baaa667ede71eab3e2a8491508faccd5f46f3ebebf2f67acb256faaf5d6f5f20

Sharing

Copy URL Twitter E-mail

General

Target

baaa667ede71eab3e2a8491508faccd5f46f3ebebf2f67acb256faaf5d6f5f20
Size

4.1MB
MD5

0df0f08cb1fbd2701906f72def3197f5
SHA1

8ddd1f38fea33170e3225d9dcbf33840b209e061
SHA256

baaa667ede71eab3e2a8491508faccd5f46f3ebebf2f67acb256faaf5d6f5f20
SHA512

2cc2c4ab7108d1b54eb1fb6d5a903a1120c6c98e0a6b9d415b341ef7432b7248505c5fa4cc69ea276f9c038e479a992390fc8d4ef90b024d10dab7d7a2e762e1
SSDEEP

49152:4EEfhnd9g7BtoMWnbxnKcZj+ceHt0+JcBWO859b7BapLSdWXq2nQ3OLkebQghwEa:4BD9S0zn859b7BCSdW1nQ3+s7F4CFOf

Score

N/A

Malware Config

Signatures

Files

baaa667ede71eab3e2a8491508faccd5f46f3ebebf2f67acb256faaf5d6f5f20
.exe windows x86

3e2848a26923f4e0d71b1e613f7b3643

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
GetModuleFileNameA
GetCurrentThreadId
CreateFileA
GetCurrentProcessId
SetUnhandledExceptionFilter
GetStdHandle
LoadLibraryExW
SearchPathW
lstrlenW
GetShortPathNameW
SetFileTime
SetFileAttributesW
GetWindowsDirectoryW
MoveFileW
SetFilePointer
SetEndOfFile
GetFileInformationByHandle
FindFirstChangeNotificationW
FindCloseChangeNotification
GetStartupInfoW
CreatePipe
OutputDebugStringW
CreateProcessW
GetTempFileNameW
GetDriveTypeW
MoveFileExW
GetSystemInfo
GetFileAttributesExW
GetLogicalDriveStringsW
OpenProcess
CreateFileW
GetProcessId
RemoveDirectoryW
TerminateProcess
InterlockedCompareExchange
WriteFile
FindNextFileW
CompareFileTime
CreateDirectoryW
GetModuleHandleA
LoadLibraryA
GetVersionExA
GetFullPathNameA
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
lstrlenA
CreateFileMappingW
UnmapViewOfFile
MapViewOfFile
GetFileSizeEx
RtlCaptureStackBackTrace
GetModuleHandleW
GetLocalTime
GetVersionExW
GetTickCount
IsBadReadPtr
FindFirstFileW
GetFullPathNameW
FindResourceW
FindClose
SizeofResource
LoadResource
WriteConsoleW
FlushFileBuffers
HeapSize
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExW
FindFirstFileExA
GetProcessHeap
SetConsoleCtrlHandler
GetTimeZoneInformation
SetStdHandle
GetConsoleCP
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetFileType
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetACP
ExitProcess
HeapReAlloc
ConnectNamedPipe
ResumeThread
InitializeCriticalSectionAndSpinCount
RtlUnwind
WaitForMultipleObjectsEx
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
SetProcessAffinityMask
VirtualProtect
VirtualFree
VirtualAlloc
FreeLibraryAndExitThread
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
SwitchToThread
SignalObjectAndWait
CreateTimerQueue
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
UnhandledExceptionFilter
ResetEvent
LocalFree
GetCPInfo
GetLocaleInfoW
LCMapStringW
CompareStringW
EncodePointer
GetSystemTimeAsFileTime
TlsFree
LockResource
FreeResource
MulDiv
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetCurrentProcess
HeapFree
HeapAlloc
HeapDestroy
HeapCreate
FlushInstructionCache
GetFileAttributesW
MultiByteToWideChar
CreateMutexW
SetLastError
WritePrivateProfileStringW
SetCurrentDirectoryW
FileTimeToSystemTime
FileTimeToLocalFileTime
WaitForMultipleObjects
SetEvent
CreateEventW
CreateThread
OutputDebugStringA
WideCharToMultiByte
CloseHandle
Sleep
GetExitCodeProcess
WaitForSingleObject
GetLastError
FreeLibrary
LoadLibraryW
GetTempPathW
DeleteFileW
GetModuleFileNameW
GetProcAddress
TlsSetValue
TlsGetValue
TlsAlloc
GetStringTypeW
FormatMessageW
GlobalUnlock
TryEnterCriticalSection
QueryPerformanceFrequency
QueryPerformanceCounter
GetNativeSystemInfo
GetExitCodeThread
GetCurrentThread
WaitForSingleObjectEx
DuplicateHandle
DisconnectNamedPipe
CreateNamedPipeW
DecodePointer
RaiseException
GetModuleHandleExW
GetSystemDirectoryW
GlobalLock
GlobalAlloc
GetFileSize
InterlockedIncrement
GetCurrentDirectoryW
ExitThread
ReadFile
InterlockedDecrement

