beed55703db80a83dbc5ebcad8260e3afe60933fda803d8294a25f72e4a30aba

Sharing

Copy URL

Twitter E-mail

General

Target

beed55703db80a83dbc5ebcad8260e3afe60933fda803d8294a25f72e4a30aba
Size

280KB
MD5

baba9c670e2a9340cae396a2f6b1409c
SHA1

35d68c2017f06d2cf6f7bc3c395d1836a93063fe
SHA256

beed55703db80a83dbc5ebcad8260e3afe60933fda803d8294a25f72e4a30aba
SHA512

84f8ef892e66f813a9af1942b5708c3daf1e3bfd8a2fa8ae37874d88fc7ab9de07719bd923e991ebbbcb3ac49990b2cceb118a4dd725271347e01ad92bfef714
SSDEEP

6144:zY9zIRolqnWN+8zA6iWWtp9RsyIwsdgGBz/WZybV1vVI6:k9mRWQ8zcbtpKRBz/WZy5JL

Score

N/A

Malware Config

Signatures

Files

beed55703db80a83dbc5ebcad8260e3afe60933fda803d8294a25f72e4a30aba
.exe windows x86

0a059832e85f9975b31d0e4f87527194

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsIconic
GetSysColorBrush
SetWindowPos
PostMessageW
GetKeyboardState
DefWindowProcW
TranslateMessage
LoadStringW
MapDialogRect
GetPropW
GetMessagePos
SetRectEmpty
SetDlgItemInt
EndPaint
PeekMessageW
DestroyCaret
LoadIconW
UpdateWindow
SetCaretPos
SendInput
ReleaseCapture
IsWindowUnicode
GetMonitorInfoW
GetKeyState
SetDlgItemTextW
SetClipboardData
GetWindowDC
DestroyWindow
SetWindowContextHelpId
BeginPaint
SetTimer
InflateRect
OffsetRect
SendDlgItemMessageW
ReleaseDC
UnregisterClassW
SetPropW
CheckRadioButton
DestroyMenu
ToUnicode
ShowWindow
GetMenu
GetWindow
GetDlgItem
IsClipboardFormatAvailable
CloseClipboard
ScrollWindow
EndDeferWindowPos
SetCursor
GetDlgCtrlID
GetSystemMenu
GetFocus
GetWindowPlacement
GetMessageTime
PtInRect
TrackMouseEvent
GetWindowTextLengthW
MoveWindow
BeginDeferWindowPos
GetClassInfoExW
GetWindowRect
EnumWindows
CallWindowProcW
GetWindowTextW
KillTimer
LoadStringA
FillRect
LoadImageW
SetFocus
SendMessageW
MessageBeep
GetMenuStringW
ScreenToClient
GetCursorPos
IsWindowEnabled
UnionRect
UnregisterClassA
GetActiveWindow
GetLastActivePopup
GetDialogBaseUnits
EndDialog
GetScrollInfo
SetCapture
GetSysColor
IsWindowVisible
MessageBoxW
DrawIconEx
RegisterClassW
ClientToScreen
GetParent
MonitorFromRect
BringWindowToTop
MonitorFromPoint
GetCaretPos
EnableWindow
OpenClipboard
RemovePropW
IsDialogMessageW
RemoveMenu
RedrawWindow
MapVirtualKeyW
LoadBitmapW
GetDesktopWindow
CreateCaret
DispatchMessageW
GetDlgItemTextW
SetWindowTextW
GetClientRect
CharLowerBuffW
CreateWindowExW
SetCursorPos
CheckMenuItem
GetSystemMetrics
GetDlgItemInt
RegisterClassExW
DialogBoxIndirectParamW
MapWindowPoints
DeferWindowPos
PostThreadMessageW
CharNextW
AdjustWindowRectEx
SetRect
GetForegroundWindow
GetWindowLongW
IsRectEmpty
RegisterClipboardFormatW
FrameRect
LoadCursorW
DrawTextExW
GetMessageA
CharUpperBuffW
InvalidateRect
CheckDlgButton
CopyRect
GetClipboardData
DialogBoxParamW
GetWindowThreadProcessId
AppendMenuW
SetForegroundWindow
CreatePopupMenu
GetClassNameW
GetMessageW
SystemParametersInfoA
DispatchMessageA
SetScrollInfo
GetDC
TrackPopupMenuEx
IsWindow
DrawFrameControl
IsDlgButtonChecked
SetLayeredWindowAttributes
GetAsyncKeyState
RegisterWindowMessageW
DestroyIcon
GetMenuItemCount
CreateDialogIndirectParamW
SetWindowLongW
SystemParametersInfoW
EmptyClipboard
UpdateLayeredWindow
CreateDialogParamW
SetParent

