b2d59bfb7666640c831f7b8443bbfa814248e33c116cb0aaa93a7ed7d6d633f0

Sharing

Copy URL Twitter E-mail

General

Target

b2d59bfb7666640c831f7b8443bbfa814248e33c116cb0aaa93a7ed7d6d633f0
Size

4.6MB
MD5

214731ab143236a174ecbc2645891a41
SHA1

c0d9e44e0a8dad00d724d926981f6874959c94cb
SHA256

b2d59bfb7666640c831f7b8443bbfa814248e33c116cb0aaa93a7ed7d6d633f0
SHA512

149070af5b2679466de52bf4e59dcf276f90b75287d84d990f8586eb0f7a15a5052931de7f05b3bad56731cb6c279df5e7b0d41f13d171714faf7f11ad5344c8
SSDEEP

49152:AkH/wNFgrrfd4ERrLihwjWOvHOcYD8gBTA4rwt0sAAwtbpw8OTo5ObTyT9ZAMAPj:rH/wejZgBTA420sStbp6TmOhv/1V

Score

N/A

Malware Config

Signatures

Files

b2d59bfb7666640c831f7b8443bbfa814248e33c116cb0aaa93a7ed7d6d633f0
.exe windows x86

ce5306df93fd4389b96251b28d127d66

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ConnectNamedPipe
GetCommandLineW
GetModuleFileNameA
GetCurrentThreadId
CreateFileA
GetCurrentProcessId
SetUnhandledExceptionFilter
GetStdHandle
LoadLibraryExW
SearchPathW
lstrlenW
GetShortPathNameW
SetFileTime
SetFileAttributesW
GetWindowsDirectoryW
MoveFileW
SetEndOfFile
GetFileInformationByHandle
FindFirstChangeNotificationW
FindCloseChangeNotification
GetStartupInfoW
CreatePipe
OutputDebugStringW
CreateProcessW
GetLogicalDriveStringsW
SetFilePointer
RemoveDirectoryW
InterlockedCompareExchange
FindNextFileW
CompareFileTime
ReadFile
CreateDirectoryW
OpenProcess
GetProcessId
TerminateProcess
GetModuleHandleA
LoadLibraryA
GetVersionExA
GetVersionExW
GetTickCount
IsBadReadPtr
FindFirstFileW
GetFullPathNameW
GetFullPathNameA
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
lstrlenA
CreateFileMappingW
UnmapViewOfFile
MapViewOfFile
GetFileSizeEx
RtlCaptureStackBackTrace
FindClose
LockResource
FreeResource
MulDiv
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetCurrentProcess
HeapFree
HeapAlloc
HeapDestroy
WriteConsoleW
FlushFileBuffers
HeapSize
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExW
FindFirstFileExA
GetProcessHeap
SetConsoleCtrlHandler
GetTimeZoneInformation
SetStdHandle
GetConsoleCP
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetFileType
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetACP
ExitProcess
HeapReAlloc
DisconnectNamedPipe
ResumeThread
GetFileSize
RtlUnwind
WaitForMultipleObjectsEx
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
SetProcessAffinityMask
VirtualProtect
VirtualFree
VirtualAlloc
FreeLibraryAndExitThread
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
SwitchToThread
SignalObjectAndWait
CreateTimerQueue
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
UnhandledExceptionFilter
ResetEvent
LocalFree
GetCPInfo
GetLocaleInfoW
LCMapStringW
CompareStringW
EncodePointer
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
HeapCreate
FlushInstructionCache
GetFileAttributesW
MultiByteToWideChar
CreateMutexW
SetLastError
WritePrivateProfileStringW
SetCurrentDirectoryW
CreateFileW
FindResourceW
LoadResource
SizeofResource
WriteFile
FileTimeToSystemTime
FileTimeToLocalFileTime
WaitForMultipleObjects
SetEvent
CreateEventW
CreateThread
OutputDebugStringA
WideCharToMultiByte
GetLocalTime
Sleep
GetExitCodeProcess
WaitForSingleObject
CloseHandle
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
DecodePointer
GetModuleHandleW
GetLastError
RaiseException
FreeLibrary
LoadLibraryW
GetTempPathW
DeleteFileW
GetModuleFileNameW
GetProcAddress
TlsGetValue
TlsAlloc
GetStringTypeW
FormatMessageW
GlobalUnlock
TryEnterCriticalSection
QueryPerformanceFrequency
QueryPerformanceCounter
GetNativeSystemInfo
GetExitCodeThread
GetCurrentThread
WaitForSingleObjectEx
DuplicateHandle
CreateNamedPipeW
GetSystemDirectoryW
GetCurrentDirectoryW
GetTempFileNameW
GetModuleHandleExW
GetDriveTypeW
GlobalLock
GlobalAlloc
MoveFileExW
GetSystemInfo
InterlockedIncrement
ExitThread
GetFileAttributesExW
InterlockedDecrement

