c096f3d4f4d5d8726c1fc65d5b5253e2a930caba56f5e1cc57f64490bb9346e7

Sharing

Copy URL Twitter E-mail

General

Target

c096f3d4f4d5d8726c1fc65d5b5253e2a930caba56f5e1cc57f64490bb9346e7
Size

4.1MB
MD5

863c85185743bf25f2a3e9ee2a4eafd8
SHA1

fcae9b66236870d1dfab1d745c0027928cc1f819
SHA256

c096f3d4f4d5d8726c1fc65d5b5253e2a930caba56f5e1cc57f64490bb9346e7
SHA512

2f5ae8956fcadcef9493013267e43645141661938f5a38021dd27cbd693fad4deb22b65ccdbd387b8e6cd2ad95e7854494e0c4e7113817373b0cece1966fb59c
SSDEEP

49152:+xELMdlCjKhrkpCFefyIN/y7FYv/ebIi6kVSMsIYf5OqWvY3YNWgGPfwJpdO2zfq:mQU82Yp3YNWggwJpNzoKmz0ldVQ

Score

N/A

Malware Config

Signatures

Files

c096f3d4f4d5d8726c1fc65d5b5253e2a930caba56f5e1cc57f64490bb9346e7
.exe windows x86

9f21e909b03e6a3b96a87a4e824f5875

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
GetModuleFileNameA
GetCurrentThreadId
CreateFileA
GetCurrentProcessId
SetUnhandledExceptionFilter
GetStdHandle
LoadLibraryExW
SearchPathW
lstrlenW
GetShortPathNameW
SetFileTime
SetFileAttributesW
GetWindowsDirectoryW
MoveFileW
SetFilePointer
SetEndOfFile
GetFileInformationByHandle
FindFirstChangeNotificationW
FindCloseChangeNotification
GetStartupInfoW
CreatePipe
OutputDebugStringW
CreateProcessW
GetTempFileNameW
GetDriveTypeW
MoveFileExW
GetSystemInfo
GetFileAttributesExW
GetLogicalDriveStringsW
CreateFileW
RemoveDirectoryW
InterlockedCompareExchange
WriteFile
FindNextFileW
CompareFileTime
CreateDirectoryW
OpenProcess
GetProcessId
TerminateProcess
GetModuleHandleA
LoadLibraryA
GetVersionExA
GetFullPathNameA
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
lstrlenA
CreateFileMappingW
UnmapViewOfFile
MapViewOfFile
GetFileSizeEx
RtlCaptureStackBackTrace
GetModuleHandleW
GetLocalTime
GetVersionExW
GetTickCount
IsBadReadPtr
FindFirstFileW
GetFullPathNameW
FindResourceW
FindClose
SizeofResource
LoadResource
WriteConsoleW
FlushFileBuffers
HeapSize
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExW
FindFirstFileExA
GetProcessHeap
SetConsoleCtrlHandler
GetTimeZoneInformation
SetStdHandle
GetConsoleCP
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetFileType
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetACP
ExitProcess
HeapReAlloc
ConnectNamedPipe
ResumeThread
InitializeCriticalSectionAndSpinCount
RtlUnwind
WaitForMultipleObjectsEx
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
SetProcessAffinityMask
VirtualProtect
VirtualFree
VirtualAlloc
FreeLibraryAndExitThread
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
SwitchToThread
SignalObjectAndWait
CreateTimerQueue
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
UnhandledExceptionFilter
ResetEvent
LocalFree
GetCPInfo
GetLocaleInfoW
LCMapStringW
CompareStringW
EncodePointer
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
LockResource
FreeResource
MulDiv
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetCurrentProcess
HeapFree
HeapAlloc
HeapDestroy
HeapCreate
FlushInstructionCache
GetFileAttributesW
MultiByteToWideChar
CreateMutexW
SetLastError
WritePrivateProfileStringW
SetCurrentDirectoryW
FileTimeToSystemTime
FileTimeToLocalFileTime
WaitForMultipleObjects
SetEvent
CreateEventW
CreateThread
OutputDebugStringA
WideCharToMultiByte
CloseHandle
Sleep
GetExitCodeProcess
WaitForSingleObject
GetLastError
FreeLibrary
LoadLibraryW
GetTempPathW
DeleteFileW
GetModuleFileNameW
GetProcAddress
TlsGetValue
TlsAlloc
GetStringTypeW
FormatMessageW
GlobalUnlock
TryEnterCriticalSection
QueryPerformanceFrequency
QueryPerformanceCounter
GetNativeSystemInfo
GetExitCodeThread
GetCurrentThread
WaitForSingleObjectEx
DuplicateHandle
DisconnectNamedPipe
CreateNamedPipeW
DecodePointer
RaiseException
GetModuleHandleExW
GetSystemDirectoryW
GlobalLock
GlobalAlloc
GetFileSize
GetCurrentDirectoryW
InterlockedIncrement
ExitThread
ReadFile
InterlockedDecrement

