5aea012d593bff11c00a104efcb9b4fafa71e4035214bca151d51c8e8031179e

Sharing

Copy URL Twitter E-mail

General

Target

5aea012d593bff11c00a104efcb9b4fafa71e4035214bca151d51c8e8031179e
Size

1.9MB
MD5

7fe5e0bca25beaa6163a10306863d4ac
SHA1

f6120d0b9d0ad835d7374cf227342617acc76113
SHA256

5aea012d593bff11c00a104efcb9b4fafa71e4035214bca151d51c8e8031179e
SHA512

e533be248b29bd934a8b020009e03b13d3e684d85936df0a397d057e2cca45e7998c5da9179277aefb86c009ec4c58768feec570c8137c481e0e07556822e5b5
SSDEEP

49152:qvJVt9Nul441BNdt7NrhGXNNRYla678CvPu9c9:wLVu2yt7NrhGX3RoaVCvK

Score

N/A

Malware Config

Signatures

Files

5aea012d593bff11c00a104efcb9b4fafa71e4035214bca151d51c8e8031179e
.exe windows x86

7628ae1a8a0d1c41db850bba7df46850

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

wininet

InternetCanonicalizeUrlW
InternetOpenW
InternetCrackUrlW
InternetOpenUrlW
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
InternetQueryDataAvailable
InternetSetOptionExW
InternetQueryOptionW
InternetCloseHandle
HttpOpenRequestW
HttpQueryInfoW
HttpAddRequestHeadersW
HttpSendRequestW
InternetConnectW
InternetReadFile
DeleteUrlCacheEntryW
GetUrlCacheEntryInfoW

kernel32

InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
CreateFileA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
SetEnvironmentVariableA
HeapCreate
GetStartupInfoA
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetTimeZoneInformation
QueryPerformanceCounter
VirtualFree
DeleteFileW
ReleaseMutex
CloseHandle
GetModuleFileNameW
lstrcmpW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
CreateMutexW
GetLastError
SizeofResource
LockResource
LoadResource
FindResourceW
WideCharToMultiByte
lstrlenW
GetLocalTime
Sleep
CreateThread
GlobalAlloc
GlobalLock
GlobalUnlock
FreeResource
CreateFileW
WriteFile
MultiByteToWideChar
GetPrivateProfileStringW
GlobalFree
IsBadWritePtr
InterlockedIncrement
InterlockedDecrement
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
GetFileType
SetStdHandle
VirtualQuery
GetSystemInfo
VirtualAlloc
HeapSize
ExitProcess
RaiseException
RtlUnwind
HeapReAlloc
HeapAlloc
HeapFree
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FindResourceExW
VirtualProtect
GetProfileIntW
SearchPathW
GetTempPathW
GetTempFileNameW
SetErrorMode
GetFileTime
GetFileSizeEx
lstrcpyW
GetCurrentDirectoryW
GetPrivateProfileIntW
GlobalFlags
TlsFree
LoadLibraryW
FreeLibrary
lstrlenA
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
GlobalGetAtomNameW
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
FileTimeToLocalFileTime
FileTimeToSystemTime
GetThreadLocale
GetCurrentProcessId
SetThreadPriority
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
GetModuleHandleA
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
GetVersionExA
SetLastError
GlobalSize
FormatMessageW
MulDiv
CreateSemaphoreW
ReleaseSemaphore
ResumeThread
GetCurrentThreadId
WaitForMultipleObjects
ExitThread
TerminateProcess
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
FindClose
WritePrivateProfileStringW
GetFileAttributesW
GetVersionExW
CopyFileW
GetSystemTimeAsFileTime
GetCurrentProcess
FindFirstFileW
GetModuleHandleW
GetProcAddress
GetStartupInfoW
ReadFile
GetTickCount
CreateEventW
ResetEvent
SetEvent
LocalFree
LocalAlloc
WaitForSingleObject