msimg32

TransparentBlt
AlphaBlend

gdi32

GetStockObject
CreateSolidBrush
GetRgnBox
ExtTextOutW
SetBrushOrgEx
Polyline
GetBkColor
GetTextExtentPointW
GetClipBox
BitBlt
MoveToEx
GetDIBColorTable
DeleteObject
SelectObject
GetDeviceCaps
LineTo
SetDCPenColor
Rectangle
SetDIBColorTable
CreatePen
Polygon
DeleteDC
SetTextColor
PatBlt
GetTextMetricsW
CreateDCW
SetBkMode
GetTextExtentPoint32W
SetStretchBltMode
CreatePolygonRgn
SetBkColor
CreateCompatibleBitmap
ExtCreatePen
CreateFontIndirectW
CreateCompatibleDC
CombineRgn
GetObjectA
CreateDIBSection
GetObjectW
SetMapMode
CreateRectRgn
StretchBlt

comctl32

ImageList_Destroy
ImageList_Add
ImageList_DrawEx
ImageList_Create
ImageList_LoadImageW
ImageList_AddMasked
ImageList_GetIcon

ole32

CoUninitialize
OleFlushClipboard
CoTaskMemRealloc
CoQueryProxyBlanket
CreateBindCtx
ReleaseStgMedium
CoGetMalloc
CoInitializeEx
CoGetInterfaceAndReleaseStream
CoMarshalInterface
CoLoadLibrary
CoRevertToSelf
CreateStreamOnHGlobal
CoReleaseMarshalData
CoInitialize
CoTaskMemAlloc
CoSetProxyBlanket
CoImpersonateClient
OleGetClipboard
StringFromGUID2
OleDuplicateData
CoWaitForMultipleHandles
RevokeDragDrop
DoDragDrop
CoCreateFreeThreadedMarshaler
CoLockObjectExternal
CoTaskMemFree
CoGetCallContext
RegisterDragDrop
StringFromCLSID
CLSIDFromString
CoMarshalInterThreadInterfaceInStream
CoUnmarshalInterface
CoCreateGuid
OleSetClipboard
CreateItemMoniker
GetRunningObjectTable
CoRegisterMessageFilter
CoRevokeClassObject
CoCreateInstance
CoRegisterClassObject

shlwapi

PathFindExtensionW
StrCmpIW
PathCanonicalizeW
SHAutoComplete
PathFindFileNameW
PathIsUNCW

oleaut32

SafeArrayGetVartype
SysAllocStringByteLen
VarBstrCmp
LoadRegTypeLi
VariantChangeType
SafeArrayGetElement
SafeArrayGetDim
SafeArrayDestroy
UnRegisterTypeLi
SysStringLen
VarBstrCat
VariantInit
SafeArrayUnlock
LoadTypeLi
VariantClear
SysReAllocStringLen
SysAllocString
SafeArrayGetLBound
SafeArrayAccessData
RegisterTypeLi
VariantCopy
SafeArrayGetUBound
SysFreeString
VarUI4FromStr
SafeArrayCreate
GetErrorInfo
SafeArrayPutElement
SysStringByteLen
SafeArrayUnaccessData
SafeArrayLock
SysAllocStringLen