user32

DeleteMenu
SetPropW
PostMessageW
MoveWindow
SendMessageW
IsWindowVisible
SetForegroundWindow
GetWindowThreadProcessId
IsWindow
FindWindowW
GetActiveWindow
ShowWindow
GetSystemMetrics
GetWindowRect
SetWindowPos
GetWindow
GetDesktopWindow
GetPropW
RegisterWindowMessageW
GetCursorPos
SystemParametersInfoW
SetTimer
KillTimer
DestroyIcon
DestroyWindow
LoadCursorW
DestroyCursor
SetCursor
SetRect
CopyRect
InflateRect
IntersectRect
UnionRect
IsRectEmpty
EqualRect
PtInRect
DefWindowProcW
CallWindowProcW
UnregisterClassW
RegisterClassExW
CreateWindowExW
DrawIconEx
GetDlgItem
GetClientRect
MapWindowPoints
GetWindowLongW
SetWindowLongW
GetParent
MonitorFromWindow
GetMonitorInfoW
TrackMouseEvent
PostQuitMessage
AnimateWindow
SetLayeredWindowAttributes
IsIconic
IsZoomed
SetFocus
GetCapture
SetCapture
ReleaseCapture
UpdateWindow
GetDC
ReleaseDC
BeginPaint
EndPaint
InvalidateRect
SetWindowTextW
CreateCaret
GetCaretBlinkTime
HideCaret
SetCaretPos
ScreenToClient
GetClassNameW
GetKeyState
CharToOemW
SetActiveWindow
EnableWindow
UpdateLayeredWindow
MapVirtualKeyA
CharLowerBuffW
SystemParametersInfoA
EnableMenuItem
GetWindowPlacement
LoadIconW
MessageBoxW
GetForegroundWindow
MsgWaitForMultipleObjects
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
SetMenuContextHelpId
GetMenuItemInfoW
SetMenuInfo
GetMenuInfo
TrackPopupMenu
DrawTextW
AppendMenuW
InsertMenuW
GetMenuItemCount
CheckMenuItem
DestroyMenu
CreatePopupMenu
IsWindowEnabled
IsMenu
LoadImageW
CreateIconFromResource
LoadBitmapW
GetIconInfo
CharNextW
GetFocus
OffsetRect
GetSysColor
ClientToScreen

gdi32

SetBkMode
Rectangle
GetStockObject
GetClipBox
CreateSolidBrush
CreateFontIndirectW
SelectObject
DeleteDC
CreateCompatibleDC
GetObjectW
CreateRoundRectRgn
EnumFontsW
DeleteObject
SetGraphicsMode
GetDeviceCaps
BitBlt
ExtCreateRegion
GetRegionData
IntersectClipRect
SelectClipRgn
CreateDIBSection
GetCurrentObject
GetViewportOrgEx
GetDCOrgEx
StretchBlt
CreateCompatibleBitmap
SetViewportOrgEx
EnumFontFamiliesExW
GetCharABCWidthsW
GetFontData
GetGlyphOutlineW
GetOutlineTextMetricsW
GetFontUnicodeRanges
GetGlyphIndicesW
GetTextExtentPointI
AddFontMemResourceEx
RemoveFontMemResourceEx
SetTextColor
SetTextAlign
GetTextMetricsW
SetWorldTransform
ExtTextOutW
GetTextFaceW
GdiFlush
CreateBitmap