user32

DrawEdge
DrawIconEx
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
TranslateAcceleratorW
UnregisterClassW
GetNextDlgGroupItem
SetRect
EmptyClipboard
CloseClipboard
SetClipboardData
LoadImageW
DestroyIcon
CopyImage
OpenClipboard
DrawStateW
EnumChildWindows
LockWindowUpdate
BringWindowToTop
IsRectEmpty
IsMenu
GetSystemMenu
SetClassLongW
CreatePopupMenu
NotifyWinEvent
SetWindowRgn
LoadAcceleratorsW
GetAsyncKeyState
GetKeyboardState
GetKeyboardLayout
MapVirtualKeyW
ToUnicodeEx
CopyAcceleratorTableW
PostThreadMessageW
WaitMessage
WindowFromPoint
GetSysColorBrush
CharUpperW
DestroyMenu
GetMenuItemInfoW
InflateRect
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
CharNextW
ShowOwnedPopups
GetMessageW
TranslateMessage
GetActiveWindow
ValidateRect
RegisterClipboardFormatW
SetWindowContextHelpId
MapDialogRect
SystemParametersInfoW
MessageBeep
IsZoomed
PostQuitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
IsWindowEnabled
SetWindowTextW
IsDialogMessageW
DrawFrameControl
CheckDlgButton
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
ScrollWindow
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
PtInRect
SetCursor
DrawFocusRect
SetCursorPos
UnionRect
SetScrollPos
GetScrollPos
ShowScrollBar
MessageBoxW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
GetParent
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetDlgCtrlID
GetMenu
SystemParametersInfoA
GetWindowPlacement
GetWindow
GetMenuState
GetMenuStringW
AppendMenuW
GetMenuItemID
InsertMenuW
GetMenuItemCount
RemoveMenu
EndPaint
EnableScrollBar
SetMenuDefaultItem
GetMenuDefaultItem
IsCharLowerW
GetKeyNameTextW
MapVirtualKeyExW
IsClipboardFormatAvailable
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
DestroyWindow
DestroyAcceleratorTable
FillRect
InvalidateRgn
CreateAcceleratorTableW
BeginPaint
OffsetRect
IntersectRect
RedrawWindow
ShowWindow
CreateWindowExW
SetRectEmpty
FrameRect
GetUpdateRect
CharUpperBuffW
CopyIcon
SubtractRect
GetIconInfo
GetDoubleClickTime
CreateMenu
GetWindowRgn
DestroyCursor
SetCapture
LoadCursorW
SetParent
GetClientRect
GetWindowRect
GetDC
GetWindowLongW
SetWindowLongW
UpdateLayeredWindow
ReleaseDC
PostMessageW
SendMessageW
GetCursorPos
ScreenToClient
EnableWindow
UpdateWindow
LoadIconW
GetDesktopWindow
SetFocus
SetTimer
IsIconic
GetSystemMetrics
DrawIcon
KillTimer
SetWindowPos
MoveWindow
LoadMenuW
GetSubMenu
CheckMenuItem
SetForegroundWindow
IsWindowVisible
CallWindowProcW
SetMenuItemInfoW
DeleteMenu
TrackPopupMenu
wsprintfW
GetWindowThreadProcessId
IsWindow
DefWindowProcW
ReleaseCapture
InvalidateRect
CopyRect

gdi32

RectVisible
TextOutW
ExtTextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
CreateBitmap
GetStockObject
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
GetBkColor
GetTextColor
CreateFontIndirectW
GetTextExtentPoint32W
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
PatBlt
DPtoLP
OffsetRgn
GetRgnBox
CreateDIBitmap
PtVisible
EnumFontFamiliesW
GetTextCharsetInfo
CreateRoundRectRgn
SetDIBColorTable
GetDIBits
RealizePalette
StretchBlt
SetPixel
CreateEllipticRgn
CreatePolygonRgn
Polyline
Ellipse
Polygon
Rectangle
RoundRect
CreatePalette
GetPaletteEntries
GetWindowOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetViewportOrgEx
LPtoDP
ExtFloodFill
SetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
GetTextFaceW
SetPixelV
GetPixel
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
GetObjectW
SetBkColor
SetTextColor
GetDCOrgEx
CopyMetaFileW
GetDeviceCaps
BitBlt
CreateCompatibleBitmap
DeleteDC
DeleteObject
SelectObject
CreateDIBSection
CreateCompatibleDC
GetTextMetricsW
GetClipBox

