fe8b912a2235c6c9f062ab62d734c70fadbfd0b391252ddd85fcc3f51961fa9d

Sharing

Copy URL Twitter E-mail

General

Target

fe8b912a2235c6c9f062ab62d734c70fadbfd0b391252ddd85fcc3f51961fa9d
Size

2.1MB
MD5

204f011cd1c8ef438a6b44adfbeab3a5
SHA1

ce4e97533c08ef607b4459f5f2458d2051ab915b
SHA256

fe8b912a2235c6c9f062ab62d734c70fadbfd0b391252ddd85fcc3f51961fa9d
SHA512

5147eeae9cc32a105817ebf4c3c141b7882fbd6f2e9545581f0032d0cc57acb7bb35b53ab92109dcfd344fd87f90f9aec8d0a2bd0d0c10d6e19750be17207ce6
SSDEEP

49152:GmyD3BXrCYAMZ7Udg/KJyf1sraa17+ph1q:qhCRdgCJyf1Al7+ph

Score

N/A

Malware Config

Signatures

Files

fe8b912a2235c6c9f062ab62d734c70fadbfd0b391252ddd85fcc3f51961fa9d
.exe windows x86

d4e0199cd0362a1a43534dee9d985404

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSACancelBlockingCall
WSAStartup
WSACleanup
gethostbyname
gethostname

shlwapi

SHDeleteKeyW
StrFormatByteSizeW
PathAppendW

iphlpapi

GetTcpStatistics

wininet

InternetOpenUrlW
InternetSetOptionExW
DeleteUrlCacheEntryW
GetUrlCacheEntryInfoW
InternetSetOptionW
InternetCrackUrlW
FindCloseUrlCache
FindNextUrlCacheEntryW
FindFirstUrlCacheEntryW
InternetQueryOptionW
InternetCanonicalizeUrlW
InternetOpenW
InternetCombineUrlW
InternetWriteFile
InternetSetStatusCallback
InternetSetFilePointer
InternetGetLastResponseInfoW
HttpQueryInfoW
InternetQueryDataAvailable
InternetReadFile
InternetCloseHandle

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

comctl32

ImageList_Create
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_Add
ImageList_AddMasked
ImageList_GetIcon
ImageList_Draw
ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_BeginDrag
ImageList_EndDrag
ImageList_DragMove
ImageList_DragShowNolock
ImageList_DragEnter
ImageList_DragLeave
ImageList_DrawEx
_TrackMouseEvent
ImageList_Duplicate
ord17
ImageList_Remove
ImageList_GetBkColor
ImageList_GetImageInfo
ImageList_Destroy
ImageList_DrawIndirect

netapi32

Netbios

maxzlib

deflateEnd
deflateInit2_
inflateEnd
crc32
deflate
get_crc_table
inflateInit2_
inflate

