c6731711c879707e14d92b8adca5045a133e662a3841da1683a61dc65a9dc4e5

Sharing

Copy URL Twitter E-mail

General

Target

c6731711c879707e14d92b8adca5045a133e662a3841da1683a61dc65a9dc4e5
Size

501KB
MD5

9ab3712f76e483b3a7ff6496efa673fc
SHA1

516261fdd2fb79064fdc9cb422000846a6d56ac3
SHA256

c6731711c879707e14d92b8adca5045a133e662a3841da1683a61dc65a9dc4e5
SHA512

dc4ebbc007c5f8abaf69d8728474e2d90f5e992f4ef4dc72f3fd0d83f595dea1fde81a37cd66503df60e8c02aa64b35d98ead235ebe6341594e70464b7759895
SSDEEP

6144:KEaKYcNQulJVMHylZ3DBtA1GYuYokYfYf5qRVxS:UKRNQSmHyDBtAQYuYxYfYf6

Score

N/A

Malware Config

Signatures

Files

c6731711c879707e14d92b8adca5045a133e662a3841da1683a61dc65a9dc4e5
.exe windows x86

ac893d72ba844a112f24a3c3cda55b56

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyA
RegOpenKeyExA
RegQueryInfoKeyA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegCloseKey

comctl32

InitCommonControls
ImageList_Destroy

gdi32

SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
DeleteObject
ScaleViewportExtEx
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
PatBlt
LPtoDP
DPtoLP
GetTextColor
GetBkColor
GetMapMode
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetTextExtentPointA
BitBlt
CreateCompatibleDC
CreateDIBitmap
GetDeviceCaps

kernel32

GetCurrentProcess
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
GetFileAttributesA
GetFileTime
GetCPInfo
GetOEMCP
FormatMessageA
FileTimeToSystemTime
FileTimeToLocalFileTime
SetErrorMode
RtlUnwind
GetStartupInfoA
GetCommandLineA
TerminateProcess
RaiseException
HeapReAlloc
HeapSize
GetACP
GetTimeZoneInformation
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
DuplicateHandle
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetProfileStringA
ExitProcess
GetLastError
CreateMutexA
LockResource
LoadResource
FindResourceA
GetProcAddress
GetModuleHandleA
GetTickCount
lstrcpyA
lstrcpynA
FreeLibrary
LoadLibraryA
lstrcatA
GlobalFree
GlobalAlloc
GetModuleFileNameA
GetThreadLocale
SizeofResource
GetProcessVersion
WritePrivateProfileStringA
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
lstrlenW
MulDiv
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalLock
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
ReleaseMutex
CloseHandle
OpenProcess
lstrcmpiA
SetLastError
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GlobalDeleteAtom
lstrcmpA
lstrlenA
SetFilePointer
RtlZeroMemory
Sleep
ReadFile
HeapFree
HeapAlloc
GlobalUnlock
GetWindowsDirectoryA
GetVersion
GetThreadContext
GetSystemTime
GetSystemDirectoryA
GetProcessHeap
GetCurrentThreadId
GetCurrentThread
CreateThread
CreateToolhelp32Snapshot
Module32First
Module32Next
GetFileSize
CreateFileA
WriteFile
DeleteFileA
WriteProcessMemory
ReadProcessMemory
GetExitCodeProcess
GetVersionExA

oleaut32

VariantChangeType
SysAllocStringByteLen
SysAllocString
VariantCopy
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SysStringLen
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
VariantTimeToSystemTime
VariantClear
SysAllocStringLen
SysFreeString

olepro32

OleCreateFontIndirect

user32

LoadCursorA
GetDesktopWindow
PtInRect
GetSysColorBrush
LoadStringA
CharNextA
CopyAcceleratorTableA
SetRect
GetNextDlgGroupItem
MessageBeep
CharUpperA
DestroyMenu
InflateRect
RegisterClipboardFormatA
BeginPaint
GetWindowDC
ClientToScreen
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
UpdateWindow
MapWindowPoints
GetSysColor
AdjustWindowRectEx
ScreenToClient
CopyRect
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetCapture
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
SetWindowContextHelpId
EndDialog
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
MessageBoxA
SetCursor
PostQuitMessage
SetTimer
SetWindowLongA
EnableWindow
SetDlgItemTextA
GetDlgItemTextA
SendDlgItemMessageA
InvalidateRect
GrayStringA
DrawTextA
TabbedTextOutA
WinHelpA
EndPaint
PostThreadMessageA
GetWindowLongA
SetForegroundWindow
SetFocus
mouse_event
GetClassNameA
GetWindowThreadProcessId
WaitForInputIdle
SetWindowPos
SetActiveWindow
IsWindow
GetDC
EnumDisplaySettingsA
ChangeDisplaySettingsA
ReleaseDC
FindWindowExA
PostMessageA
wsprintfA
PeekMessageA
GetWindowRect
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
FindWindowA
SendMessageA
LoadIconA
IsWindowUnicode
DefDlgProcA
DrawFocusRect
ExcludeUpdateRgn
ShowCaret
HideCaret
UnregisterClassA
MapDialogRect

wgshell

DeRegisterShell
RegisterShell

wininet

InternetConnectA
HttpOpenRequestA
HttpQueryInfoA
HttpSendRequestA
InternetCloseHandle
InternetOpenA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

ws2_32

send
recv
closesocket
WSAAsyncSelect
inet_addr
connect
WSASocketA
sendto
inet_ntoa
htons
htonl
socket
setsockopt
WSAStartup
WSACleanup

comdlg32

GetFileTitleA

ole32

CoRegisterMessageFilter
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject

oledlg

OleUIBusyA

Sections

�%��
Size: 284KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 200KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ac893d72ba844a112f24a3c3cda55b56

Headers

File Characteristics

Imports

advapi32

comctl32

gdi32

kernel32

oleaut32

olepro32

user32

wgshell

wininet

winspool.drv

ws2_32

comdlg32

ole32

oledlg

Sections

�%�� Size: 284KB - Virtual size: 284KB

.rsrc Size: 200KB - Virtual size: 200KB

.aspack Size: 15KB - Virtual size: 16KB

.adata Size: - Virtual size: 40KB

�%��
Size: 284KB - Virtual size: 284KB

.rsrc
Size: 200KB - Virtual size: 200KB

.aspack
Size: 15KB - Virtual size: 16KB

.adata
Size: - Virtual size: 40KB