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegQueryValueW
RegDeleteKeyW
RegOpenKeyW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegEnumKeyExW
RegEnumKeyW
RegDeleteValueW

shell32

ShellExecuteExW
SHGetSpecialFolderLocation
ShellExecuteW
SHGetPathFromIDListW
SHGetFileInfoW
SHAppBarMessage
SHBrowseForFolderW
DragQueryFileW
DragFinish

comctl32

InitCommonControlsEx
_TrackMouseEvent
ImageList_GetIconSize

shlwapi

PathFileExistsW
PathStripPathW
PathRemoveFileSpecW
PathCombineW
PathFindExtensionW
PathFindFileNameW
UrlUnescapeW
PathStripToRootW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CoUninitialize
StringFromGUID2
OleLockRunning
CLSIDFromString
CoCreateInstance
CoTaskMemFree
CoGetMalloc
CreateStreamOnHGlobal
ReleaseStgMedium
CoTaskMemAlloc
CLSIDFromProgID
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
DoDragDrop
OleGetClipboard
CoInitializeEx
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleDuplicateData

oleaut32

VariantClear
SysAllocString
SysFreeString
SysStringLen
VariantChangeType
OleCreateFontIndirect
SysAllocStringLen
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
VariantInit
VariantCopy

gdiplus

GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipLoadImageFromFile
GdipLoadImageFromFileICM
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipDisposeImage
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipImageSelectActiveFrame
GdipCreateFromHWND
GdipCreateFromHWNDICM
GdipDrawImageRectI
GdipDrawImageRectRect
GdipDeleteBrush
GdipDeletePen
GdipCloneBrush
GdipSetImageAttributesColorMatrix
GdipSetTextRenderingHint
GdipDeleteFont
GdipSetImageAttributesWrapMode
GdipSetStringFormatAlign
GdipDeleteFontFamily
GdipCreateSolidFill
GdipDisposeImageAttributes
GdipCreateFont
GdipCreateBitmapFromScan0
GdipDrawString
GdipCreateFontFamilyFromName
GdipSetSolidFillColor
GdipFillRectangleI
GdipCreateStringFormat
GdipCreatePen1
GdipDeleteStringFormat
GdipDrawRectangleI
GdipGetPathWorldBounds
GdipGetFontStyle
GdipGetFamily
GdipAddPathString
GdipGetFontSize
GdipDeletePath
GdipCreatePath
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipCreateImageAttributes

iphlpapi

GetAdaptersInfo
GetAdaptersAddresses

netapi32

Netbios

snmpapi

SnmpUtilOidCpy
SnmpUtilVarBindFree
SnmpUtilOidNCmp

ws2_32

__WSAFDIsSet
WSAStartup
gethostbyname
socket
htons
WSAGetLastError
select
connect
send
recv
closesocket

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 312KB - Virtual size: 311KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 151KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7628ae1a8a0d1c41db850bba7df46850

Headers

DLL Characteristics

File Characteristics

Imports

version

wininet

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

iphlpapi

netapi32

snmpapi

ws2_32

imm32

winmm

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 312KB - Virtual size: 311KB

.data Size: 26KB - Virtual size: 54KB

.rsrc Size: 27KB - Virtual size: 27KB

.reloc Size: 151KB - Virtual size: 151KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 312KB - Virtual size: 311KB

.data
Size: 26KB - Virtual size: 54KB

.rsrc
Size: 27KB - Virtual size: 27KB

.reloc
Size: 151KB - Virtual size: 151KB