user32

DeleteMenu
SetPropW
PostMessageW
MoveWindow
SendMessageW
IsWindowVisible
SetForegroundWindow
GetWindowThreadProcessId
IsWindow
FindWindowW
GetActiveWindow
ShowWindow
GetSystemMetrics
GetWindowRect
SetWindowPos
GetWindow
GetDesktopWindow
GetPropW
RegisterWindowMessageW
GetCursorPos
SystemParametersInfoW
SetTimer
KillTimer
DestroyIcon
DestroyWindow
LoadCursorW
DestroyCursor
SetCursor
SetRect
CopyRect
InflateRect
IntersectRect
UnionRect
IsRectEmpty
EqualRect
PtInRect
DefWindowProcW
CallWindowProcW
UnregisterClassW
RegisterClassExW
CreateWindowExW
DrawIconEx
GetDlgItem
GetClientRect
MapWindowPoints
GetWindowLongW
SetWindowLongW
GetParent
MonitorFromWindow
GetMonitorInfoW
TrackMouseEvent
PostQuitMessage
AnimateWindow
SetLayeredWindowAttributes
IsIconic
IsZoomed
SetFocus
GetCapture
SetCapture
ReleaseCapture
UpdateWindow
GetDC
ReleaseDC
BeginPaint
EndPaint
InvalidateRect
SetWindowTextW
CreateCaret
GetCaretBlinkTime
HideCaret
SetCaretPos
ScreenToClient
GetClassNameW
GetKeyState
CharToOemW
CreateIconIndirect
SetActiveWindow
EnableWindow
UpdateLayeredWindow
MapVirtualKeyA
CharLowerBuffW
SystemParametersInfoA
EnableMenuItem
GetWindowPlacement
LoadIconW
MessageBoxW
GetForegroundWindow
MsgWaitForMultipleObjects
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
SetMenuContextHelpId
GetMenuItemInfoW
SetMenuInfo
GetMenuInfo
TrackPopupMenu
DrawTextW
AppendMenuW
InsertMenuW
GetMenuItemCount
CheckMenuItem
DestroyMenu
CreatePopupMenu
IsWindowEnabled
IsMenu
LoadImageW
CreateIconFromResource
LoadBitmapW
GetIconInfo
CharNextW
GetFocus
OffsetRect
GetSysColor
ClientToScreen

gdi32

SetBkMode
Rectangle
GetStockObject
GetClipBox
CreateSolidBrush
CreateFontIndirectW
SelectObject
DeleteDC
CreateCompatibleDC
GetObjectW
CreateRoundRectRgn
EnumFontsW
DeleteObject
SetGraphicsMode
GetDeviceCaps
BitBlt
ExtCreateRegion
GetRegionData
IntersectClipRect
SelectClipRgn
CreateDIBSection
GetCurrentObject
GetViewportOrgEx
GetDCOrgEx
StretchBlt
CreateCompatibleBitmap
SetViewportOrgEx
EnumFontFamiliesExW
GetCharABCWidthsW
GetFontData
GetGlyphOutlineW
GetOutlineTextMetricsW
GetFontUnicodeRanges
GetGlyphIndicesW
GetTextExtentPointI
AddFontMemResourceEx
RemoveFontMemResourceEx
SetTextColor
SetTextAlign
GetTextMetricsW
SetWorldTransform
ExtTextOutW
GetTextFaceW
GdiFlush
CreateBitmap

