93964ec3a73a4a0a2ca99dbf4bb6ae47d3a4f48f8950d25ff5a6956c955790e9

Sharing

Copy URL Twitter E-mail

General

Target

93964ec3a73a4a0a2ca99dbf4bb6ae47d3a4f48f8950d25ff5a6956c955790e9
Size

280KB
MD5

f5db3447ffe293ce6adb3a4b1ebe1906
SHA1

639b02eeb199d1082fca1dde9df299941edf32e7
SHA256

93964ec3a73a4a0a2ca99dbf4bb6ae47d3a4f48f8950d25ff5a6956c955790e9
SHA512

d8773e09e7568f4afba225eff36cdd2404fcf8c8ee7e0620f308c404364346d09fc4febacd88ea7936c63d79a6cb1479a8ccb1ce609922adb90a97dfa8eba27c
SSDEEP

6144:KaesAynl1Hy7SyCE4nFXZ0zfa/nnSR7T0VVrJULZ5+80y:KDol1LyzCpdPg7uVSl5

Score

N/A

Malware Config

Signatures

Files

93964ec3a73a4a0a2ca99dbf4bb6ae47d3a4f48f8950d25ff5a6956c955790e9
.exe windows x86

84ac0d5caa3aca63b4d8367e9245e3a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteW
CommandLineToArgvW
SHGetFileInfoA
DragAcceptFiles
SHGetFileInfoW
SHGetSpecialFolderPathW
Shell_NotifyIconA
ord155
ExtractIconExA
ShellExecuteExW
Shell_NotifyIconW
SHGetMalloc
ExtractIconW
DragQueryFileW
SHGetPathFromIDListW
DragFinish
SHFileOperationW
SHGetFolderPathW
ShellExecuteA

winmm

mmioAscend
waveInStop
waveInUnprepareHeader
mixerGetLineControlsW
mmioClose
waveInOpen
waveInStart
waveOutGetDevCapsA
mixerGetDevCapsA
waveOutPrepareHeader
waveInGetNumDevs
waveInMessage
waveOutWrite
mmioCreateChunk
timeGetTime
waveOutGetNumDevs
waveInPrepareHeader
mixerSetControlDetails
mmioOpenA
waveOutUnprepareHeader
waveInClose
waveOutOpen
waveInReset
waveInGetDevCapsA
waveInAddBuffer
waveOutReset
mixerGetID
waveOutGetPosition
mixerGetControlDetailsW
mmioDescend
mixerGetLineInfoW
mmioRead
mixerGetNumDevs

advapi32

RegCreateKeyExW
RegOpenKeyExW
SetFileSecurityA
RegEnumKeyW
RegEnumKeyExA
AllocateAndInitializeSid
EqualSid
RegQueryInfoKeyW
DeleteService
GetLengthSid
GetUserNameA
CryptGetHashParam
RegSetValueExA
ImpersonateSelf
AddAce
RegEnumKeyA
RegCloseKey
RegOpenKeyW
InitiateSystemShutdownA
RegDeleteValueW
RegQueryInfoKeyA
RegDeleteKeyA
IsValidSecurityDescriptor
CopySid
ControlService
RegCreateKeyA
CryptHashData
RegOpenKeyExA
RegOpenCurrentUser
DeleteAce
CryptDestroyHash
CryptReleaseContext
GetTokenInformation
OpenServiceA
RevertToSelf
SetSecurityDescriptorDacl
RegQueryValueA
OpenThreadToken
FreeSid
RegDeleteKeyW
OpenProcessToken
CryptEncrypt
RegQueryValueExA
CryptAcquireContextA
CloseServiceHandle
AdjustTokenPrivileges
StartServiceCtrlDispatcherA
AccessCheck
RegEnumKeyExW
OpenSCManagerA
CryptCreateHash
RegDeleteValueA
RegCreateKeyExA
InitializeSecurityDescriptor
GetFileSecurityA
InitializeAcl
AddAccessAllowedAce
CreateServiceA
RegOpenKeyA
LookupPrivilegeValueA
RegSetValueA
RegCreateKeyW

