da8aeb2688bcab0f12110d452d8857689ba2f26a616e90c593738ee7e232fb52

Sharing

Copy URL

Twitter E-mail

General

Target

da8aeb2688bcab0f12110d452d8857689ba2f26a616e90c593738ee7e232fb52
Size

2.6MB
MD5

fdd066c10f395be9bb82279e35f5ed5f
SHA1

04e0abcaa862479284a40263b326c050e42d1767
SHA256

da8aeb2688bcab0f12110d452d8857689ba2f26a616e90c593738ee7e232fb52
SHA512

6361a5cf9f3261f28e5f93b80870eb509e8e94305befbc21491902c0101c45c0459bfd9c221a1f5dde2768714fa2694664c49b11b85bbe33aae822f08935a0e8
SSDEEP

49152:BZfOIDAEJv1IFiKAuGQHZkmUS9InMlA49QkoEb:B5MFAuCmSL

Score

N/A

Malware Config

Signatures

Files

da8aeb2688bcab0f12110d452d8857689ba2f26a616e90c593738ee7e232fb52
.exe windows x86

dd0020a5b039abea0c9f33b0a45e117b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

bp_da

openDrive
openDisk
copySectors
createDriveImage
getErrorString
getParams
restoreDriveImage
restoreDiskImage
readSector
writeSector
enumPhysicalDrives
getMediaTypes
closeDevice
releaseSession
createDiskImage
enumLogicalDrives
getSession

diffeng

?CompareProc@@YAKPBDK0KKKP6AKK@ZPAX@Z

kernel32

HeapCreate
VirtualFree
FatalAppExitA
IsBadWritePtr
LCMapStringA
LCMapStringW
HeapDestroy
GetStringTypeA
GetStringTypeW
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetCurrentProcessId
SetUnhandledExceptionFilter
IsBadCodePtr
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetConsoleCtrlHandler
GetLocaleInfoW
HeapSize
TerminateProcess
GetFileType
SetStdHandle
CreateThread
ExitThread
HeapReAlloc
ExitProcess
GetCommandLineA
GetStartupInfoA
GetSystemTimeAsFileTime
SetCurrentDirectoryA
SetEnvironmentVariableA
IsBadReadPtr
VirtualQuery
GetLocalTime
GetSystemTime
GetComputerNameA
CreateDirectoryA
RemoveDirectoryA
GetSystemInfo
VirtualAlloc
HeapAlloc
HeapFree
RtlUnwind
GetProfileIntA
lstrcpynW
GetCurrentDirectoryA
SetErrorMode
FindResourceExA
GetOEMCP
GetCPInfo
InterlockedIncrement
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
LeaveCriticalSection
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
SetFileAttributesA
LocalFileTimeToFileTime
lstrcpyA
GetCurrentProcess
DuplicateHandle
UnlockFile
LockFile
MoveFileA
GetDiskFreeSpaceA
GetFullPathNameA
GetFileTime
SetFileTime
GetFileAttributesA
VirtualProtect
GetPrivateProfileIntA
CreateEventA
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
InterlockedDecrement
MulDiv
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
lstrcmpW
lstrcpynA
GetModuleHandleA
FreeResource
_lcreat
_lwrite
_lopen
_lread
_lclose
SystemTimeToFileTime
GetTickCount
LocalAlloc
LocalLock
LocalUnlock
GetProcAddress
LoadLibraryA
FreeLibrary
GetPrivateProfileStringA
GetWindowsDirectoryA
WinExec
GetNumberFormatA
ReleaseSemaphore
CreateSemaphoreA
CreateProcessA
GetExitCodeProcess
Sleep
GetTempPathA
GetModuleFileNameA
GetShortPathNameA
WriteProfileStringA
WritePrivateProfileStringA
CopyFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
OutputDebugStringA
FlushFileBuffers
GetTempFileNameA
FormatMessageA
LocalFree
SetFilePointer
SetEndOfFile
SetLastError
GetFileSize
CreateFileMappingA
MapViewOfFile
GetFileInformationByHandle
UnmapViewOfFile
DeleteFileA
WaitForSingleObject
ReleaseMutex
CreateMutexA
GetDateFormatA
GetTimeFormatA
GetLogicalDrives
GetVolumeInformationA
GetDriveTypeA
GlobalSize
FindFirstFileA
FindNextFileA
FindClose
CreateFileA
CloseHandle
WriteFile
ReadFile
GlobalAlloc
GlobalReAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetStringTypeExW
GetStringTypeExA
GetEnvironmentVariableW
GetEnvironmentVariableA
CompareStringW
CompareStringA
lstrlenA
lstrcmpiW
lstrlenW
lstrcmpiA
GetVersion
FindResourceA
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
GetLastError
RaiseException
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetTimeZoneInformation

user32

GetWindowThreadProcessId
WindowFromPoint
DestroyCursor
ShowOwnedPopups
UnpackDDElParam
ReuseDDElParam
SetRectEmpty
SetMenu
RedrawWindow
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
MapDialogRect
GetMessageA
ValidateRect
SetMenuItemBitmaps
CheckMenuItem
GetMenuCheckMarkDimensions
ScrollWindowEx
MoveWindow
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
GetMenuState
GetMenuStringA
RemoveMenu
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
SetFocus
IsChild
GetWindowTextLengthA
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
AdjustWindowRectEx
EqualRect
DestroyIcon
GetScrollInfo
SetScrollInfo
WaitMessage
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
PtInRect
MapVirtualKeyA
GetKeyNameTextA
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindowEnabled
GetNextDlgTabItem
EndDialog
CreateMenu
wsprintfA
IsWindowVisible
InsertMenuItemA
GetMenuItemInfoA
LoadStringA
InsertMenuA
EnumClipboardFormats
GetClipboardFormatNameA
DestroyMenu
SetWindowPos
GetClassInfoA
LoadIconA
RegisterClassA
GetMenuItemID
GetMenuItemCount
GetKeyState
PostThreadMessageA
TranslateMessage
DispatchMessageA
PeekMessageA
GetAsyncKeyState
SetCursorPos
ReleaseCapture
DestroyCaret
RegisterClipboardFormatA
IsWindow
GetCursorPos
SetCursor
LoadCursorA
ShowCaret
HideCaret
DrawIcon
SetWindowRgn
InSendMessage
WindowFromDC
SetParent
CopyAcceleratorTableA
GetDCEx
LockWindowUpdate
SetCaretPos
CreateCaret
ShowScrollBar
SetCapture
KillTimer
SetTimer
UpdateWindow
ReleaseDC
GetDC
ScreenToClient
ClientToScreen
ModifyMenuA
GetDlgItem
GetWindowTextA
SetWindowTextA
GetDialogBaseUnits
GetSysColorBrush
IsRectEmpty
UnionRect
IsClipboardFormatAvailable
SetWindowPlacement
GetTabbedTextExtentA
EnableMenuItem
GetSystemMenu
SendNotifyMessageA
DeferWindowPos
AppendMenuA
CreatePopupMenu
CountClipboardFormats
InvertRect
SetRect
RegisterWindowMessageA
PostQuitMessage
FindWindowA
SetForegroundWindow
PostMessageA
BringWindowToTop
IsIconic
ShowWindow
GetWindowRect
GetForegroundWindow
LoadMenuA
GetSubMenu
EmptyClipboard
SetClipboardData
GetFocus
LoadBitmapA
GetParent
GetClipboardData
CloseClipboard
OpenClipboard
GetClassNameA
GetWindow
DrawFocusRect
InflateRect
MessageBoxA
InvalidateRgn
GetDoubleClickTime
GetMenuDefaultItem
SetMenuDefaultItem
SetMenuItemInfoA
IsMenu
DrawEdge
DrawFrameControl
CreateAcceleratorTableA
GetKeyboardLayout
MapVirtualKeyExA
GetWindowContextHelpId
SetWindowContextHelpId
DrawIconEx
IsZoomed
LoadImageA
FrameRect
SetClassLongA
GetSysColor
GetSystemMetrics
InvalidateRect
FillRect
CopyRect
GetWindowLongA
SetWindowLongA
GetClientRect
WinHelpA
MessageBeep
SendMessageA
EnableWindow
LoadAcceleratorsA
UnregisterClassA
CharUpperW
CharUpperA
CharLowerW
CharLowerA
DestroyAcceleratorTable
TranslateAcceleratorA
GetMenu
DeleteMenu