comdlg32

GetOpenFileNameW

advapi32

RegSetValueExW
DuplicateTokenEx
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
GetUserNameW
RegCloseKey
RegDeleteKeyW
RegCreateKeyExW
OpenProcessToken
RegDeleteValueW
RegQueryValueExW
RegOpenKeyExW

shell32

SHGetFileInfoW
ShellExecuteW
ShellExecuteExW
SHGetPathFromIDListW
ord727
CommandLineToArgvW
ord43
SHBrowseForFolderW
Shell_NotifyIconW

ole32

CoInitializeEx
CoInitializeSecurity
CoUninitialize
CoInitialize
CreateBindCtx
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
OleLockRunning
CreateStreamOnHGlobal
CoCreateGuid
OleInitialize
OleUninitialize

oleaut32

VariantClear
SysFreeString
SysAllocString
SysAllocStringByteLen
VariantCopy
CreateErrorInfo
GetErrorInfo
VariantChangeType
SetErrorInfo
VariantInit

shlwapi

PathRemoveFileSpecA
StrToIntExW
PathCombineW
PathFileExistsW
PathRemoveFileSpecW
PathAddBackslashW
PathQuoteSpacesW
PathIsDirectoryW
PathStripPathW
StrStrW
StrToIntW
PathRenameExtensionW
SHDeleteKeyW
ord158

gdiplus

GdiplusShutdown
GdipBitmapLockBits
GdipGraphicsClear
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipSaveImageToFile
GdipBitmapUnlockBits
GdipDrawImageRectI
GdipFree
GdipGetImageEncodersSize
GdipImageGetFrameDimensionsCount
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageI
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipDisposeImage
GdipAlloc
GdiplusStartup
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipGetImageEncoders

everything32

Everything_GetResultSize
Everything_GetResultDateModified
Everything_SetSearchW
Everything_IsFolderResult
Everything_QueryW
Everything_SaveDB
Everything_GetNumResults
Everything_GetResultFileNameW
Everything_GetResultPathW
Everything_SetRequestFlags

imm32

ImmReleaseContext
ImmAssociateContext
ImmGetContext

psapi

EnumProcessModules
GetModuleBaseNameW
GetModuleFileNameExW
EnumProcesses

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

winhttp

WinHttpCloseHandle
WinHttpOpenRequest
WinHttpReadData
WinHttpConnect
WinHttpCrackUrl
WinHttpQueryDataAvailable
WinHttpSendRequest
WinHttpSetTimeouts
WinHttpReceiveResponse
WinHttpOpen

netapi32

Netbios

wininet

InternetOpenW
InternetReadFile
InternetCloseHandle
InternetOpenUrlW

dbghelp

MiniDumpWriteDump

iphlpapi

IcmpSendEcho
IcmpCreateFile
GetAdaptersAddresses
GetAdaptersInfo
IcmpCloseHandle

ws2_32

inet_addr
WSACleanup
WSAStartup
gethostbyname
inet_ntoa

snmpapi

SnmpUtilOidNCmp
SnmpUtilOidCpy
SnmpUtilVarBindFree

usp10

ScriptShape
ScriptItemize
ScriptFreeCache

opengl32

wglGetProcAddress
wglGetCurrentContext

Sections

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 685KB - Virtual size: 684KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 336KB - Virtual size: 336KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 171KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f21e909b03e6a3b96a87a4e824f5875

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

gdiplus

everything32

imm32

psapi

version

winhttp

netapi32

wininet

dbghelp

iphlpapi

ws2_32

snmpapi

usp10

opengl32

Sections

.text Size: 2.8MB - Virtual size: 2.8MB

.rdata Size: 685KB - Virtual size: 684KB

.data Size: 76KB - Virtual size: 168KB

.gfids Size: 6KB - Virtual size: 5KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 336KB - Virtual size: 336KB

.reloc Size: 171KB - Virtual size: 170KB

.text
Size: 2.8MB - Virtual size: 2.8MB

.rdata
Size: 685KB - Virtual size: 684KB

.data
Size: 76KB - Virtual size: 168KB

.gfids
Size: 6KB - Virtual size: 5KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 336KB - Virtual size: 336KB

.reloc
Size: 171KB - Virtual size: 170KB