c262fb24d7f53430ed98ccd0da7586204c73fb1659fb4d42a31d0dabc42eb5ee

Sharing

Copy URL Twitter E-mail

General

Target

c262fb24d7f53430ed98ccd0da7586204c73fb1659fb4d42a31d0dabc42eb5ee
Size

117KB
MD5

25d42473eacac7f38f486eec20f8bd21
SHA1

c53b1dde842196246ae33b3f09b2ab024d5247d0
SHA256

c262fb24d7f53430ed98ccd0da7586204c73fb1659fb4d42a31d0dabc42eb5ee
SHA512

5e012cb3a157919855c3ee18ccdaad40ad2b2e7355f2b904286027c56ea09daf536beedc5840b0035fb03ee237b57ac2e86294608279b49f540bca17165e084a
SSDEEP

3072:1UyoJJVA9CTu8bUjhlgbvF7i3Q3XUBZwwwPHFIBP:NoJc1jhl85E6Suww/2

Score

N/A

Malware Config

Signatures

Files

c262fb24d7f53430ed98ccd0da7586204c73fb1659fb4d42a31d0dabc42eb5ee
.exe windows x86

aff660277383ad8f76e3f21b315bf8a1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleActiveScreenBuffer
FindClose
PurgeComm
GlobalFindAtomA
GetMailslotInfo
SetThreadIdealProcessor
LocalUnlock
GlobalUnfix
ConvertThreadToFiber
SetCurrentDirectoryA
CreateWaitableTimerW
CreateTapePartition
GetSystemDirectoryW
GetFileAttributesExA
BeginUpdateResourceA
CreateNamedPipeW
RaiseException
LocalLock
SetThreadExecutionState
QueryPerformanceCounter
Process32Next
CreateMailslotA
EnumDateFormatsExA
IsDBCSLeadByteEx
GetNamedPipeHandleStateA
CompareStringW
GetLongPathNameW
RtlFillMemory
FileTimeToSystemTime
AreFileApisANSI
FindFirstFileA
CreateProcessA
FormatMessageW
GetConsoleTitleW
GetDriveTypeW
CreateRemoteThread
CreatePipe
SetHandleCount
LoadModule
CreateSemaphoreW
GetCPInfoExW
SetErrorMode
UnmapViewOfFile
TerminateThread
CreateDirectoryExW
GetLocalTime
SetVolumeLabelA
GlobalReAlloc
GlobalAddAtomA
GetProcessPriorityBoost
GetCurrentThreadId
CreateFileW
Heap32Next
HeapWalk
GetTickCount
DefineDosDeviceA
ConnectNamedPipe
SetConsoleTitleA
VirtualAlloc
SetThreadContext
SetCommConfig
GetStartupInfoA
GetModuleFileNameW
BuildCommDCBW
CancelWaitableTimer
OutputDebugStringA
HeapCreate
LCMapStringW
GetSystemDirectoryA
LoadLibraryExW
CreateToolhelp32Snapshot
GetTimeFormatA
GenerateConsoleCtrlEvent
SetDefaultCommConfigW
MoveFileW
ContinueDebugEvent
GetTapeStatus
SetMailslotInfo
RequestWakeupLatency
CreateMutexW
MultiByteToWideChar
MoveFileA
QueryDosDeviceW
EndUpdateResourceA
OpenFile
WriteConsoleInputA
FindResourceW
EnumResourceTypesW
OpenSemaphoreW
Module32First
OpenEventA
CommConfigDialogW
FatalAppExitA
GlobalLock
SleepEx
GetCurrentDirectoryA
GetStartupInfoW
VirtualProtect
GetBinaryTypeA
FlushConsoleInputBuffer
DeleteFileA
GetCommModemStatus
Heap32First
SetTapePosition
FlushInstructionCache
SetThreadAffinityMask
GetStdHandle
LocalHandle
SetPriorityClass
EnumDateFormatsW
lstrcmp
GetShortPathNameW
GetCalendarInfoW
GetConsoleOutputCP
GetThreadLocale
EnumSystemLocalesA
GlobalGetAtomNameW
lstrcmpi
EnumCalendarInfoW
GetEnvironmentStringsA
GetSystemTimeAsFileTime
GetSystemPowerStatus
SetNamedPipeHandleState
GetBinaryTypeW
SetProcessShutdownParameters
GetUserDefaultLCID
lstrcatA
GetFileSize
AllocConsole
VerLanguageNameW
IsProcessorFeaturePresent
lstrcat
GetProcAddress
FreeConsole
IsSystemResumeAutomatic
GetCommConfig
GetCurrentThread
GetFileInformationByHandle
GetCPInfoExA
SetFilePointer