user32

DeleteMenu
UnregisterClassW
SetPropW
PostMessageW
MoveWindow
SendMessageW
IsWindowVisible
SetForegroundWindow
GetWindowThreadProcessId
IsWindow
FindWindowW
GetActiveWindow
ShowWindow
GetSystemMetrics
GetWindowRect
SetWindowPos
GetWindow
GetDesktopWindow
GetPropW
RegisterWindowMessageW
SystemParametersInfoW
GetCursorPos
SetTimer
KillTimer
DestroyIcon
DestroyWindow
LoadCursorW
DestroyCursor
SetCursor
SetRect
CopyRect
InflateRect
IntersectRect
UnionRect
IsRectEmpty
EqualRect
PtInRect
DefWindowProcW
CallWindowProcW
RegisterClassExW
CreateWindowExW
DrawIconEx
GetDlgItem
GetClientRect
MapWindowPoints
GetWindowLongW
SetWindowLongW
GetParent
MonitorFromWindow
GetMonitorInfoW
TrackMouseEvent
PostQuitMessage
AnimateWindow
SetLayeredWindowAttributes
IsIconic
IsZoomed
SetFocus
GetCapture
SetCapture
ReleaseCapture
UpdateWindow
GetDC
ReleaseDC
BeginPaint
EndPaint
InvalidateRect
SetWindowTextW
CreateCaret
GetCaretBlinkTime
HideCaret
SetCaretPos
ScreenToClient
GetClassNameW
GetKeyState
CharToOemW
CreateIconIndirect
SetActiveWindow
EnableWindow
UpdateLayeredWindow
MapVirtualKeyA
CharLowerBuffW
SystemParametersInfoA
EnableMenuItem
GetWindowPlacement
LoadIconW
MessageBoxW
GetForegroundWindow
MsgWaitForMultipleObjects
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
SetMenuContextHelpId
GetMenuItemInfoW
SetMenuInfo
GetMenuInfo
TrackPopupMenu
DrawTextW
AppendMenuW
InsertMenuW
GetMenuItemCount
CheckMenuItem
DestroyMenu
CreatePopupMenu
IsWindowEnabled
IsMenu
LoadImageW
CreateIconFromResource
LoadBitmapW
GetIconInfo
CharNextW
GetFocus
OffsetRect
GetSysColor
ClientToScreen

gdi32

SetBkMode
Rectangle
GetStockObject
GetClipBox
CreateSolidBrush
CreateFontIndirectW
SelectObject
DeleteDC
CreateCompatibleDC
GetObjectW
CreateRoundRectRgn
EnumFontsW
DeleteObject
SetGraphicsMode
GetDeviceCaps
BitBlt
ExtCreateRegion
GetRegionData
IntersectClipRect
SelectClipRgn
CreateDIBSection
GetCurrentObject
GetViewportOrgEx
GetDCOrgEx
StretchBlt
CreateCompatibleBitmap
SetViewportOrgEx
EnumFontFamiliesExW
GetCharABCWidthsW
GetFontData
GetGlyphOutlineW
GetOutlineTextMetricsW
GetFontUnicodeRanges
GetGlyphIndicesW
GetTextExtentPointI
AddFontMemResourceEx
RemoveFontMemResourceEx
SetTextColor
SetTextAlign
GetTextMetricsW
SetWorldTransform
ExtTextOutW
GetTextFaceW
GdiFlush
CreateBitmap

