399b5f6571c577e07f81bfb2e1ca1fd2a1bebc6ad8d45fa261f2ced8cd6cb7ec

Sharing

Copy URL Twitter E-mail

General

Target

399b5f6571c577e07f81bfb2e1ca1fd2a1bebc6ad8d45fa261f2ced8cd6cb7ec
Size

1.2MB
MD5

6197aa7b6a70ab49dc8b0da1d38b00df
SHA1

a56cd9bdf8fba786ca8b123349d267c7f4d720d0
SHA256

399b5f6571c577e07f81bfb2e1ca1fd2a1bebc6ad8d45fa261f2ced8cd6cb7ec
SHA512

feb0b653cbbc7d2c289cdd50a4abd27d524b08edcf3e019dcff9a2866684050ae775d6c617cefc9652c38026bfe4fdb5ed5886ca1efed5efd04220805bdd4d51
SSDEEP

24576:Bo9RIMgwt1YXqbVLDhEqfR9fQQlYRNb1ul5Lg40MarOEV:fMtImliqZ+QeHukMarOEV

Score

N/A

Malware Config

Signatures

Files

399b5f6571c577e07f81bfb2e1ca1fd2a1bebc6ad8d45fa261f2ced8cd6cb7ec
.exe windows x86

6619d5d7f5d46d0b981b92ecfd55198a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

user32

ReuseDDElParam
GetMenuBarInfo
LoadAcceleratorsW
InsertMenuItemW
CreatePopupMenu
BringWindowToTop
TranslateAcceleratorW
GetDialogBaseUnits
GetSysColorBrush
InvalidateRgn
SetRect
CopyAcceleratorTableW
UnpackDDElParam
GetMenuItemInfoW
InflateRect
MapVirtualKeyW
GetKeyNameTextW
MessageBeep
GetNextDlgGroupItem
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
GetMessageW
TranslateMessage
ValidateRect
CharUpperW
CharNextW
GetCursorPos
ReleaseCapture
SetCapture
UnregisterClassW
DestroyIcon
WindowFromPoint
RegisterClipboardFormatW
SetParent
UnionRect
PostThreadMessageW
GetDCEx
LockWindowUpdate
DestroyMenu
KillTimer
SetTimer
SetWindowRgn
IsRectEmpty
MessageBoxW
RedrawWindow
AppendMenuW
DeleteMenu
GetWindow
OffsetRect
IsIconic
DrawIcon
GetSystemMetrics
GetDesktopWindow
GetSystemMenu
EnableMenuItem
EqualRect
SystemParametersInfoW
LoadIconW
FindWindowW
SetRectEmpty
GetKeyState
GetAsyncKeyState
GetClientRect
GetParent
GetFocus
InvalidateRect
PostMessageW
LoadCursorW
SetCursor
GetWindowRect
SendMessageW
EnableWindow
GetWindowThreadProcessId
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
PostQuitMessage
RemoveMenu
GetSubMenu
GetMenuItemCount
InsertMenuW
GetMenuItemID
GetMenuStringW
GetMenuState
LoadMenuW
EndDialog
GetNextDlgTabItem
IsWindowEnabled
GetDlgItem
GetWindowLongW
IsWindow
DestroyWindow
CreateDialogIndirectParamW
SetActiveWindow
GetActiveWindow
GetWindowPlacement
SystemParametersInfoA
IntersectRect
SetWindowPos
SetWindowLongW
GetMenu
CallWindowProcW
DefWindowProcW
GetDlgCtrlID
SetWindowPlacement
PtInRect
CopyRect
SetScrollInfo
GetScrollInfo
DeferWindowPos
ScreenToClient
AdjustWindowRectEx
GetSysColor
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
UpdateWindow
IsWindowVisible
ShowScrollBar
SetForegroundWindow
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
SetMenu
TrackPopupMenu
TrackPopupMenuEx
ScrollWindow
MapWindowPoints
PeekMessageW
GetMessagePos
GetMessageTime
UnhookWindowsHookEx
GetTopWindow
EndDeferWindowPos
BeginDeferWindowPos
DispatchMessageW
GetLastActivePopup
GetForegroundWindow
GetWindowTextW
GetWindowTextLengthW
SetFocus
RemovePropW
GetPropW
SetPropW
GetClassNameW
GetClassLongW
CallNextHookEx
SetWindowsHookExW
GetCapture
IsChild
WinHelpW
SendDlgItemMessageA
SendDlgItemMessageW
RegisterWindowMessageW
CheckMenuItem
ModifyMenuW
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckDlgButton
CheckRadioButton
GetDlgItemInt
GetDlgItemTextW
SetDlgItemInt
SetDlgItemTextW
IsDlgButtonChecked
IsDialogMessageW
SetWindowTextW
MoveWindow
ShowWindow
ScrollWindowEx
FillRect
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
ClientToScreen