shlwapi

PathCreateFromUrlW
PathIsUNCServerW
AssocQueryStringByKeyW
wnsprintfA
PathRemoveExtensionW
PathBuildRootW
PathUndecorateA
PathIsContentTypeW
StrStrW
PathQuoteSpacesA
PathGetDriveNumberA
PathMatchSpecW
StrCmpNIA
PathIsNetworkPathA
PathGetArgsW
PathIsUNCW
StrCSpnIW
SHRegWriteUSValueW
PathRelativePathToA
StrRStrIW
SHQueryInfoKeyW
PathAppendW
PathQuoteSpacesW
SHIsLowMemoryMachine
UrlCombineW
PathIsUNCServerShareA
UrlCompareW
PathIsUNCServerA
SHRegCreateUSKeyW
PathMakeSystemFolderA
PathUnquoteSpacesA
PathRemoveExtensionA
ColorRGBToHLS
StrStrA
wvnsprintfA
PathRemoveBlanksW
StrRetToStrW
PathGetCharTypeA
SHOpenRegStreamW
PathIsSystemFolderW
StrCatW
ChrCmpIW
UrlCreateFromPathA
StrStrIW
StrChrIW
PathRemoveArgsA
SHRegEnumUSValueA
SHRegCreateUSKeyA
SHGetInverseCMAP
SHQueryInfoKeyA
UrlCanonicalizeA
StrCSpnW
UrlUnescapeW
UrlHashW
UrlIsA
PathIsPrefixW
ColorHLSToRGB
SHRegOpenUSKeyA
PathUnquoteSpacesW
PathRemoveFileSpecA
StrCpyNW
PathCanonicalizeA
PathIsRootA
PathIsFileSpecA
PathIsDirectoryEmptyW
PathFileExistsW
PathFindExtensionA
PathCommonPrefixA
SHOpenRegStream2A
SHDeleteKeyA
PathRenameExtensionA
SHDeleteEmptyKeyA
PathAddBackslashW
SHRegOpenUSKeyW
StrRChrW
PathMatchSpecA
PathIsDirectoryEmptyA
SHGetValueA
UrlHashA
SHEnumKeyExW
SHCreateStreamOnFileW
SHStrDupW
PathFindNextComponentA
PathMakeSystemFolderW
PathFindOnPathA
UrlUnescapeA
UrlCreateFromPathW
UrlApplySchemeW
SHRegWriteUSValueA
StrSpnA
PathFindFileNameA
StrChrIA
SHRegQueryUSValueW
SHDeleteKeyW
SHSetValueA
PathRemoveArgsW
PathUnmakeSystemFolderW
AssocQueryKeyW
AssocQueryStringA
StrPBrkW
UrlEscapeA
PathFileExistsA
UrlIsOpaqueA
SHEnumKeyExA
SHDeleteValueW
StrCpyW
PathFindSuffixArrayW
StrTrimA

