61b02dcd8c88cf4b847bc7e5db737a3148068d9abfd73c6908a7c3973de5db71

Sharing

Copy URL Twitter E-mail

General

Target

61b02dcd8c88cf4b847bc7e5db737a3148068d9abfd73c6908a7c3973de5db71
Size

921KB
MD5

1d3f302f383d579a989dea6a67283650
SHA1

37bca8d62894b68b9aac9ec828a181a57bab9bfe
SHA256

61b02dcd8c88cf4b847bc7e5db737a3148068d9abfd73c6908a7c3973de5db71
SHA512

eb7fe8dd7bf46a5837c88e63f80ff1c81d6e6cf125e884fde30ec3f02d7915a6a96d1da2e5c4c802a66b24fc38e5468de429704693fe36d86658e15105652838
SSDEEP

12288:icUDCa2exLrv2RGjIYa1I9WxEyPfOV0zs4lUaUB7F8ZXh8RwnSsPd8:icUDPUGjta1ISHfOV0zs4lm6XCaSoO

Score

N/A

Malware Config

Signatures

Files

61b02dcd8c88cf4b847bc7e5db737a3148068d9abfd73c6908a7c3973de5db71
.exe windows x86

cc95f0b07c6d7942af760d1014647a21

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

wininet

InternetOpenW
InternetOpenUrlW
InternetReadFile
InternetCloseHandle

kernel32

GetLocaleInfoW
lstrcmpA
ConvertDefaultLocale
GetCurrentThread
FlushFileBuffers
lstrlenA
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
InterlockedIncrement
GlobalFlags
WritePrivateProfileStringW
SetErrorMode
GetStartupInfoW
HeapFree
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitThread
HeapAlloc
HeapReAlloc
RtlUnwind
RaiseException
HeapSize
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
VirtualAlloc
LCMapStringW
LCMapStringA
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
InterlockedExchange
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
InterlockedDecrement
GetModuleHandleA
FormatMessageW
LocalFree
EnumResourceLanguagesW
GetCurrentThreadId
RemoveDirectoryW
EnterCriticalSection
MoveFileW
SetLastError
GetTempPathW
lstrlenW
LeaveCriticalSection
InitializeCriticalSection
GetCurrentProcess
LoadLibraryW
ExpandEnvironmentStringsW
GetProcAddress
GetCurrentProcessId
ReleaseMutex
OpenMutexW
CreateMutexW
GetFileInformationByHandle
GetLocalTime
FileTimeToSystemTime
GetTickCount
LocalFileTimeToFileTime
GetCurrentDirectoryW
SetFileTime
SystemTimeToFileTime
SetFilePointer
GetWindowsDirectoryW
GetLongPathNameW
GetSystemTime
ReadFile
UnmapViewOfFile
MapViewOfFile
EnumResourceNamesW
FindNextFileW
GetSystemTimeAsFileTime
FindFirstFileExW
CompareFileTime
GetDriveTypeW
WriteFile
FreeResource
ResumeThread
CreateEventW
ResetEvent
GlobalFree
GlobalUnlock
MulDiv
GlobalAlloc
SetEvent
GlobalLock
FindClose
GetExitCodeProcess
GetSystemDirectoryW
FindFirstFileW
CreateThread
SetFileAttributesW
DeleteFileW
CloseHandle
OpenFileMappingW
UpdateResourceW
CreateFileMappingW
BeginUpdateResourceW
GetLastError
CreateFileW
GetFileAttributesW
CopyFileW
Sleep
GetModuleHandleW
WaitForSingleObject
CreateDirectoryW
EndUpdateResourceW
LoadLibraryExW
CreateProcessW
FreeLibrary
GetFileSize
LockResource
MultiByteToWideChar
GetModuleFileNameW
GetVersionExW
SizeofResource
WideCharToMultiByte
OutputDebugStringW
LoadResource
FindResourceW
GetCommandLineW
ExitProcess
TerminateProcess

user32

LoadCursorW
GetSysColorBrush
GetMessageW
GetCursorPos
ValidateRect
GetWindowThreadProcessId
SetCursor
PostQuitMessage
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetLastActivePopup
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
GetKeyState
SetMenu
IsWindowVisible
UpdateWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
PtInRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowLongW
SystemParametersInfoA
GetWindowPlacement
UnhookWindowsHookEx
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
EndPaint
BeginPaint
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetWindowTextW
GetWindow
GetWindowLongW
SetFocus
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
PostMessageW
UnregisterClassW
DestroyMenu
SetForegroundWindow
IsWindow
GetDesktopWindow
wsprintfW
FillRect
GetDC
SetRect
InvalidateRect
ReleaseDC
GetSysColor
CopyRect
ExitWindowsEx
WaitMessage
TranslateMessage
PeekMessageW
DispatchMessageW
GetWindowRect
IsIconic
DrawIcon
GetClientRect
LoadIconW
SystemParametersInfoW
SetWindowPos
GetSystemMetrics
SendMessageW
EnableWindow
MessageBoxW
DestroyWindow
AdjustWindowRectEx

gdi32

GetStockObject
SetWindowExtEx
ScaleWindowExtEx
GetObjectW
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
BitBlt
DeleteDC
GetDeviceCaps
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
CreateSolidBrush
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
CreateBitmap

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

AdjustTokenPrivileges
RegCreateKeyExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
LookupPrivilegeValueW
RegDeleteKeyW
RegCreateKeyW
OpenProcessToken
RegCloseKey
RegEnumKeyExW
RegEnumValueW
RegQueryInfoKeyW

shell32

ShellExecuteExW
CommandLineToArgvW
ShellExecuteW

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameW
PathFindExtensionW

ole32

CoInitialize
CoCreateInstance
CreateStreamOnHGlobal
CoTaskMemFree
CoCreateGuid
StringFromCLSID

oleaut32

OleLoadPicture
VariantClear
VariantChangeType
VariantInit

msi

ord217
ord173

Sections

.text
Size: 387KB - Virtual size: 386KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 404KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cc95f0b07c6d7942af760d1014647a21

Headers

DLL Characteristics

File Characteristics

Imports

version

wininet

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

msi

Sections

.text Size: 387KB - Virtual size: 386KB

.rdata Size: 119KB - Virtual size: 118KB

.data Size: 9KB - Virtual size: 26KB

.rsrc Size: 404KB - Virtual size: 404KB

.text
Size: 387KB - Virtual size: 386KB

.rdata
Size: 119KB - Virtual size: 118KB

.data
Size: 9KB - Virtual size: 26KB

.rsrc
Size: 404KB - Virtual size: 404KB