gdi32

CreateHatchBrush
GetViewportOrgEx
DPtoLP
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
SetMapperFlags
StretchDIBits
GetCharWidthA
CreateFontA
GetBkColor
SetRectRgn
CombineRgn
GetMapMode
EnumFontFamiliesExA
GetPixel
LPtoDP
Ellipse
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
EnumMetaFile
GetTextAlign
GetTextFaceA
ExtCreatePen
CreateMetaFileA
CloseMetaFile
DeleteMetaFile
GetObjectType
PlayMetaFileRecord
SelectPalette
CreatePatternBrush
CreateDIBPatternBrushPt
ExtSelectClipRgn
PolyBezierTo
PolylineTo
PolyDraw
ArcTo
GetCurrentPositionEx
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
LineTo
GetWindowExtEx
GetViewportExtEx
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
DeleteObject
SetColorAdjustment
GetWindowOrgEx
PlayMetaFile
GetDCOrgEx
PatBlt
CreateRectRgnIndirect
GetClipBox
DeleteDC
GetDeviceCaps
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetTextColor
StartDocA
CreateCompatibleBitmap
CreateFontIndirectA
CreatePen
UnrealizeObject
BitBlt
CreateCompatibleDC
GetStockObject
GetObjectA
Rectangle
GetTextExtentPoint32A
GetTextMetricsA
CreateEllipticRgn
CreateSolidBrush
SetPixelV
PaintRgn
CreateDIBitmap
CreateBitmapIndirect
SetPixel
GetTextExtentPointA
StretchBlt
RectInRegion
FillRgn
PtInRegion
GetRgnBox
CreatePolygonRgn
Polygon
RealizePalette
SetPaletteEntries
GetPaletteEntries
CreatePalette
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
CreateDCA
CopyMetaFileA
SetBkColor
SetTextColor
SetArcDirection

comdlg32

GetSaveFileNameA
GetFileTitleA
ChooseColorA
ChooseFontA
CommDlgExtendedError
PageSetupDlgA
PrintDlgA
ReplaceTextA
FindTextA
GetOpenFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter
GetJobA

advapi32

RegEnumKeyExA
RegGetKeySecurity
RegLoadKeyA
RegNotifyChangeKeyValue
RegReplaceKeyA
RegRestoreKeyA
RegSaveKeyA
RegSetKeySecurity
RegUnLoadKeyA
RegEnumValueA
RegQueryInfoKeyA
RegConnectRegistryA
RegQueryValueA
RegEnumKeyA
GetFileSecurityA
SetFileSecurityA
RegDeleteKeyA
RegDeleteValueA
RegOpenKeyA
RegCreateKeyA
RegSetValueA
GetUserNameA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegFlushKey

shell32

SHGetPathFromIDListA
SHGetDesktopFolder
SHGetMalloc
ExtractIconA
SHGetFileInfoA
DragQueryFileW
DragFinish
DragQueryFileA
ShellExecuteA
DragAcceptFiles
SHBrowseForFolderA

comctl32

ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_Draw
CreatePropertySheetPageA
DestroyPropertySheetPage
PropertySheetA
ImageList_Merge
ImageList_LoadImageA
ImageList_Create
ImageList_Destroy
ord14
ImageList_Write
ImageList_Read
ord13
ord17
ImageList_SetBkColor
ord8
ImageList_AddMasked
ImageList_GetIcon
ImageList_BeginDrag
ImageList_EndDrag
ImageList_DragMove
ImageList_DragShowNolock
ImageList_DragEnter
ImageList_DragLeave
ImageList_ReplaceIcon