advapi32

SetTokenInformation
GetServiceKeyNameW
ImpersonateNamedPipeClient
CryptExportKey
PrivilegeCheck
CryptSetProviderW
EqualPrefixSid
ReadEventLogW
DestroyPrivateObjectSecurity
SetFileSecurityW
GetNamedSecurityInfoExA
RegisterEventSourceA
GetExplicitEntriesFromAclA
RegDeleteValueA
GetMultipleTrusteeOperationW
GetSidSubAuthorityCount
GetServiceDisplayNameW
GetFileSecurityW
SetServiceBits
LookupAccountSidW
GetServiceDisplayNameA
RegOpenKeyW
GetUserNameW
GetLengthSid
AdjustTokenPrivileges
GetSecurityDescriptorDacl
OpenSCManagerW
BuildTrusteeWithSidA
EnumDependentServicesA
AllocateLocallyUniqueId
GetFileSecurityA
CreateServiceA
GetNamedSecurityInfoExW
RegReplaceKeyW
StartServiceCtrlDispatcherW
GetSecurityDescriptorGroup
NotifyChangeEventLog
AdjustTokenGroups
CryptEnumProviderTypesA
GetSecurityInfoExA
CreatePrivateObjectSecurity
CryptSetKeyParam
GetUserNameA
GetTrusteeTypeW
GetCurrentHwProfileA
BuildImpersonateExplicitAccessWithNameA
InitializeSecurityDescriptor
LookupSecurityDescriptorPartsW
QueryServiceLockStatusA
GetOverlappedAccessResults
RegEnumKeyW
GetNamedSecurityInfoA
BuildExplicitAccessWithNameW
TrusteeAccessToObjectA
CryptDecrypt
SetThreadToken
ConvertAccessToSecurityDescriptorA
RegQueryValueW
GetAuditedPermissionsFromAclA
FreeSid
IsValidSid
SetEntriesInAclA
RegNotifyChangeKeyValue
ImpersonateSelf
GetSidLengthRequired
RegSetValueW
RegSetValueExA
CryptVerifySignatureW
RegEnumKeyA
RegQueryMultipleValuesA
RegOpenKeyExA
CryptSetProviderExA
GetSecurityInfo
GetMultipleTrusteeW
ObjectPrivilegeAuditAlarmW
EnumDependentServicesW
ObjectCloseAuditAlarmW
RegEnumKeyExA
StartServiceW
LookupPrivilegeNameA
BuildTrusteeWithNameA
RegQueryInfoKeyW
GetKernelObjectSecurity
CryptHashData
CryptEnumProvidersA
GetAuditedPermissionsFromAclW
ReportEventW
CryptDestroyKey
SetServiceStatus
AccessCheck
CryptReleaseContext
ObjectOpenAuditAlarmW
RegUnLoadKeyA
CryptVerifySignatureA
CryptContextAddRef
BuildImpersonateTrusteeA
AddAuditAccessAce
ObjectOpenAuditAlarmA
AbortSystemShutdownW
CryptSignHashA
RegRestoreKeyA
GetExplicitEntriesFromAclW
RegConnectRegistryA
CryptSetHashParam
CloseEventLog
RegGetKeySecurity
MakeAbsoluteSD
RegEnumKeyExW
SetEntriesInAuditListW
GetAccessPermissionsForObjectA
OpenServiceA
SetEntriesInAccessListA
GetAclInformation
ChangeServiceConfigA
GetSecurityDescriptorSacl
RegCreateKeyExW
CancelOverlappedAccess
AddAccessDeniedAce
GetSecurityDescriptorOwner
ObjectDeleteAuditAlarmW

user32

MonitorFromRect
GetWindowLongA
VkKeyScanExW
GetMenu
SetTimer
GetCaretBlinkTime
DdeDisconnectList
BroadcastSystemMessage
ShowScrollBar
GetKeyboardLayoutNameW
SetMenuContextHelpId
DefDlgProcW
GetWindowRgn
GetDCEx
ChangeMenuA
OemToCharA
DlgDirListW
DragObject
GetThreadDesktop
GetSysColor
EnableScrollBar
RegisterClassExW
CloseClipboard
DdeUnaccessData
SendMessageTimeoutA
SwapMouseButton
CharLowerA
GetMenuDefaultItem
LoadKeyboardLayoutA
EnableMenuItem
GetSystemMenu
IsDialogMessage
SetProcessDefaultLayout
LoadAcceleratorsW
CheckDlgButton
CloseWindowStation
LoadAcceleratorsA
DrawTextA
GetSystemMetrics
DdeClientTransaction
CharNextA
MapVirtualKeyA
DdeConnect
ExcludeUpdateRgn
RedrawWindow
DdeInitializeA
CopyAcceleratorTableA
GetWindowDC
OpenClipboard
TranslateAccelerator
ScrollWindowEx
GetTabbedTextExtentA
MapVirtualKeyW
CreateIconIndirect
GetDC
InSendMessage
SendMessageW
ReleaseCapture
SetMenuItemInfoA
SendMessageA
SetDlgItemInt
LoadMenuIndirectW
ScreenToClient
SetScrollInfo
HiliteMenuItem
CharToOemA
GetWindowInfo
SetWindowTextW
CheckMenuRadioItem
DestroyWindow
GetQueueStatus
SetDebugErrorLevel
GetClassLongA
GrayStringW
SetWindowsHookW
CreateWindowExA
OpenInputDesktop
DispatchMessageW
DrawFrameControl
IsCharUpperW
FillRect
GetDlgItemInt
SetWindowsHookExW
SetKeyboardState
DrawCaption
DdeAccessData
MessageBoxExA
MessageBoxA
GetUserObjectSecurity
LoadMenuA
InvertRect
UnhookWindowsHookEx
GetDoubleClickTime
DrawStateW
DrawFrame
CheckRadioButton
SetLastErrorEx
GetKeyboardLayout
DrawTextExA
DrawStateA
GetClassNameW
SendNotifyMessageA
IsDialogMessageW
SetWindowPos
ExitWindowsEx
CharPrevA
EnumClipboardFormats
CreateWindowStationA
LookupIconIdFromDirectoryEx
OemToCharW
LoadStringA
SetRectEmpty
PostThreadMessageW
TranslateMessage
CheckMenuItem
FindWindowExW
CreateMenu
SetMenuItemInfoW
IsWindowEnabled
DrawFocusRect

