b3176ac62d126335d0e6bb96bc53549d8af67503985194a7845ed0da073286bd

Sharing

Copy URL Twitter E-mail

General

Target

b3176ac62d126335d0e6bb96bc53549d8af67503985194a7845ed0da073286bd
Size

522KB
MD5

b818a2939fc2861c3db2ce419e17af12
SHA1

b84fd884ee820b189a07d3b7856544b6aa563477
SHA256

b3176ac62d126335d0e6bb96bc53549d8af67503985194a7845ed0da073286bd
SHA512

2804053fca1fc4065f4746bb2f5e3d0f60904372bf77ea4a7430c327a7e9261fe8fb3c9194d2bcb05384a20054908272ca1f6d9f6573edbc4f06d3ce36aca0c7
SSDEEP

12288:/6ZRCkRTvK/uoEk8Y1/72oabnTDsllWeUYCYNZVb:CZIkR7/ovfunvuTCYvh

Score

N/A

Malware Config

Signatures

Files

b3176ac62d126335d0e6bb96bc53549d8af67503985194a7845ed0da073286bd
.exe windows x86

ddc02999b91bbab1e40691d5ef99acaf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

AdjustWindowRect
RemovePropA
BroadcastSystemMessageA
IsClipboardFormatAvailable
GetParent
EnumDisplaySettingsExW
GetDialogBaseUnits
GetFocus
GetOpenClipboardWindow
GetWindowTextLengthW
EnableScrollBar
GetWindowInfo
RegisterClassW
PeekMessageA
HideCaret
VkKeyScanExW
SendMessageW
IsWindowUnicode
DrawFrame
SetRectEmpty
SystemParametersInfoW
GetCaretBlinkTime
OpenWindowStationW
DlgDirSelectExW
AppendMenuW
GetMessageA
LoadMenuIndirectA
UnloadKeyboardLayout
DdePostAdvise
GetClipboardSequenceNumber
DdeCreateDataHandle
DefDlgProcA
GetKeyboardLayout
ChildWindowFromPoint
DdeAddData
GetMessageW
DefFrameProcW
OemToCharBuffA
AppendMenuA
SetScrollInfo
CreateDialogIndirectParamW
EnumPropsA
LoadImageW
LoadMenuW
OpenInputDesktop
DrawStateA
CallWindowProcA
SendDlgItemMessageA
MapVirtualKeyW
InvertRect
SetUserObjectInformationA
DrawAnimatedRects
SwitchToThisWindow
SetMessageExtraInfo
DestroyMenu
GetWindowDC
TranslateAcceleratorW
RemovePropW
GetMenuContextHelpId
ScrollDC
DdeConnectList
CharUpperW
SetActiveWindow
GetWindowLongW
GetMenuStringW
GetClassInfoA
GetWindowLongA
GetMessageExtraInfo
PeekMessageW
ImpersonateDdeClientWindow
IsDlgButtonChecked
TabbedTextOutW
GetDesktopWindow
IsRectEmpty
OemKeyScan
DrawStateW
LoadBitmapA
MapVirtualKeyExA
EnumDisplayDevicesW
SetPropA
CharLowerBuffW
GetUserObjectSecurity
DestroyAcceleratorTable
BroadcastSystemMessageW
CallWindowProcW
DdeQueryStringA
ChangeMenuA
MoveWindow
GetAsyncKeyState
GetPriorityClipboardFormat
SetMenuItemBitmaps
ToUnicodeEx
GetClassNameA
VkKeyScanA
SetKeyboardState
GetMenuCheckMarkDimensions
CreateDialogIndirectParamA
GetMenuItemCount
WinHelpA
GetGuiResources

wsock32

inet_addr
socket
select
bind
ord1105
ord1104
WSAIsBlocking
ord1120
getsockname
connect
WSACleanup
ord1141
WSAAsyncSelect
getservbyport
ord1116
ord1119
ord1110
ord1100
ntohl
listen
ord1115
WSAAsyncGetServByName
ord1109
htons
ord1108
recv
__WSAFDIsSet
WSACancelBlockingCall
getsockopt
inet_ntoa
ord1112
ord1000
ord1102
send
setsockopt
accept
closesocket
getservbyname
ord1113
WSASetLastError
htonl
ord1142
WSAUnhookBlockingHook
WSAAsyncGetHostByAddr
WSAAsyncGetProtoByNumber
ord1106
WSAAsyncGetProtoByName
gethostbyname
getpeername
WSAStartup
ord1114
ioctlsocket

advapi32

RegQueryValueExA
CryptSetProviderA
LookupPrivilegeNameW
RegSaveKeyW
DuplicateTokenEx
RegQueryInfoKeyW
RegQueryInfoKeyA
RegQueryValueExW
CryptGetHashParam
RegQueryMultipleValuesA
LookupPrivilegeNameA
GetUserNameW
LookupAccountNameW
CryptVerifySignatureA
RegSetValueA
RegCreateKeyExW
CryptImportKey
RegEnumKeyA
InitiateSystemShutdownA
RegCreateKeyExA
AbortSystemShutdownW
CryptSetHashParam
RegRestoreKeyW
RegDeleteValueW
CryptExportKey
CryptGenRandom
RegReplaceKeyW
CryptHashData
CryptDestroyHash
StartServiceA
RegCreateKeyA
RegDeleteKeyA
RegConnectRegistryW
CryptEncrypt
RegReplaceKeyA

comdlg32

ChooseColorW
ReplaceTextW
ChooseFontA
FindTextW
ChooseColorA
ReplaceTextA
GetFileTitleA
LoadAlterBitmap
GetFileTitleW
FindTextA
GetSaveFileNameA
GetSaveFileNameW
GetOpenFileNameW