kernel32

FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileTime
HeapDestroy
GetShortPathNameW
lstrcatW
InterlockedIncrement
GetTickCount
LoadLibraryA
GetModuleHandleA
DuplicateHandle
ReadFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetVolumeInformationW
GetFullPathNameW
GetThreadLocale
SetThreadPriority
SetUnhandledExceptionFilter
lstrcmpA
GetProfileIntW
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
GlobalGetAtomNameW
GlobalReAlloc
lstrcmpW
GlobalFlags
lstrcmpiA
TlsAlloc
GlobalHandle
TlsFree
TlsSetValue
LocalReAlloc
TlsGetValue
GetProcessVersion
SetErrorMode
GetStartupInfoW
GetVersionExA
RtlUnwind
RaiseException
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
HeapReAlloc
SetEnvironmentVariableW
HeapSize
ExitProcess
ExitThread
SetStdHandle
GetFileType
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetStartupInfoA
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
CompareStringA
CompareStringW
GetTimeZoneInformation
GetCurrentDirectoryA
LCMapStringA
LCMapStringW
GetSystemInfo
GetACP
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadCodePtr
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
GetProcessHeap
GetDriveTypeA
GetLocaleInfoW
SetEnvironmentVariableA
GetCommandLineW
WriteFile
CreateMutexW
ReleaseMutex
CreateFileMappingA
GetPrivateProfileSectionW
CreateProcessW
SetCurrentDirectoryW
LocalAlloc
GlobalMemoryStatus
ExpandEnvironmentStringsW
CreateThread
SetProcessWorkingSetSize
GetTimeFormatW
GetDateFormatW
lstrcpynW
GlobalFree
GlobalAddAtomW
Sleep
SetLastError
GlobalFindAtomW
GlobalDeleteAtom
RemoveDirectoryW
GetCurrentProcessId
GetVersion
GetVersionExW
GetPrivateProfileSectionNamesW
MulDiv
lstrcmpiW
OpenProcess
GetCurrentThread
VirtualQuery
GetModuleFileNameW
GlobalSize
GetExitCodeThread
GlobalAlloc
GetPrivateProfileIntW
SetEvent
WaitForMultipleObjects
ReleaseSemaphore
CreateSemaphoreW
CreateEventW
WaitForSingleObject
WritePrivateProfileSectionW
WritePrivateProfileStringW
FindFirstFileW
FindNextFileW
FindClose
GetWindowsDirectoryW
lstrcpyW
LoadLibraryW
LoadLibraryExW
FreeLibrary
WideCharToMultiByte
MoveFileW
SetVolumeLabelW
GetDriveTypeW
SetFileAttributesW
GetCurrentDirectoryW
CreateFileW
GetFileSize
GetDiskFreeSpaceW
GetLastError
UnmapViewOfFile
CreateFileMappingW
MapViewOfFile
CloseHandle
GetPrivateProfileStringW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
CreateDirectoryW
GetTempPathW
InterlockedDecrement
GlobalLock
GlobalUnlock
FindResourceW
SizeofResource
LoadResource
LockResource
FreeResource
GetTempFileNameW
MultiByteToWideChar
VirtualProtect
QueryPerformanceCounter
QueryPerformanceFrequency
ResumeThread
FormatMessageW
LocalFree
lstrlenA
GetFileAttributesW
DeleteFileW
lstrlenW
GetCurrentProcess
FlushInstructionCache
GetCurrentThreadId
GetModuleHandleW
GetProcAddress
CopyFileW
InterlockedExchange
GetProfileStringA
GlobalAddAtomA
FindResourceA
SuspendThread