shlwapi

StrCpyW
PathIsDirectoryW
PathIsUNCW
UrlCreateFromPathW
StrStrW
PathCanonicalizeW
UrlCombineW
UrlCanonicalizeW
StrCmpIW
StrStrIW
PathFindExtensionW
PathRemoveExtensionW
PathIsFileSpecW
PathCreateFromUrlW
PathRemoveFileSpecW
UrlIsW
PathFindFileNameW
PathFileExistsW
PathStripToRootW
StrFormatByteSizeW

mfc42

ord1576

kernel32

GlobalHandle
LocalFree
SetFileAttributesA
GetFileAttributesA
GlobalDeleteAtom
GetVolumeNameForVolumeMountPointW
FindFirstFileA
SetThreadPriority
CreateThread
TlsSetValue
GetModuleHandleA
SuspendThread
OpenMutexA
GetFileAttributesW
LCMapStringW
ConvertDefaultLocale
LeaveCriticalSection
TerminateProcess
IsBadWritePtr
GlobalReAlloc
InterlockedExchange
GetVolumeInformationA
OutputDebugStringW
CreateEventA
GlobalGetAtomNameW
GetFileType
ReadFile
FlushFileBuffers
GetEnvironmentStrings
GetEnvironmentVariableA
PeekNamedPipe
GetShortPathNameA
CreateMutexA
GetWindowsDirectoryA
GetCurrentProcess
CreateDirectoryA
lstrcatA
DeviceIoControl
WaitForMultipleObjects
LoadLibraryExA
InitializeCriticalSection
MulDiv
IsBadReadPtr
SetStdHandle
GetLocaleInfoW
HeapCreate
CreateFileA
FormatMessageW
GetDriveTypeA
GetTimeZoneInformation
GetACP
GetCurrentProcessId
GetStringTypeExA
SizeofResource
GetStartupInfoA
lstrlenW
FatalAppExitA
GetVersionExA
GetModuleFileNameA
GetTickCount
SetEvent
FindFirstFileW
EnterCriticalSection
SetErrorMode
LocalAlloc
WaitForMultipleObjectsEx
MapViewOfFile
GetLocaleInfoA
LockFileEx
SearchPathA
LoadResource
TerminateThread
IsBadCodePtr
LoadLibraryA
GetComputerNameA
FindClose
FreeEnvironmentStringsA
SetThreadLocale
HeapSize
WriteProcessMemory
MoveFileExA
CreateMutexW
CompareStringA
GetLocalTime
DebugBreak
ReleaseSemaphore
GetSystemTimeAsFileTime
GlobalFindAtomA
GetFullPathNameA
GetSystemDirectoryA
GetStdHandle
SetFilePointer
WriteConsoleA
GetFileSize
VirtualProtect
LocalReAlloc
InterlockedIncrement
GetCommandLineA
lstrcmpiA
GetDateFormatA
GetCPInfo
IsValidLocale
FindResourceA
WriteFile
lstrcpyA
DuplicateHandle
CreateEventW
CreateFileW
GlobalGetAtomNameA
RtlUnwind
GetConsoleOutputCP
MoveFileA
EnumResourceLanguagesA
InterlockedCompareExchange
GetStartupInfoW
CompareStringW
QueryPerformanceCounter
LoadLibraryW
RaiseException
TlsFree
ResumeThread
GetLastError
GetModuleFileNameW
GetStringTypeA
GetEnvironmentStringsW
GlobalUnlock
OpenEventA
OutputDebugStringA
lstrcmpiW
GetVersion
ReleaseMutex
GetExitCodeProcess
SystemTimeToFileTime
GetVersionExW
VirtualFree
WritePrivateProfileStringA
GetPrivateProfileStringA
GetConsoleCP
TlsGetValue
CloseHandle
UnhandledExceptionFilter
Sleep
GetStringTypeW
lstrcmpA
HeapFree
TlsAlloc
GetProcessHeap
InterlockedDecrement
GetThreadLocale
VirtualAlloc
GetCurrentThreadId
HeapReAlloc
VirtualQuery
SetProcessWorkingSetSize
GlobalAddAtomA
GetCurrentDirectoryA
FindNextFileA
SetEnvironmentVariableA
WideCharToMultiByte
GetLogicalDrives
GetCommandLineW
LockFile
FreeResource
SetHandleCount
FindResourceExA
LCMapStringA
LoadLibraryExW
IsDBCSLeadByte
ExitProcess
GlobalSize
FileTimeToSystemTime
GetUserDefaultLCID
GetSystemInfo
GetOEMCP
lstrcpynW
GlobalFlags
GlobalFree
lstrlenA
LockResource
GetStringTypeExW
GetProcessVersion
HeapAlloc
FreeLibrary
GetProcAddress
GetEnvironmentVariableW
UnlockFile
DeleteCriticalSection
GlobalLock
ExitThread
SetLastError
FormatMessageA
SetCurrentDirectoryA
GetSystemTime
MultiByteToWideChar
WaitForSingleObject
AllocConsole
GetTempPathA
lstrcpynA
FreeEnvironmentStringsW
GetExitCodeThread
GetCurrentThread
GetFileTime
HeapDestroy

