e172f3c52713a186cda3b11e1aed3212c85dc66bb607766a0562c0f77351ec1c

Sharing

Copy URL Twitter E-mail

General

Target

e172f3c52713a186cda3b11e1aed3212c85dc66bb607766a0562c0f77351ec1c
Size

848KB
MD5

0bad849c905fd012e234de108c650584
SHA1

3bb8016af2691b2923033dd3a00ace21d5f4df5d
SHA256

e172f3c52713a186cda3b11e1aed3212c85dc66bb607766a0562c0f77351ec1c
SHA512

1a85ff7ee85e2751c1a1515a985e9e49f947eb89294de1d46b05507713188955d7170e1e4085ec27b0cd8065b868f6f7a75ddcbcb12c43c9ff95e1730f81b052
SSDEEP

12288:LK9GeZYlBDypekZcvkP+kwFHdS1pKDFDHFoIa:LKqykvkmHhgWBHFO

Score

N/A

Malware Config

Signatures

Files

e172f3c52713a186cda3b11e1aed3212c85dc66bb607766a0562c0f77351ec1c
.exe windows x86

d2dde02b702d31128e47d1ffb0fc3b8f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kkbox

?installhook@@YAXPAUHWND__@@@Z
?removehook@@YAXXZ

kernel32

HeapSize
SetStdHandle
GetFileType
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
TerminateProcess
IsBadWritePtr
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadCodePtr
CompareStringA
SetEnvironmentVariableA
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapReAlloc
HeapAlloc
GetSystemTimeAsFileTime
HeapFree
RtlUnwind
ExitProcess
GetStartupInfoW
GetFileTime
GetFileAttributesW
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
InterlockedIncrement
LeaveCriticalSection
EnterCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
ReleaseMutex
GlobalFlags
GlobalGetAtomNameW
WritePrivateProfileStringW
WaitForSingleObject
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
lstrcmpA
GetModuleFileNameW
CreateFileW
GetVolumeInformationW
FindFirstFileW
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
LoadLibraryA
lstrcmpW
GetModuleHandleW
GetVersionExA
GetModuleHandleA
InterlockedDecrement
lstrcpynW
GetWindowsDirectoryW
GetCurrentProcess
SetProcessWorkingSetSize
LocalAlloc
lstrcatW
lstrlenW
WinExec
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalReAlloc
GlobalFree
WideCharToMultiByte
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
SetLastError
GetVersion
FormatMessageW
LocalFree
FreeResource
MulDiv
FreeLibrary
LoadLibraryW
GetProcAddress
CreateDirectoryW
lstrcmpiW
GetPrivateProfileIntW
GetPrivateProfileStringW
GetTickCount
GetCurrentThreadId
lstrcpyW
GetFullPathNameW
CreateMutexW
GetLastError
Sleep
CloseHandle
CompareStringW
GetCurrentDirectoryW
lstrlenA
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
MultiByteToWideChar
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetCurrentProcessId

user32

RegisterClipboardFormatW
PostThreadMessageW
SetWindowContextHelpId
MapDialogRect
ValidateRect
ShowOwnedPopups
PostQuitMessage
WindowFromPoint
CharUpperW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
WinHelpW
CreateWindowExW
GetClassInfoExW
GetClassLongW
SendDlgItemMessageA
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
PeekMessageW
MapWindowPoints
TrackPopupMenu
GetKeyState
GetScrollRange
SetScrollPos
GetScrollPos
IsWindowVisible
AdjustWindowRectEx
DeferWindowPos
SetScrollInfo
GetClassInfoW
RegisterClassW
DefWindowProcW
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
EndPaint
BeginPaint
ScreenToClient
GetWindowTextLengthW
GetWindowTextW
SetFocus
MoveWindow
GetDlgCtrlID
SetWindowTextW
IsDialogMessageW
SendDlgItemMessageW
GetMenuStringW
GetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
CopyIcon
DestroyCursor
GetSysColorBrush
SetWindowRgn
DrawAnimatedRects
EnumChildWindows
LockWindowUpdate
SetParent
SetActiveWindow
wsprintfW
EqualRect
SetWindowsHookExW
CopyAcceleratorTableW
MapVirtualKeyW
GetKeyNameTextW
CallNextHookEx
GetClassNameW
SetPropW
GetPropW
RemovePropW
UnhookWindowsHookEx
GetMessagePos
MessageBoxW
CopyImage
GetWindowDC
GetSystemMetrics
SetWindowPos
ClientToScreen
WindowFromDC
DestroyIcon
GetIconInfo
GetWindowLongW
SetMenu
CallWindowProcW
GetDesktopWindow
ModifyMenuW
InsertMenuW
GetSubMenu
GetMenuItemInfoW
GetMenuState
GetMenuItemID
GetMenuItemCount
GetMenuDefaultItem
DeleteMenu
CreatePopupMenu
LoadMenuW
FillRect
IsMenu
IntersectRect
InflateRect
IsRectEmpty
SystemParametersInfoW
DrawStateW
SetMenuDefaultItem
RegisterWindowMessageW
GetCursorPos
IsChild
GetFocus
KillTimer
SetTimer
GetMenu
EnableMenuItem
CheckMenuItem
GetDCEx
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CharNextW
DestroyMenu
GetSystemMenu
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
SetForegroundWindow
PostMessageW
FindWindowW
GetMessageW
TranslateMessage
DispatchMessageW
SetWindowLongW
ReleaseCapture
SetCapture
RedrawWindow
GetScrollInfo
GrayStringW
DrawTextExW
TabbedTextOutW
UpdateWindow
UnpackDDElParam
ReuseDDElParam
LoadAcceleratorsW
InsertMenuItemW
BringWindowToTop
TranslateAcceleratorW
DrawFocusRect
DrawEdge
LoadBitmapW
OffsetRect
SetRectEmpty
PtInRect
CopyRect
LoadCursorW
SetCursor
InvalidateRect
ReleaseDC
GetDC
GetClientRect
SetRect
DrawTextW
IsWindow
EnableWindow
UnregisterClassW
GetSysColor
LoadIconW
GetParent
GetWindowRect
SendMessageW
ShowWindow
GetCapture