user32

SetMenu
GetLastActivePopup
CharNextW
MoveWindow
keybd_event
MapVirtualKeyW
CreateDialogIndirectParamW
SetActiveWindow
EndDialog
GetWindowPlacement
GetMessageTime
GetWindowTextW
GetWindowTextLengthW
RegisterClassW
WinHelpW
GetScrollPos
GetScrollRange
GetScrollInfo
DeferWindowPos
AdjustWindowRectEx
SendDlgItemMessageA
SendDlgItemMessageW
CheckDlgButton
GetDlgItemInt
SetDlgItemInt
SetDlgItemTextW
IsDlgButtonChecked
IsDialogMessageW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
wvsprintfW
CharUpperW
ValidateRect
GetMessageW
LoadStringW
BringWindowToTop
DefFrameProcW
TranslateMDISysAccel
TranslateAcceleratorW
DrawMenuBar
DefMDIChildProcW
LoadAcceleratorsW
MapDialogRect
InvertRect
PostQuitMessage
ShowOwnedPopups
UnregisterClassW
SetWindowContextHelpId
GetNextDlgGroupItem
PostThreadMessageW
SetPropW
GetPropW
RemovePropW
IsMenu
GetMenu
GetSystemMenu
GetDlgItem
WaitForInputIdle
EnumWindows
GetWindowThreadProcessId
FindWindowExW
InsertMenuW
ShowWindow
IsZoomed
GetMenuState
ModifyMenuW
CallWindowProcW
SetWindowLongW
SetFocus
GetTopWindow
SetWindowPos
GetAsyncKeyState
CopyAcceleratorTableW
GetWindowDC
MessageBeep
DrawEdge
DeleteMenu
SetMenuItemInfoW
GetMenuItemID
FindWindowW
MessageBoxA
GetFocus
GetClassInfoW
DefWindowProcW
GetMenuItemInfoW
EmptyClipboard
SetClipboardData
OpenClipboard
GetClipboardData
CloseClipboard
DestroyWindow
CreateWindowExW
GetNextDlgTabItem
GetActiveWindow
FrameRect
CreateIconIndirect
TrackPopupMenuEx
DestroyCursor
DestroyMenu
GetWindowLongW
DrawFocusRect
SetParent
LoadBitmapW
ChildWindowFromPoint
UpdateWindow
WindowFromPoint
UnregisterHotKey
RegisterHotKey
CheckMenuItem
DrawStateW
IntersectRect
LookupIconIdFromDirectoryEx
CreateIconFromResourceEx
MapWindowPoints
GrayStringW
TabbedTextOutW
FillRect
GetDesktopWindow
CharToOemBuffA
OemToCharBuffA
GetWindow
GetClassNameW
LoadIconW
GetUpdateRect
EndPaint
BeginPaint
DrawIcon
GetMessagePos
GetParent
GetSystemMetrics
RemoveMenu
EnableMenuItem
LoadMenuW
GetSubMenu
SetCursor
ScreenToClient
GetKeyState
RegisterClipboardFormatW
RegisterWindowMessageW
GetMenuItemCount
AppendMenuW
CreatePopupMenu
SetForegroundWindow
DdeGetLastError
MessageBoxW
DdeQueryStringW
DdeCreateDataHandle
DdePostAdvise
DdeGetData
DdeFreeDataHandle
DdeClientTransaction
DdeDisconnect
DdeCreateStringHandleW
DdeNameService
DdeFreeStringHandle
DdeUninitialize
DdeInitializeW
IsWindowVisible
PeekMessageW
TranslateMessage
DispatchMessageW
SetWindowTextW
wsprintfW
SetCapture
GetCapture
SetTimer
RedrawWindow
InvalidateRect
GetClientRect
GetWindowRect
SetWindowRgn
PostMessageW
DrawFrameControl
CopyRect
OffsetRect
PtInRect
IsRectEmpty
CallNextHookEx
InflateRect
EqualRect
SetRectEmpty
UnhookWindowsHookEx
GetDlgCtrlID
UnpackDDElParam
ReuseDDElParam
SetMenuDefaultItem
IsIconic
IsWindowEnabled
LockWindowUpdate
MsgWaitForMultipleObjects
GetForegroundWindow
GetCursor
GetDCEx
GetClassLongW
BeginDeferWindowPos
EndDeferWindowPos
TrackPopupMenu
IsChild
SetWindowsHookExW
ReleaseCapture
LoadCursorW
GetSysColorBrush
RegisterClassExW
ClientToScreen
GetCursorPos
DestroyIcon
GetDC
ReleaseDC
DrawIconEx
GetIconInfo
GetSysColor
SystemParametersInfoW
LoadImageW
IsWindow
KillTimer
EnableWindow
SendMessageW
GetPropA
SetPropA
SetWindowLongA
GetClassNameA
IsWindowUnicode
SendMessageA
GetWindowLongA
SetWindowsHookExA
RemovePropA
CallWindowProcA
CharNextA
DefWindowProcA
DefDlgProcA
GetClassInfoA
DrawTextA
GetWindowTextA
ExcludeUpdateRgn
ShowCaret
HideCaret
GetWindowTextLengthA
UnionRect
MessageBoxExW
GetMenuStringW
SetRect
DrawTextW

