDesktopW
GetShellWindow
RegisterClassA
DefFrameProcW
CallWindowProcW
EndMenu
CallWindowProcA
RegisterClassW
HiliteMenuItem
DefMDIChildProcA
MapVirtualKeyW
RegisterClassExA
RegisterWindowMessageW
GetMenuItemID
SetKeyboardState
GetSubMenu
DefDlgProcW
DrawEdge
FillRect
GetWindowDC
CreateWindowStationW
DefFrameProcA
OpenInputDesktop
MenuItemFromPoint
GetMenu
CharToOemW
GetCursorPos
GetIconInfo
DrawIcon
IsRectEmpty
GetWindowThreadProcessId
GetMessagePos
MapWindowPoints
SendMessageW
ReleaseCapture
CharLowerA
GetTopWindow
LoadImageW
WindowFromPoint
GetDC
ReleaseDC
SetWindowLongW
GetWindow
CharLowerW
ExitWindowsEx
CharUpperW
GetLastInputInfo
GetSystemMetrics
GetMessageA
GetWindowRect
GetMessageW
SetCapture
PostMessageW
IsWindow
SendMessageTimeoutW
SetWindowPos
RegisterClassExW
GetMenuItemRect
TrackPopupMenuEx
SystemParametersInfoW
GetClassNameW
GetMenuState
DefWindowProcA
DefMDIChildProcW
SwitchDesktop
GetMenuItemCount
DefDlgProcA
PeekMessageA
PeekMessageW
GetAncestor
GetWindowLongW
SetCursorPos
GetCapture
GetClassLongW
GetWindowInfo
GetParent

advapi32

RegCreateKeyExW
CryptVerifySignatureW
CryptGetKeyParam
CryptImportKey
CryptDestroyKey
CryptDestroyHash
RegCloseKey
OpenProcessToken
GetSidSubAuthority
OpenThreadToken
GetSidSubAuthorityCount
GetTokenInformation
CreateProcessAsUserW
LookupPrivilegeValueW
AdjustTokenPrivileges
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetSecurityDescriptorSacl
SetSecurityDescriptorSacl
CryptGetHashParam
CryptAcquireContextW
CryptReleaseContext
CryptCreateHash
CryptHashData
GetLengthSid
IsWellKnownSid
ConvertSidToStringSidW
InitiateSystemShutdownExW
EqualSid

shlwapi

PathUnquoteSpacesW
PathSkipRootW
PathMatchSpecW
UrlUnescapeA
PathAddExtensionW
PathIsDirectoryW
wvnsprintfA
wvnsprintfW
PathIsURLW
PathFindExtensionW
PathQuoteSpacesW
PathGetDriveNumberW
PathFindFileNameW
StrCmpNIA
StrChrA
StrCmpNW
StrCmpNIW
StrCmpNA
StrChrW
StrCmpIW
StrRChrA
SHDeleteKeyW
SHDeleteValueW
ord14
PathRemoveBackslashW
PathAddBackslashW
PathRemoveFileSpecW

shell32

ShellExecuteW
CommandLineToArgvW
SHGetFolderPathW

secur32

GetUserNameExW
EncryptMessage
DecryptMessage

ole32

CoInitializeEx
CoInitializeSecurity
CoUninitialize
CoCreateInstance
CoTaskMemFree
CoSetProxyBlanket
CreateStreamOnHGlobal
StringFromGUID2
CLSIDFromString

gdi32

GdiFlush
CreateCompatibleDC
SetRectRgn
CreateDIBSection
GetDIBits
SaveDC
RestoreDC
BitBlt
DeleteDC
GetDeviceCaps
CreateDCW
SelectObject
DeleteObject
SetViewportOrgEx
CreateCompatibleBitmap

ws2_32

sendto
setsockopt
shutdown
getsockname
WSAEventSelect
WSAEnumNetworkEvents
recvfrom
WSAStartup
getaddrinfo
select
freeaddrinfo
WSARecv
WSASend
WSACleanup
recv
bind
socket
WSACreateEvent
WSASetLastError
closesocket
send
getsockopt
listen
WSAAddressToStringA
WSAStringToAddressW
accept
WSAGetLastError
WSACloseEvent
getpeername
WSAIoctl
connect

crypt32

CertDuplicateCertificateContext
CertEnumCertificatesInStore
PFXImportCertStore
CertCloseStore
CertOpenSystemStoreW
CertDeleteCertificateFromStore
CryptUnprotectData
PFXExportCertStoreEx

wininet

InternetCrackUrlA
HttpAddRequestHeadersW
InternetSetStatusCallbackW
GetUrlCacheEntryInfoW
HttpSendRequestW
InternetReadFileExA
InternetQueryDataAvailable
InternetSetStatusCallbackA
HttpSendRequestExW
HttpSendRequestExA
InternetSetCookieA
InternetQueryOptionA
InternetCloseHandle
InternetOpenA
InternetReadFile
HttpQueryInfoA
InternetConnectA
InternetQueryOptionW
InternetSetOptionA
HttpOpenRequestA
HttpAddRequestHeadersA
HttpSendRequestA

oleaut32

SysFreeString
SysAllocString
VariantInit
VariantClear

netapi32

NetUserEnum
NetApiBufferFree
NetUserGetInfo

iphlpapi

GetAdaptersAddresses

msvcrt

_errno
memcpy
memset
_purecall
abs
_ultoa
memcmp
strcmp
_wtoi
_ultow
memchr
_vsnwprintf
_vsnprintf
memmove
_except_handler3

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

Sections

.text
Size: 241KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8d32783cf1879355ee8a047c61ef550d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

shell32

secur32

ole32

gdi32

ws2_32

crypt32

wininet

oleaut32

netapi32

iphlpapi

msvcrt

version

Sections

.text Size: 241KB - Virtual size: 240KB

.data Size: 2KB - Virtual size: 9KB

.reloc Size: 11KB - Virtual size: 10KB

.text
Size: 241KB - Virtual size: 240KB

.data
Size: 2KB - Virtual size: 9KB

.reloc
Size: 11KB - Virtual size: 10KB