a0ec38d27b94f4fd09bcbee0e1fbbb8c35ddf37788c58335b75879d0d1df254d

Sharing

Copy URL Twitter E-mail

General

Target

a0ec38d27b94f4fd09bcbee0e1fbbb8c35ddf37788c58335b75879d0d1df254d
Size

2.5MB
MD5

170131876b11535a3256c7a70ae98832
SHA1

ea8611f98ce6267a4038f8225a08b4ec36181b62
SHA256

a0ec38d27b94f4fd09bcbee0e1fbbb8c35ddf37788c58335b75879d0d1df254d
SHA512

2b372f6f8dd8b009ded58483c579c43bb981f0c409d40aca3d9e54a547670dd90e34f7315bc1c631ed177d2a89b11cd8aeb0fbe980f143e11aa6dfb490b55501
SSDEEP

24576:z8JFXKAFpPwg0O8YUnxP0nqLlUrnoCiCH2DrQRqiojxBP:zAPwRO8PxP0qLlZCiCWDrAQjxBP

Score

N/A

Malware Config

Signatures

Files

a0ec38d27b94f4fd09bcbee0e1fbbb8c35ddf37788c58335b75879d0d1df254d
.exe windows x86

41d0b097ad63fb6fec4556fde9ec7186

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathIsDirectoryA
PathFileExistsA

wininet

FtpOpenFileA
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetGetLastResponseInfoA
InternetFindNextFileA
FtpFindFirstFileA
FtpSetCurrentDirectoryA
InternetOpenUrlA
HttpQueryInfoA
InternetCloseHandle
InternetOpenA
InternetReadFile
InternetQueryDataAvailable
InternetConnectA
FtpGetCurrentDirectoryA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

iphlpapi

GetAdaptersInfo

ddraw

DirectDrawCreateEx

kernel32

GetLocaleInfoA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThread
GetCurrentProcessId
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
MoveFileA
GetThreadLocale
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetCurrentProcess
GetVolumeInformationA
GetFullPathNameA
GlobalFlags
GetCPInfo
GetOEMCP
WritePrivateProfileStringA
lstrcmpA
SetErrorMode
GetFileTime
RtlUnwind
ExitProcess
GetDriveTypeA
ExitThread
HeapAlloc
HeapFree
HeapReAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
GetProcessHeap
GetStartupInfoA
SetStdHandle
GetFileType
HeapSize
GetACP
IsValidCodePage
GetConsoleCP
GetConsoleMode
SetHandleCount
GetStdHandle
GetTimeZoneInformation
LCMapStringA
LCMapStringW
VirtualFree
HeapDestroy
HeapCreate
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
LoadLibraryA
FileTimeToLocalFileTime
FileTimeToSystemTime
FreeLibrary
InterlockedDecrement
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
InterlockedIncrement
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
MulDiv
SetFileTime
GetFileAttributesA
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFilePointer
GetFileSize
ReadFile
GlobalMemoryStatus
GetVersionExA
lstrcmpiA
CompareStringW
GetVersion
MultiByteToWideChar
InterlockedExchange
lstrlenA
lstrcpyA
SetCurrentDirectoryA
SetEvent
CreateEventA
WaitForMultipleObjects
GetTickCount
CompareStringA
GetCommandLineA
Sleep
FindFirstFileA
SetFileAttributesA
FindNextFileA
FindClose
GetTempPathA
GetModuleFileNameA
CreateFileA
WriteFile
DeleteFileA
CreateMutexA
ReleaseMutex
GetCurrentDirectoryA
CreateProcessA
CreateDirectoryA
CreateToolhelp32Snapshot
Process32First
Process32Next
OpenProcess
GetExitCodeProcess
TerminateProcess
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
CreateThread
WaitForSingleObject
CloseHandle
GetLastError
GetLocalTime
OutputDebugStringA