gdi32

Escape
SetPixel
GetTextColor
FillRgn
GetDIBits
EnumFontsW
LineTo
MoveToEx
SaveDC
RestoreDC
SetMapMode
SetViewportOrgEx
ExtTextOutW
SetViewportExtEx
ScaleViewportExtEx
CreateFontW
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExcludeClipRect
IntersectClipRect
SetTextAlign
GetViewportExtEx
GetWindowExtEx
SetRectRgn
DPtoLP
StretchDIBits
GetCharWidthW
CopyMetaFileW
LPtoDP
TextOutW
RectVisible
PtVisible
CreateRectRgnIndirect
CreatePen
GetCurrentObject
GetClipBox
SelectObject
BitBlt
GetMapMode
StretchBlt
FrameRgn
CreateCompatibleDC
OffsetRgn
EqualRgn
CombineRgn
CreateRoundRectRgn
CreatePolygonRgn
CreateRectRgn
CreateCompatibleBitmap
CreateFontIndirectW
CreateSolidBrush
ExtTextOutA
GetTextExtentPointA
CreateDIBitmap
GetStockObject
GetObjectW
OffsetViewportOrgEx
DeleteObject
SelectClipRgn
SetBkMode
PlgBlt
CreatePatternBrush
SetPixelV
Rectangle
Ellipse
SetBrushOrgEx
GetBrushOrgEx
GetDeviceCaps
GetTextExtentPoint32W
GetPixel
CreateBitmap
SetBkColor
SetTextColor
DeleteDC
GetTextMetricsW
GetBkColor
PatBlt

comdlg32

ChooseColorW
GetOpenFileNameW
GetSaveFileNameW
GetFileTitleW
ChooseFontW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

SetNamedSecurityInfoA
RegDeleteValueW
RegCreateKeyExW
RegCreateKeyW
RegEnumValueW
RegEnumKeyW
RegEnumKeyExW
RegDeleteKeyW
RegOpenKeyExW
RegOpenKeyW
RegQueryValueExW
RegCloseKey
RegSetValueExW

shell32

DragQueryFileW
SHFileOperationW
ShellExecuteExW
ord4
ord2
SHGetDesktopFolder
ShellExecuteW
DragFinish
SHGetFileInfoW
SHBrowseForFolderW
Shell_NotifyIconW
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListW

oledlg

OleUIBusyW

ole32

CoLoadLibrary
CoTaskMemFree
StringFromCLSID
CoCreateGuid
CoUninitialize
CoInitialize
IsAccelerator
CoGetClassObject
CoTaskMemAlloc
CreateILockBytesOnHGlobal
CoRegisterClassObject
CoRevokeClassObject
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleFlushClipboard
ReleaseStgMedium
OleGetClipboard
CreateBindCtx
CreateStreamOnHGlobal
GetHGlobalFromStream
CLSIDFromProgID
CoCreateInstance
CLSIDFromString
OleIsCurrentClipboard
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
OleDuplicateData
DoDragDrop

olepro32

ord251
ord253

oleaut32

VariantTimeToSystemTime
VariantChangeType
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysStringLen
LoadRegTypeLi
RegisterTypeLi
LoadTypeLi
VariantCopy
VariantInit
SysAllocStringLen
SysAllocString
SysFreeString
VariantClear
GetErrorInfo

urlmon

URLDownloadToFileW
URLDownloadToCacheFileW
CoInternetGetSession
IsAsyncMoniker
CreateURLMoniker
CreateAsyncBindCtx
RegisterBindStatusCallback

winmm

PlaySoundW

Exports

Exports

?interfaceMap@CCustomControlSite@@1UAFX_INTERFACEMAP@@B

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 284KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 648KB - Virtual size: 646KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d4e0199cd0362a1a43534dee9d985404

Headers

File Characteristics

Imports

ws2_32

shlwapi

iphlpapi

wininet

version

comctl32

netapi32

maxzlib

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

oledlg

ole32

olepro32

oleaut32

urlmon

winmm

Exports

Exports

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 284KB - Virtual size: 281KB

.data Size: 88KB - Virtual size: 128KB

.rsrc Size: 648KB - Virtual size: 646KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 284KB - Virtual size: 281KB

.data
Size: 88KB - Virtual size: 128KB

.rsrc
Size: 648KB - Virtual size: 646KB