comctl32

ord17

kernel32

LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
GetFileSizeEx
GetFileTime
SetThreadPriority
ResumeThread
WaitForSingleObject
SetEvent
SuspendThread
CreateEventW
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetPrivateProfileIntW
GetCurrentDirectoryW
GlobalFlags
GlobalGetAtomNameW
GetAtomNameW
lstrlenA
GetTempFileNameW
GetDiskFreeSpaceW
GetTickCount
GetStartupInfoW
RtlUnwind
SetEnvironmentVariableW
SetCurrentDirectoryW
GetCurrentDirectoryA
SetCurrentDirectoryA
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
RaiseException
HeapReAlloc
ExitThread
CreateThread
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
FileTimeToLocalFileTime
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetDriveTypeA
GetFullPathNameA
FatalAppExitA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetStringTypeW
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
FileTimeToSystemTime
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
ReadFile
GetStringTypeExW
MoveFileW
GetThreadLocale
InterlockedIncrement
GetCurrentProcessId
GetModuleHandleA
GlobalAddAtomW
GlobalFindAtomW
CompareStringW
LoadLibraryA
GetVersionExA
FreeResource
SetLastError
GlobalFree
CopyFileW
GlobalSize
GlobalUnlock
FormatMessageW
MulDiv
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
WideCharToMultiByte
CompareStringA
InterlockedExchange
GlobalLock
lstrcmpW
GlobalAlloc
GetModuleHandleW
FindFirstFileW
FindClose
DeleteCriticalSection
InitializeCriticalSection
OutputDebugStringW
Sleep
GetCurrentProcess
GetLocaleInfoW
GetProcAddress
FreeLibrary
MultiByteToWideChar
InterlockedDecrement
CreateToolhelp32Snapshot
Process32FirstW
OpenProcess
Process32NextW
SearchPathW
CreateProcessW
GetVersionExW
GetShortPathNameW
WriteFile
GetLastError
CreateDirectoryW
SetFilePointer
GetPrivateProfileStringW
GetFileAttributesW
SetFileAttributesW
DeleteFileW
WritePrivateProfileStringW
SetErrorMode
LocalAlloc
LoadLibraryW
LocalFree
GetModuleFileNameW
lstrcpyW
lstrlenW
CreateFileW
CloseHandle
LoadResource
LockResource
SizeofResource
FindResourceW
EnterCriticalSection
LeaveCriticalSection
GetProcessHeap
lstrcmpiW
SetUnhandledExceptionFilter

gdi32

GetMapMode
GetTextMetricsW
GetRgnBox
SetRectRgn
CombineRgn
GetTextExtentPoint32W
CreateCompatibleBitmap
StretchDIBits
CreateFontW
GetCharWidthW
GetTextColor
GetBkColor
Ellipse
LPtoDP
DPtoLP
CreateEllipticRgn
CreateHatchBrush
ExtCreatePen
CreatePen
PlayMetaFile
EnumMetaFile
GetObjectType
PlayMetaFileRecord
SelectPalette
GetStockObject
CreateCompatibleDC
CreatePatternBrush
CreateDIBPatternBrushPt
DeleteDC
ExtSelectClipRgn
PolyBezierTo
PolylineTo
PolyDraw
ArcTo
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
StartDocW
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
DeleteObject
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
CreateDCW
CopyMetaFileW
GetDeviceCaps
GetObjectW
CreateFontIndirectW
PatBlt
CreateSolidBrush
CreateRectRgnIndirect

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

GetFileSecurityW
SetFileSecurityW
RegCreateKeyW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyW
IsTextUnicode
RegSetValueW
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
GetNamedSecurityInfoW
AllocateAndInitializeSid
SetEntriesInAclW
SetNamedSecurityInfoW
OpenSCManagerW
OpenServiceW
CloseServiceHandle
QueryServiceStatus
StartServiceW

shell32

ShellExecuteExW
ExtractIconW
DragQueryFileW
DragFinish
SHGetFileInfoW
SHGetFolderPathW

shlwapi

PathFindFileNameW
PathRemoveExtensionW
PathRemoveFileSpecW
PathAppendW
PathFindExtensionW
PathStripToRootW
PathIsUNCW

oledlg

OleUIBusyW

ole32

OleSetClipboard
CoRevokeClassObject
CoRegisterClassObject
CoInitializeEx
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
StringFromGUID2
CoDisconnectObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleIsCurrentClipboard
CLSIDFromProgID
CreateStreamOnHGlobal
OleDuplicateData
CoTreatAsClass
StringFromCLSID
CoTaskMemAlloc
ReleaseStgMedium
CreateBindCtx
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
OleRun
CoSetProxyBlanket
CoUninitialize
CoInitialize
CoCreateInstance
CoRegisterMessageFilter
OleFlushClipboard
CLSIDFromString

oleaut32

LoadRegTypeLi
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
RegisterTypeLi
SafeArrayDestroy
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayCreate
SafeArrayRedim
VariantCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VarDateFromStr
SysReAllocStringLen
VarCyFromStr
VarBstrFromCy
VarBstrFromDec
VarDecFromStr
VarBstrFromDate
SafeArrayCreateVector
CreateErrorInfo
GetErrorInfo
SetErrorInfo
LoadTypeLi
OleCreateFontIndirect
VariantChangeType
SysStringByteLen
SysAllocStringByteLen
SysAllocStringLen
SysStringLen
VariantInit
VariantClear
SysAllocString
SysFreeString

ws2_32

WSACleanup
gethostname
WSAStartup
inet_ntoa
gethostbyname

Sections

.text
Size: 584KB - Virtual size: 583KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 90KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 396KB - Virtual size: 395KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6619d5d7f5d46d0b981b92ecfd55198a

Headers

DLL Characteristics

File Characteristics

Imports

version

user32

comctl32

kernel32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

ws2_32

Sections

.text Size: 584KB - Virtual size: 583KB

.rdata Size: 163KB - Virtual size: 163KB

.data Size: 90KB - Virtual size: 105KB

.rsrc Size: 396KB - Virtual size: 395KB

.text
Size: 584KB - Virtual size: 583KB

.rdata
Size: 163KB - Virtual size: 163KB

.data
Size: 90KB - Virtual size: 105KB

.rsrc
Size: 396KB - Virtual size: 395KB