comdlg32

GetOpenFileNameW

advapi32

RegDeleteKeyW
RegQueryValueExW
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
GetUserNameW
OpenProcessToken
DuplicateTokenEx
RegCloseKey
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW

shell32

ord727
ShellExecuteW
SHGetFileInfoW
SHGetPathFromIDListW
CommandLineToArgvW
ShellExecuteExW
ord43
SHBrowseForFolderW
Shell_NotifyIconW

ole32

CoInitializeEx
CoInitializeSecurity
CoUninitialize
CoInitialize
CreateBindCtx
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CreateStreamOnHGlobal
CoCreateGuid
OleInitialize
OleUninitialize
OleLockRunning

oleaut32

VariantInit
VariantClear
SysFreeString
SysAllocString
SysAllocStringByteLen
CreateErrorInfo
GetErrorInfo
VariantChangeType
SetErrorInfo
VariantCopy

shlwapi

StrToIntExW
PathCombineW
PathFileExistsW
PathRemoveFileSpecW
PathAddBackslashW
PathQuoteSpacesW
PathIsDirectoryW
StrToIntW
PathStripPathW
StrStrW
PathRenameExtensionW
SHDeleteKeyW
ord158
PathRemoveFileSpecA

gdiplus

GdiplusStartup
GdiplusShutdown
GdipSaveImageToFile
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipGraphicsClear
GdipFree
GdipDrawImageRectI
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipImageGetFrameDimensionsCount
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageI
GdipDeleteGraphics
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipGetImageGraphicsContext
GdipDisposeImage
GdipAlloc
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM

everything32

Everything_GetResultSize
Everything_GetResultDateModified
Everything_SetSearchW
Everything_IsFolderResult
Everything_QueryW
Everything_SaveDB
Everything_GetNumResults
Everything_GetResultFileNameW
Everything_GetResultPathW
Everything_SetRequestFlags

imm32

ImmAssociateContext
ImmGetContext
ImmReleaseContext

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

psapi

EnumProcessModules
GetModuleBaseNameW
EnumProcesses
GetModuleFileNameExW

winhttp

WinHttpCloseHandle
WinHttpOpenRequest
WinHttpReadData
WinHttpConnect
WinHttpCrackUrl
WinHttpQueryDataAvailable
WinHttpSendRequest
WinHttpSetTimeouts
WinHttpOpen
WinHttpReceiveResponse

netapi32

Netbios

wininet

InternetOpenUrlW
InternetReadFile
InternetCloseHandle
InternetOpenW

dbghelp

MiniDumpWriteDump

iphlpapi

IcmpSendEcho
IcmpCreateFile
GetAdaptersAddresses
GetAdaptersInfo
IcmpCloseHandle

ws2_32

WSAStartup
gethostbyname
inet_ntoa
inet_addr
WSACleanup

snmpapi

SnmpUtilVarBindFree
SnmpUtilOidNCmp
SnmpUtilOidCpy

usp10

ScriptShape
ScriptItemize
ScriptFreeCache

opengl32

wglGetProcAddress
wglGetCurrentContext

Sections

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 683KB - Virtual size: 683KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 336KB - Virtual size: 336KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 170KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3e2848a26923f4e0d71b1e613f7b3643

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

gdiplus

everything32

imm32

version

psapi

winhttp

netapi32

wininet

dbghelp

iphlpapi

ws2_32

snmpapi

usp10

opengl32

Sections

.text Size: 2.8MB - Virtual size: 2.8MB

.rdata Size: 683KB - Virtual size: 683KB

.data Size: 76KB - Virtual size: 168KB

.gfids Size: 6KB - Virtual size: 5KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 336KB - Virtual size: 336KB

.reloc Size: 170KB - Virtual size: 170KB

.text
Size: 2.8MB - Virtual size: 2.8MB

.rdata
Size: 683KB - Virtual size: 683KB

.data
Size: 76KB - Virtual size: 168KB

.gfids
Size: 6KB - Virtual size: 5KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 336KB - Virtual size: 336KB

.reloc
Size: 170KB - Virtual size: 170KB