d99e3ce74a6c4c02277617dcbf485d7b3c89ce7a24683c1c4f2073805a5ae98c

Sharing

Copy URL Twitter E-mail

General

Target

d99e3ce74a6c4c02277617dcbf485d7b3c89ce7a24683c1c4f2073805a5ae98c
Size

289KB
MD5

c07bbea7f450d1a6348133479f602159
SHA1

9a6e874297d9f1b355078d6b062f8cf6606957fe
SHA256

d99e3ce74a6c4c02277617dcbf485d7b3c89ce7a24683c1c4f2073805a5ae98c
SHA512

14ec32f4497ea52ebf06b5868a245d4c0b0a27a582be19cb11de9bc68ed72edf77630862b540a3ed16e8e3bee6a24138d09736273ec10e394497e5292807b08b
SSDEEP

6144:MO01P/lEzvk9JeMClFGnBl+99dL/Gebp0x16s6kMDD:MO013llJeFlsnBl+9fP0SshOD

Score

N/A

Malware Config

Signatures

Files

d99e3ce74a6c4c02277617dcbf485d7b3c89ce7a24683c1c4f2073805a5ae98c
.exe windows x86

9444f2bd99f6df7b9f6f75e5f3fef389

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSpecialFolderPathW
ShellExecuteExW

advapi32

RegCreateKeyExW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegOpenKeyExW

user32

GetWindowPlacement
EmptyClipboard
EndPaint
GetWindowTextLengthW
GetCapture
GetCursorPos
DrawFocusRect
SetWindowPlacement
BeginPaint
OffsetRect
GetWindowTextW
FrameRect
SetDlgItemInt
GetSystemMetrics
DrawTextW
MoveWindow
DrawStateW
CharLowerW
GetTabbedTextExtentW
GetWindowRect
IsCharLowerW
IsCharAlphaW
SetDlgItemTextW
DestroyIcon
ScreenToClient
SetWindowPos
InflateRect
GetTopWindow
CloseClipboard
PostMessageW
SetClipboardData
ShowWindow
LoadCursorW
GetParent
GetWindow
SetCursor
IsClipboardFormatAvailable
GetDlgItem
SendMessageW
UnregisterClassA
DrawIconEx
ClientToScreen
DestroyWindow
DialogBoxParamW
LoadImageW
GetActiveWindow
ReleaseCapture
InvalidateRect
GetDlgItemInt
GetWindowLongW
CopyRect
GetFocus
SendDlgItemMessageW
SetFocus
GetDC
GetDlgCtrlID
UnhookWindowsHookEx
IsRectEmpty
ReleaseDC
SetForegroundWindow
EnableWindow
SetWindowLongW
GetKeyState
GetNextDlgTabItem
IsWindow
DefWindowProcW
GetWindowDC
KillTimer
CharUpperW
SetCapture
MessageBeep
PtInRect
IsWindowVisible
IsCharAlphaNumericW
MessageBoxW
RedrawWindow
SetWindowTextW
CallNextHookEx
OpenClipboard
GetClientRect
TabbedTextOutW
GetGUIThreadInfo
SetRectEmpty
CreateWindowExW
GetWindowThreadProcessId
MapWindowPoints
GetClipboardData
CallWindowProcW
GetClassNameW
IsWindowEnabled
EndDialog
SetWindowsHookExW
SystemParametersInfoW
MapDialogRect
SetTimer
GetSysColor
GetKeyboardLayout
CreateDesktopA
EnumWindows
WinHelpW
SetActiveWindow
MonitorFromPoint
SetParent
InsertMenuItemA
GetClassInfoExW
LoadImageA
GetAsyncKeyState
TrackPopupMenu
GetScrollPos
ActivateKeyboardLayout
mouse_event
GetMenu
wsprintfW
AdjustWindowRect
TrackPopupMenuEx
RemoveMenu
MonitorFromWindow
InsertMenuA
GetMessageA
GetClassInfoA

comctl32

_TrackMouseEvent
ImageList_ReplaceIcon
ImageList_GetImageCount
ImageList_Destroy
InitCommonControlsEx
ImageList_GetIcon
ImageList_Draw
ImageList_Create

kernel32

GlobalLock
LoadResource
WideCharToMultiByte
GetSystemTimeAsFileTime
CreateThread
HeapReAlloc
IsProcessorFeaturePresent
LoadLibraryExW
CloseHandle
HeapAlloc
DeleteFileW
SetUnhandledExceptionFilter
FindNextFileW
GetSystemDirectoryW
SizeofResource
LocalFree
GetProcessHeap
EnterCriticalSection
UnhandledExceptionFilter
FlushInstructionCache
GetACP
HeapFree
lstrcmpiW
FormatMessageW
FreeLibrary
LockResource
LocalAlloc
GlobalUnlock
HeapSize
GetModuleHandleW
lstrcpynW
RaiseException
FindClose
GetCurrentThreadId
GetNumberFormatW
FindFirstFileW
lstrlenW
GlobalFree
VirtualAlloc
HeapDestroy
GetUserDefaultLangID
lstrcpyW
FindResourceW
LeaveCriticalSection
VirtualFree
FatalAppExitW
FindResourceExW
GetThreadLocale
GlobalAlloc
SetLastError
GetUserDefaultLCID
DeleteCriticalSection
IsDebuggerPresent
lstrcmpW
WaitForSingleObject
OpenEventW
lstrlenA
CreateMutexA

msimg32

GradientFill

oleaut32

DispCallFunc
SafeArrayLock
SafeArrayCreateVectorEx
SysFreeString
SafeArrayUnaccessData
VariantCopyInd
SafeArrayRedim
SysAllocStringLen
SafeArrayCreate
SafeArrayUnlock
SafeArrayGetLBound
SafeArrayGetVartype
SafeArrayGetUBound
SafeArrayDestroy
VariantInit
SafeArrayGetElement
SysStringByteLen
VariantCopy
GetRecordInfoFromGuids
VarBstrCmp
VariantClear
SafeArrayAccessData
SafeArrayCopy
SysStringLen
SysAllocString
SysAllocStringByteLen

gdi32

RoundRect
SelectObject
SetTextColor
Polygon
GetObjectW
GetTextExtentExPointW
CombineRgn
SetBkColor
ExtTextOutW
BitBlt
GetTextExtentPoint32W
TextOutW
ExtCreatePen
CreateCompatibleBitmap
CreateRectRgn
GetObjectType
CreateCompatibleDC
SetBkMode
SetTextAlign
SetViewportOrgEx
CreateSolidBrush
SetROP2
SelectClipRgn
CreateFontIndirectW
GetStockObject
CreatePen
GetClipRgn
GetTextMetricsW
DeleteObject
DeleteDC
SetPixel
PtInRegion
GetBkColor
CreateRectRgnIndirect

ole32

CoCreateInstance
CreateStreamOnHGlobal

shlwapi

ColorAdjustLuma
StrChrW

rtutils

RouterLogEventExW
RouterLogEventW
RouterGetErrorStringW

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 241KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9444f2bd99f6df7b9f6f75e5f3fef389

Headers

File Characteristics

Imports

shell32

advapi32

user32

comctl32

kernel32

msimg32

oleaut32

gdi32

ole32

shlwapi

rtutils

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 241KB - Virtual size: 1.4MB

.rdata Size: 6KB - Virtual size: 189KB

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 241KB - Virtual size: 1.4MB

.rdata
Size: 6KB - Virtual size: 189KB

.rsrc
Size: 20KB - Virtual size: 19KB