user32

GetWindowThreadProcessId
MapDialogRect
SetWindowContextHelpId
GetNextDlgTabItem
MessageBeep
GetWindowDC
BeginPaint
EndPaint
EndDialog
CreateDialogIndirectParamA
DestroyMenu
CharNextA
GetSysColorBrush
LoadCursorA
RegisterClipboardFormatA
UnregisterClassA
PostThreadMessageA
SetCursor
GetMessageA
TranslateMessage
GetActiveWindow
ValidateRect
PostQuitMessage
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageA
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
SetForegroundWindow
GetMenu
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
ScreenToClient
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
GetWindowPlacement
GetWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
EnableMenuItem
CheckMenuItem
UnhookWindowsHookEx
SetFocus
GetDesktopWindow
GetFocus
SetCapture
InvalidateRgn
EqualRect
IntersectRect
SetRect
IsRectEmpty
IsWindowEnabled
IsWindowVisible
IsWindow
CopyAcceleratorTableA
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetCursorPos
DrawFocusRect
GetNextDlgGroupItem
ClientToScreen
WindowFromPoint
GetWindowLongA
SetWindowRgn
DrawEdge
GetCapture
ReleaseCapture
GetDC
EnumDisplayDevicesA
CharUpperA
GetParent
UpdateWindow
BringWindowToTop
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetSysColor
SystemParametersInfoA
FillRect
CopyRect
OffsetRect
PostMessageA
wsprintfA
GetSystemMetrics
LoadIconA
KillTimer
SetTimer
InvalidateRect
ReleaseDC
GetClientRect
GetWindowRect
IsIconic
GetSystemMenu
SendMessageA
AppendMenuA
DrawIcon
LoadBitmapA
EnableWindow
SetWindowPos

gdi32

ExtTextOutA
GetViewportExtEx
GetWindowExtEx
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
TextOutA
GetMapMode
GetBkColor
GetTextColor
SetTextAlign
RectVisible
PtVisible
GetTextExtentPoint32A
GetWindowOrgEx
GetViewportOrgEx
GetDeviceCaps
CreateRectRgn
CreateCompatibleBitmap
CreateSolidBrush
BitBlt
CreateCompatibleDC
GetObjectA
CreateHatchBrush
SetMapMode
GetStockObject
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetRgnBox
CreateRectRgnIndirect
SelectClipRgn
CombineRgn
DeleteObject
DeleteDC
GetPixel
StretchBlt
SelectObject
Escape

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA

shell32

ShellExecuteA

comctl32

_TrackMouseEvent

oledlg

ord8

ole32

CoRevokeClassObject
CoInitialize
CoTaskMemFree
CoTaskMemAlloc
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CLSIDFromProgID
CLSIDFromString
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
OleInitialize

oleaut32

OleCreateFontIndirect
VariantCopy
VariantClear
SysAllocStringLen
VariantChangeType
SafeArrayDestroy
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocStringByteLen
SysFreeString
SysStringLen
SysAllocString
VariantInit

ws2_32

gethostname
select
WSAGetLastError
sendto
recvfrom
closesocket
inet_ntoa
gethostbyname
socket

Sections

.text
Size: 376KB - Virtual size: 372KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.0MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ejuv
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

41d0b097ad63fb6fec4556fde9ec7186

Headers

File Characteristics

Imports

shlwapi

wininet

version

iphlpapi

ddraw

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

oleaut32

ws2_32

Sections

.text Size: 376KB - Virtual size: 372KB

.rdata Size: 96KB - Virtual size: 95KB

.data Size: 16KB - Virtual size: 27KB

.rsrc Size: 2.0MB - Virtual size: 1.9MB

.ejuv Size: 40KB - Virtual size: 37KB

.text
Size: 376KB - Virtual size: 372KB

.rdata
Size: 96KB - Virtual size: 95KB

.data
Size: 16KB - Virtual size: 27KB

.rsrc
Size: 2.0MB - Virtual size: 1.9MB

.ejuv
Size: 40KB - Virtual size: 37KB