wininet

InternetOpenUrlA
HttpSendRequestExA
InternetGetConnectedStateEx
HttpQueryInfoW
InternetReadFileExA
GopherGetLocatorTypeW
InternetQueryOptionA
RetrieveUrlCacheEntryFileA
InternetGoOnline
InternetQueryFortezzaStatus
RunOnceUrlCache
InternetTimeToSystemTime
CreateUrlCacheContainerW
FtpRenameFileW
FtpRenameFileA
InternetSetCookieW
FtpGetCurrentDirectoryA
FtpPutFileEx
InternetShowSecurityInfoByURLA
InternetGetCertByURL
HttpOpenRequestA
InternetShowSecurityInfoByURLW
HttpEndRequestW
InternetCombineUrlW
InternetUnlockRequestFile
ShowSecurityInfo
InternetFortezzaCommand
FindFirstUrlCacheEntryExA
InternetTimeFromSystemTimeA
InternetTimeFromSystemTime
FreeUrlCacheSpaceW
FtpGetFileEx
FtpCommandA
UnlockUrlCacheEntryStream
InternetDialA
ShowCertificate
IncrementUrlCacheHeaderData
HttpSendRequestW
GetUrlCacheGroupAttributeA
GopherCreateLocatorW
UnlockUrlCacheEntryFileA
InternetSetCookieA
FtpOpenFileW
FtpRemoveDirectoryA
IsUrlCacheEntryExpiredA
InternetGetConnectedState
GetUrlCacheConfigInfoW
GetUrlCacheEntryInfoExA
InternetDial
InternetOpenUrlW
DeleteUrlCacheEntryW
InternetFindNextFileW
GetUrlCacheHeaderData
InternetSetOptionExW
InternetDialW
InternetReadFile
HttpCheckDavCompliance
InternetGoOnlineW
SetUrlCacheEntryGroupW
InternetAlgIdToStringW
FindNextUrlCacheContainerW
InternetCanonicalizeUrlW
HttpOpenRequestW
InternetSetDialStateW
ShowClientAuthCerts
DeleteIE3Cache
InternetSetDialStateA
LoadUrlCacheContent
FindNextUrlCacheEntryExW
InternetFindNextFileA
FtpSetCurrentDirectoryA
InternetSetOptionA
FindCloseUrlCache
InternetConfirmZoneCrossing
FtpPutFileA
CreateUrlCacheGroup
GopherOpenFileW
GopherCreateLocatorA
FtpFindFirstFileA
RetrieveUrlCacheEntryFileW
DeleteUrlCacheGroup
InternetSecurityProtocolToStringA
InternetOpenA
DeleteUrlCacheEntry
InternetSetDialState
InternetWriteFileExW

shell32

SheGetPathOffsetW
RealShellExecuteA
SHBrowseForFolderA
SHFileOperationA
SHInvokePrinterCommandA
SHBrowseForFolder
SheRemoveQuotesW
DragQueryFileAorW
DragFinish
DragQueryPoint
InternalExtractIconListA
DragQueryFileW
SHGetPathFromIDList
DoEnvironmentSubstA
InternalExtractIconListW
ExtractIconResInfoW
DragAcceptFiles
SHAddToRecentDocs
SHGetDataFromIDListA
SHGetMalloc
SheConvertPathW
ExtractAssociatedIconW
ExtractAssociatedIconExA
FindExecutableA
SHLoadInProc
SheShortenPathW
SHGetDataFromIDListW
DoEnvironmentSubstW
SHEmptyRecycleBinA
SheFullPathA
SHChangeNotify
DragQueryFile
SHEmptyRecycleBinW
ExtractIconW
SHGetSpecialFolderLocation
RealShellExecuteExW
SHGetFileInfoW
SHGetPathFromIDListW
ShellExecuteA
SHInvokePrinterCommandW
SheChangeDirA
CheckEscapesA
ExtractIconA
CommandLineToArgvW
CheckEscapesW
SHFormatDrive
FreeIconList
ExtractIconExA
SheChangeDirW
SheShortenPathA
ShellAboutW
SHGetPathFromIDListA
SHQueryRecycleBinA
SHGetSettings
SHGetFileInfoA
SHGetDesktopFolder
RealShellExecuteW
DuplicateIcon
SHFreeNameMappings
RealShellExecuteExA
SheGetDirW
ShellAboutA
ShellHookProc
SheChangeDirExW
SHBrowseForFolderW
SheFullPathW
SHAppBarMessage
SheRemoveQuotesA
SHGetSpecialFolderPathA
FindExeDlgProc
ExtractIconResInfoA

kernel32

ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
HeapReAlloc
HeapAlloc
HeapFree
VirtualAlloc
GetLogicalDrives
GetFullPathNameA
GetDiskFreeSpaceExW
GlobalDeleteAtom
FreeEnvironmentStringsW
OpenEventA
WaitForSingleObject
GetWindowsDirectoryW
GetLocalTime
SetThreadContext
PeekConsoleInputW
GetNamedPipeHandleStateA
ConnectNamedPipe
EnumCalendarInfoA
GetSystemDirectoryA
GetTimeFormatA
Thread32First
TlsFree
Module32First
HeapLock
CreateToolhelp32Snapshot
OpenSemaphoreW
MoveFileA
GetThreadPriorityBoost

Sections

.text
Size: 240KB - Virtual size: 239KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 282KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ddc02999b91bbab1e40691d5ef99acaf

Headers

File Characteristics

Imports

user32

wsock32

advapi32

comdlg32

wininet

shell32

kernel32

Sections

.text Size: 240KB - Virtual size: 239KB

.data Size: 282KB - Virtual size: 281KB

.text
Size: 240KB - Virtual size: 239KB

.data
Size: 282KB - Virtual size: 281KB