ole32

WriteClassStm
CoFileTimeToDosDateTime
StgSetTimes
OpenOrCreateStream
CoTreatAsClass
OleBuildVersion
StgCreateStorageEx
OleDestroyMenuDescriptor
OleRegGetUserType
FreePropVariantArray
OleCreateLinkFromData
OleDraw
CoCreateGuid
CoImpersonateClient
CreateGenericComposite
CoRevertToSelf
UtGetDvtd32Info
MonikerCommonPrefixWith
WriteStringStream
OleIsCurrentClipboard
OleRegGetMiscStatus
CoGetStandardMarshal
OleLoadFromStream
StgGetIFillLockBytesOnILockBytes
OleCreateFromDataEx
CreateDataAdviseHolder
CoGetCurrentLogicalThreadId
ProgIDFromCLSID
OleConvertIStorageToOLESTREAMEx
UtGetDvtd16Info
OleCreateFromFile
CoCreateInstanceEx
CreateFileMoniker
CoIsOle1Class
OleQueryCreateFromData
OleTranslateAccelerator
CreateBindCtx
CoRegisterChannelHook
OleQueryLinkFromData
WriteFmtUserTypeStg
UtConvertDvtd32toDvtd16
BindMoniker
OleSetMenuDescriptor
OleNoteObjectVisible
CoRegisterPSClsid
StringFromCLSID
CreateClassMoniker
CoInitializeSecurity
CoGetPSClsid
OleGetIconOfClass
ReadFmtUserTypeStg
CoFreeUnusedLibraries
CoTaskMemFree
StgIsStorageFile
GetConvertStg
OleIsRunning
OleLockRunning
IIDFromString
ReadOleStg
CoResumeClassObjects
OleConvertIStorageToOLESTREAM
SetDocumentBitStg
CoGetCallerTID
RevokeDragDrop
OleSave
CoUnmarshalInterface
CLSIDFromString
CoSwitchCallContext
OleLoad
CoRegisterMallocSpy
CoLockObjectExternal
OleCreateFromFileEx
StgOpenStorage
RegisterDragDrop
OleConvertOLESTREAMToIStorage
EnableHookObject
StringFromGUID2
OleGetClipboard
SetConvertStg
OleCreateStaticFromData
UpdateDCOMSettings
CoCopyProxy
DllDebugObjectRPCHook
CreateAntiMoniker
GetHookInterface
CoQueryReleaseObject
CoQueryClientBlanket
OleRegEnumFormatEtc
CoGetClassObject
CoFreeAllLibraries
CoRegisterClassObject
CoIsHandlerConnected
OleUninitialize
IsEqualGUID
ReleaseStgMedium
StgIsStorageILockBytes
OleCreateDefaultHandler
CoFileTimeNow

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

aff660277383ad8f76e3f21b315bf8a1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shlwapi

advapi32

user32

ole32

Sections

.text Size: 64KB - Virtual size: 63KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 512B - Virtual size: 144B

.text
Size: 64KB - Virtual size: 63KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 512B - Virtual size: 144B