usp10

ScriptStringOut
ScriptStringFree
ScriptStringAnalyse

kernel32

GlobalLock
MulDiv
TransactNamedPipe
lstrcmpA
MapViewOfFile
GetOverlappedResult
CreateProcessW
LockResource
ExpandEnvironmentStringsW
FindResourceExW
GetTempPathW
FormatMessageA
GetProfileIntW
CreateThread
IsProcessorFeaturePresent
SetHandleInformation
DuplicateHandle
GlobalAlloc
FreeLibrary
GetDateFormatW
LocalAlloc
FileTimeToSystemTime
EnterCriticalSection
CreatePipe
HeapAlloc
GetComputerNameA
SetUnhandledExceptionFilter
HeapFree
WriteFile
GetStringTypeExW
CreateMutexW
WaitForMultipleObjects
TlsSetValue
TerminateThread
SetEnvironmentVariableW
WideCharToMultiByte
OutputDebugStringW
OpenProcess
InterlockedPushEntrySList
SetFilePointerEx
FindFirstFileW
PeekNamedPipe
WaitNamedPipeW
WaitForSingleObject
InitializeCriticalSectionAndSpinCount
Process32NextW
GetSystemInfo
SetNamedPipeHandleState
ReleaseMutex
GetTempFileNameW
SizeofResource
FindResourceW
LocalSize
SetLastError
ResumeThread
FreeResource
GetModuleHandleA
TlsAlloc
LocalReAlloc
SetFilePointer
GetThreadLocale
ResetEvent
GetSystemTimeAsFileTime
lstrlenA
GetLongPathNameW
SwitchToThread
HeapSize
CreateToolhelp32Snapshot
LoadLibraryExW
CancelIo
SetFileAttributesW
GetTimeFormatW
CreateEventW
lstrcmpiA
VirtualAlloc
CloseHandle
Process32FirstW
GetComputerNameW
GetShortPathNameW
FindClose
TlsFree
GetFileSizeEx
UnhandledExceptionFilter
ProcessIdToSessionId
LocalFree
ReadProcessMemory
DeleteFileW
GlobalFree
DeleteCriticalSection
LoadResource
IsDebuggerPresent
GetComputerNameExW
GetProcessTimes
HeapDestroy
CreateFileW
GlobalUnlock
LCMapStringW
FreeEnvironmentStringsW
ReadFile
QueueUserWorkItem
GetCurrentThreadId
FreeLibraryAndExitThread
GetModuleHandleW
FormatMessageW
InterlockedPopEntrySList
lstrcmpiW
LeaveCriticalSection
lstrlenW
ExitThread
RaiseException
GetPrivateProfileSectionW
CreateFileMappingW
FlushInstructionCache
FindAtomW
GetCurrentDirectoryW
TlsGetValue
GetProcessHeap
GetPrivateProfileIntW
SetCurrentDirectoryW
CreateDirectoryW
VirtualFree
HeapReAlloc
GetLocalTime
VirtualAllocEx

advapi32

FreeSid
CryptDestroyHash
RegSetValueExW
AddAccessAllowedAce
RegDeleteValueW
CryptHashData
AllocateAndInitializeSid
RegCloseKey
CryptGetHashParam
AddAce
CryptReleaseContext
RegConnectRegistryW
IsValidSid
LookupPrivilegeNameW
CryptCreateHash
DuplicateTokenEx
InitializeAcl
SetThreadToken
DuplicateToken
PrivilegeCheck
LookupPrivilegeValueW
SetSecurityDescriptorDacl
CheckTokenMembership
GetSidSubAuthority
RegCreateKeyExW
GetTokenInformation
EqualSid
InitializeSecurityDescriptor
RegOpenKeyExW
OpenProcessToken
LookupAccountNameW
RegEnumValueW
OpenThreadToken
IsValidSecurityDescriptor
GetSidSubAuthorityCount
CopySid
RegDeleteKeyW
AccessCheck
RegQueryValueExW
GetSidIdentifierAuthority
GetUserNameW
AdjustTokenPrivileges
CryptAcquireContextA
RegEnumKeyExW
RegQueryInfoKeyW
SetSecurityInfo
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
GetSecurityInfo
GetLengthSid
LookupAccountSidW

security

ExportSecurityContext
EnumerateSecurityPackagesW
CompleteAuthToken
ImportSecurityContextA
DeleteSecurityPackageA

kbdcz1

KbdLayerDescriptor

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 234KB - Virtual size: 237KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0a059832e85f9975b31d0e4f87527194

Headers

File Characteristics

Imports

user32

msimg32

gdi32

comctl32

ole32

shlwapi

oleaut32

usp10

kernel32

advapi32

security

kbdcz1

Sections

.text Size: 25KB - Virtual size: 24KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 234KB - Virtual size: 237KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 25KB - Virtual size: 24KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 234KB - Virtual size: 237KB

.rsrc
Size: 7KB - Virtual size: 7KB