gdi32

SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
SelectPalette
SetRectRgn
PatBlt
GetCharWidthW
CreateFontW
GetBkColor
GetRgnBox
DPtoLP
CreateBitmap
SetMapMode
SetBkColor
DeleteDC
SelectClipRgn
SetPixel
GetPixel
RoundRect
Rectangle
GetNearestColor
SetBrushOrgEx
CombineRgn
GetWindowExtEx
GetViewportExtEx
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetBkMode
SetTextJustification
GetTextMetricsW
GetDIBits
RealizePalette
SetPaletteEntries
SelectObject
CreateFontIndirectW
GetTextColor
SetTextColor
StretchDIBits
GetObjectW
CreateRectRgnIndirect
CreateRectRgn
CreatePatternBrush
UnrealizeObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetMapMode
CreatePen
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
CreateSolidBrush
GetCurrentPositionEx
GetDeviceCaps
SaveDC
GetTextExtentPoint32W
RestoreDC
DeleteObject
GetStockObject
GetPaletteEntries

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegCloseKey
RegOpenKeyW
RegDeleteValueW
RegSetValueExW
GetUserNameW
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueExW

shell32

Shell_NotifyIconW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHAppBarMessage
DragFinish
DragQueryFileW
ShellExecuteW

comctl32

ImageList_AddMasked
ImageList_Draw
_TrackMouseEvent
ImageList_GetImageInfo
ord17
ImageList_Add
ImageList_Replace
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_GetIconSize
ImageList_Destroy
ImageList_Create
ImageList_GetImageCount

shlwapi

PathFileExistsW
PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathFindFileNameW
PathCompactPathW

oledlg

OleUIBusyW

ole32

StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoUninitialize
CoInitialize
StringFromCLSID
CoCreateInstance
StringFromGUID2
CoCreateGuid
CreateStreamOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
StgOpenStorageOnILockBytes

oleaut32

SysAllocString
SafeArrayDestroy
VariantCopy
OleCreateFontIndirect
SysStringLen
VariantChangeType
VariantClear
SysAllocStringLen
SystemTimeToVariantTime
OleLoadPicture
SysFreeString
VariantInit

wininet

InternetReadFile
InternetQueryOptionW
HttpSendRequestA
InternetOpenUrlW
InternetSetOptionW
InternetErrorDlg
HttpQueryInfoW
InternetOpenW
HttpOpenRequestW
InternetCloseHandle
InternetConnectW

Sections

.text
Size: 356KB - Virtual size: 353KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 392KB - Virtual size: 388KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d2dde02b702d31128e47d1ffb0fc3b8f

Headers

File Characteristics

Imports

kkbox

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

wininet

Sections

.text Size: 356KB - Virtual size: 353KB

.rdata Size: 80KB - Virtual size: 77KB

.data Size: 16KB - Virtual size: 33KB

.rsrc Size: 392KB - Virtual size: 388KB

.text
Size: 356KB - Virtual size: 353KB

.rdata
Size: 80KB - Virtual size: 77KB

.data
Size: 16KB - Virtual size: 33KB

.rsrc
Size: 392KB - Virtual size: 388KB