comctl32

ImageList_ReplaceIcon
ImageList_LoadImageA
ImageList_Replace
PropertySheetW
ImageList_Merge
ImageList_AddMasked
ImageList_DragEnter
ImageList_DragMove
CreateStatusWindowW
ImageList_DragShowNolock
DestroyPropertySheetPage
ImageList_GetDragImage
CreatePropertySheetPageW
InitCommonControlsEx
ImageList_Destroy
ImageList_EndDrag
ImageList_GetIcon
ImageList_GetBkColor
ImageList_GetImageCount
ord17
ImageList_Draw
ImageList_DrawEx
ImageList_DragLeave
PropertySheetA
ImageList_Remove
ImageList_GetIconSize
CreatePropertySheetPageA
ImageList_Create
_TrackMouseEvent
ImageList_BeginDrag
ImageList_GetImageInfo
ImageList_SetBkColor
ImageList_SetOverlayImage

user32

SetMenuDefaultItem
WindowFromPoint
RegisterClassA
SetActiveWindow
WaitForInputIdle
DdeFreeDataHandle
IsIconic
DestroyCursor
SetDlgItemTextA
SetRect
TabbedTextOutA
GetClassNameW
SendMessageW
ScreenToClient
SetTimer
ExcludeUpdateRgn
SetMenuItemBitmaps
GetWindowTextA
SystemParametersInfoA
GetWindow
InvalidateRect
GetWindowDC
CreatePopupMenu
EqualRect
GetWindowLongW
GetForegroundWindow
SetFocus
LoadAcceleratorsA
SetWindowLongA
GetSystemMetrics
DrawTextExA
GetMessageW
GetWindowLongA
ReleaseDC
SetForegroundWindow
GetNextDlgTabItem
RegisterWindowMessageA
SetMenuItemInfoW
PeekMessageW
ModifyMenuA
GetScrollRange
InflateRect
EnableWindow
LoadMenuW
GetKeyNameTextA
BeginPaint
ShowCaret
IsDialogMessageW
RedrawWindow
LockWindowUpdate
InvalidateRgn
IsRectEmpty
CallWindowProcW
IsWindowVisible
RegisterClassExA
SetWindowPos
DestroyIcon
GetAsyncKeyState
SetWindowContextHelpId
GetDesktopWindow
GetMenuItemInfoA
FindWindowA
ExitWindowsEx
GetWindowTextW
SetScrollPos
ChildWindowFromPoint
GetMenuDefaultItem
IsDlgButtonChecked
GetSystemMenu
GetClientRect
DispatchMessageA
RemovePropW
ShowScrollBar
ShowOwnedPopups
GetSysColor
IsZoomed
LoadCursorW
SetWindowsHookExA
GetCursorPos
GetParent
GetPropA
SetCursor
DrawTextA
GetKeyboardState
LoadIconW
SetCursorPos
TranslateMDISysAccel
GetDoubleClickTime
DrawTextW
GetClipboardData
GetCaretPos
GetTopWindow
GetMenuItemID
DdeCreateStringHandleA
GetScrollPos
GetScrollInfo
DestroyWindow
IntersectRect
LoadBitmapA
EndDialog
CreateDialogParamA
SetDlgItemTextW
RegisterClassW
MessageBeep
GetWindowRgn
GetMenuStringW
GetWindowPlacement
CreateWindowExW
UnhookWindowsHookEx
DefFrameProcA
UnregisterClassW
wvsprintfA
GetFocus
DispatchMessageW
IsDialogMessageA
CreateDialogParamW
GetClassNameA
DdeGetLastError
IsMenu
SetCapture
DefWindowProcW
DeleteMenu
CharNextA
TranslateAcceleratorA
LoadMenuA
EndPaint
PeekMessageA