shlwapi

PathFindFileNameA
PathIsUNCA
PathStripToRootA
PathRemoveExtensionA
PathFindExtensionA
UrlUnescapeA

oledlg

ord8

ole32

OleQueryLinkFromData
OleQueryCreateFromData
OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard
OleGetClipboard
CreateDataAdviseHolder
CreateOleAdviseHolder
StgIsStorageFile
StgOpenStorage
StgCreateDocfile
CoGetMalloc
OleRun
CoLockObjectExternal
GetRunningObjectTable
CreateFileMoniker
OleIsRunning
GetHGlobalFromILockBytes
StgOpenStorageOnILockBytes
CreateGenericComposite
CreateItemMoniker
OleGetIconOfClass
OleLoad
OleCreate
OleCreateLinkToFile
OleCreateFromFile
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleSetContainedObject
OleSetMenuDescriptor
CreateStreamOnHGlobal
OleSaveToStream
WriteClassStm
OleSave
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
OleRegGetMiscStatus
OleRegEnumVerbs
CLSIDFromString
StringFromGUID2
CoCreateInstance
CoDisconnectObject
OleDuplicateData
ReleaseStgMedium
CoTaskMemAlloc
CreateBindCtx
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
RegisterDragDrop
CoCreateGuid
DoDragDrop
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoGetClassObject
CoRegisterClassObject
CoRevokeClassObject
CoRegisterMessageFilter
CLSIDFromProgID
OleLockRunning
RevokeDragDrop

oleaut32

SystemTimeToVariantTime
SafeArrayCopy
SafeArrayAllocDescriptor
SafeArrayAllocData
VariantCopy
SafeArrayRedim
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysStringByteLen
SysAllocStringByteLen
SysStringLen
SysFreeString
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayGetElement
SafeArrayDestroyDescriptor
SysAllocString
SysReAllocStringLen
VarDateFromStr
VarBstrFromDec
VarDecFromStr
VarCyFromStr
VarBstrFromCy
VarBstrFromDate
LoadTypeLi
VariantTimeToSystemTime

wininet

InternetWriteFile
InternetReadFile
HttpSendRequestA
HttpEndRequestA
HttpSendRequestExA
GopherGetAttributeA
FtpOpenFileA
FtpCommandA
GopherCreateLocatorA
FtpFindFirstFileA
InternetConnectA
GopherOpenFileA
InternetOpenUrlA
HttpOpenRequestA
InternetSetStatusCallback
InternetOpenA
GopherFindFirstFileA
InternetGetLastResponseInfoA
InternetCloseHandle
InternetFindNextFileA
HttpQueryInfoA
HttpAddRequestHeadersA
InternetErrorDlg
FtpGetFileA
FtpPutFileA
FtpGetCurrentDirectoryA
FtpSetCurrentDirectoryA
FtpRemoveDirectoryA
FtpCreateDirectoryA
FtpRenameFileA
InternetSetFilePointer
FtpDeleteFileA
InternetQueryDataAvailable
InternetGetCookieA
InternetSetCookieA
InternetSetOptionExA
InternetQueryOptionA
InternetCrackUrlA
InternetCanonicalizeUrlA

Exports

Exports

ExportFileAs

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 368KB - Virtual size: 366KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 224KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tc
Size: 400KB - Virtual size: 400KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dd0020a5b039abea0c9f33b0a45e117b

Headers

File Characteristics

Imports

bp_da

diffeng

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

wininet

Exports

Exports

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 368KB - Virtual size: 366KB

.data Size: 36KB - Virtual size: 83KB

.rsrc Size: 224KB - Virtual size: 220KB

.tc Size: 400KB - Virtual size: 400KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 368KB - Virtual size: 366KB

.data
Size: 36KB - Virtual size: 83KB

.rsrc
Size: 224KB - Virtual size: 220KB

.tc
Size: 400KB - Virtual size: 400KB