comdlg32

GetOpenFileNameW

advapi32

DuplicateTokenEx
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
GetUserNameW
RegDeleteKeyW
RegDeleteValueW
OpenProcessToken
FreeSid
AllocateAndInitializeSid
CheckTokenMembership
RegQueryValueExW

shell32

SHGetFileInfoW
ShellExecuteW
ShellExecuteExW
SHGetPathFromIDListW
ord727
CommandLineToArgvW
ord43
SHBrowseForFolderW
Shell_NotifyIconW

ole32

CoInitializeEx
CoInitializeSecurity
CoUninitialize
CoInitialize
CreateBindCtx
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
OleLockRunning
CreateStreamOnHGlobal
CoCreateGuid
OleInitialize
OleUninitialize

oleaut32

VariantClear
SysFreeString
SysAllocString
SysAllocStringByteLen
VariantCopy
CreateErrorInfo
GetErrorInfo
VariantChangeType
SetErrorInfo
VariantInit

shlwapi

PathRemoveFileSpecA
StrToIntExW
PathCombineW
PathFileExistsW
PathRemoveFileSpecW
PathAddBackslashW
PathQuoteSpacesW
PathIsDirectoryW
PathStripPathW
StrStrW
StrToIntW
PathRenameExtensionW
SHDeleteKeyW
ord158

gdiplus

GdiplusShutdown
GdipBitmapLockBits
GdipGraphicsClear
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipSaveImageToFile
GdipBitmapUnlockBits
GdipDrawImageRectI
GdipFree
GdipGetImageEncodersSize
GdipImageGetFrameDimensionsCount
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageI
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipDisposeImage
GdipAlloc
GdiplusStartup
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipGetImageEncoders

everything32

Everything_GetResultSize
Everything_GetResultDateModified
Everything_SetSearchW
Everything_IsFolderResult
Everything_QueryW
Everything_SaveDB
Everything_GetNumResults
Everything_GetResultFileNameW
Everything_GetResultPathW
Everything_SetRequestFlags

imm32

ImmReleaseContext
ImmAssociateContext
ImmGetContext

psapi

EnumProcessModules
GetModuleBaseNameW
GetModuleFileNameExW
EnumProcesses

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

winhttp

WinHttpCloseHandle
WinHttpOpenRequest
WinHttpReadData
WinHttpConnect
WinHttpCrackUrl
WinHttpQueryDataAvailable
WinHttpSendRequest
WinHttpSetTimeouts
WinHttpReceiveResponse
WinHttpOpen

netapi32

Netbios

wininet

InternetOpenW
InternetReadFile
InternetCloseHandle
InternetOpenUrlW

dbghelp

MiniDumpWriteDump

iphlpapi

IcmpSendEcho
IcmpCreateFile
GetAdaptersAddresses
GetAdaptersInfo
IcmpCloseHandle

ws2_32

inet_addr
WSACleanup
WSAStartup
gethostbyname
inet_ntoa

snmpapi

SnmpUtilOidNCmp
SnmpUtilOidCpy
SnmpUtilVarBindFree

usp10

ScriptShape
ScriptItemize
ScriptFreeCache

opengl32

wglGetProcAddress
wglGetCurrentContext

Sections

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 685KB - Virtual size: 685KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 805KB - Virtual size: 804KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ce5306df93fd4389b96251b28d127d66

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

gdiplus

everything32

imm32

psapi

version

winhttp

netapi32

wininet

dbghelp

iphlpapi

ws2_32

snmpapi

usp10

opengl32

Sections

.text Size: 2.8MB - Virtual size: 2.8MB

.rdata Size: 685KB - Virtual size: 685KB

.data Size: 76KB - Virtual size: 168KB

.gfids Size: 6KB - Virtual size: 5KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 805KB - Virtual size: 804KB

.reloc Size: 171KB - Virtual size: 171KB

.text
Size: 2.8MB - Virtual size: 2.8MB

.rdata
Size: 685KB - Virtual size: 685KB

.data
Size: 76KB - Virtual size: 168KB

.gfids
Size: 6KB - Virtual size: 5KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 805KB - Virtual size: 804KB

.reloc
Size: 171KB - Virtual size: 171KB