GetClassInfoA
BringWindowToTop
SetScrollInfo
SetWindowRgn
GetMenu
RemoveMenu
DialogBoxParamA
MoveWindow
IsWindow
SetParent
GetKeyboardLayout
HideCaret
SendDlgItemMessageW
DefFrameProcW
ReleaseCapture
SetWindowTextA
DrawStateW
SetDlgItemInt
TranslateMessage
LoadIconA
MessageBoxW
wsprintfA
FindWindowExW
CloseClipboard
ReuseDDElParam
CreateDialogIndirectParamA
PostMessageA
CreateWindowExA
DialogBoxParamW
GetDlgCtrlID
keybd_event
UnpackDDElParam
CheckMenuItem
DrawFrameControl
DrawIconEx
GetMenuItemInfoW
ScrollWindow
GetActiveWindow
GrayStringA
DrawStateA
CallWindowProcA
FillRect
GetIconInfo
GetQueueStatus
GetClassLongA
WaitMessage
GetDC
wsprintfW
GetDlgItem
PtInRect
GetMenuState
WinHelpA
SendMessageA
DrawMenuBar
IsWindowEnabled
WinHelpW
DeferWindowPos
PostThreadMessageW
GetWindowRect
AppendMenuA
LoadStringW
DrawIcon
GetDlgItemTextW
CharUpperA
GetSubMenu
GetLastActivePopup
SetPropA
CreateAcceleratorTableW
GetMenuItemCount
GetMessageTime
DrawEdge
DdeInitializeA
GetMessagePos
GetWindowTextLengthA
SetWindowTextW
AdjustWindowRectEx
GetKeyState
DrawFocusRect
DefWindowProcA
LoadStringA
RemovePropA
DdeCreateDataHandle
CreateDialogIndirectParamW
SetClipboardData
DestroyMenu
CreateAcceleratorTableA
CopyRect
ShowWindow
UnregisterClassA
SetRectEmpty
RegisterHotKey
GetCapture
UnionRect
LoadBitmapW
SendDlgItemMessageA
RegisterClipboardFormatA
CreateMenu
GetUpdateRect
IsChild
EnableMenuItem
UpdateWindow
TrackPopupMenu
LoadAcceleratorsW
CallNextHookEx
PostQuitMessage
SetMenu
LoadCursorA
SetWindowLongW
PostThreadMessageA
MapDialogRect
ValidateRect
GetClassLongW
MapWindowPoints
GetSysColorBrush
RegisterWindowMessageW
GetMessageA
MessageBoxA

rpcrt4

RpcMgmtStopServerListening
NdrPointerMarshall
NdrServerInitializeNew
RpcServerUseProtseqEpA
NdrPointerBufferSize
NdrPointerFree
RpcRaiseException
RpcServerRegisterIf
RpcServerUnregisterIf
I_RpcGetBuffer
NdrConformantStringUnmarshall
UuidToStringA
UuidCreate
NdrConvert
RpcStringFreeA
RpcServerListen

oleaut32

LoadTypeLi

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

84ac0d5caa3aca63b4d8367e9245e3a1

Headers

File Characteristics

Imports

shell32

winmm

advapi32

shlwapi

mfc42

kernel32

comctl32

user32

rpcrt4

oleaut32

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 100KB - Virtual size: 98KB

.data Size: 92KB - Virtual size: 102KB

.rsrc Size: 24KB - Virtual size: 20KB

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 100KB - Virtual size: 98KB

.data
Size: 92KB - Virtual size: 102KB

.rsrc
Size: 24KB - Virtual size: 20KB