84dfb5dbe7560cd52f15cfc8894c869c462ce1301eb62b1b7922d6b437dea747

Sharing

Copy URL Twitter E-mail

General

Target

84dfb5dbe7560cd52f15cfc8894c869c462ce1301eb62b1b7922d6b437dea747
Size

1.9MB
MD5

9d0cdddcf89b146f83fe60e125130bcb
SHA1

83381c500e00694357bff0aa8c5205655c163e6a
SHA256

84dfb5dbe7560cd52f15cfc8894c869c462ce1301eb62b1b7922d6b437dea747
SHA512

44506e3dd3a94057061e842267873a99391ac9a783fe3995ad8df81d0ba3b790f0ea73a0bf76938cea8a3fab5eea10780ea025251d4e1addfe654544ae7dfbcb
SSDEEP

49152:rX+eRh5o5MKYOI6yP/qk3eTxaQDMFYg9YZ5:NKYVP/qk3UaQDMFYg9YZ5

Score

N/A

Malware Config

Signatures

Files

84dfb5dbe7560cd52f15cfc8894c869c462ce1301eb62b1b7922d6b437dea747
.exe windows x86

2f62f8036e0efa66382a326192aebc4d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
GetCurrentProcessId
SetConsoleCtrlHandler
GetStringTypeA
GetStringTypeW
Sleep
FreeEnvironmentStringsW
IsBadCodePtr
SetHandleCount
CompareStringA
CompareStringW
SetEnvironmentVariableA
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetLocaleInfoW
FreeEnvironmentStringsA
UnhandledExceptionFilter
LCMapStringW
LCMapStringA
GetProfileStringA
GetEnvironmentStringsW
SetStdHandle
GetEnvironmentStrings
FatalAppExitA
HeapSize
GetACP
GetTimeZoneInformation
ExitThread
CreateThread
TerminateProcess
HeapReAlloc
HeapFree
RaiseException
ExitProcess
GetCommandLineA
GetStartupInfoA
RtlUnwind
GetTickCount
GetTempFileNameA
WinExec
SetErrorMode
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileTime
GetFileSize
GetOEMCP
GetCPInfo
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GlobalReAlloc
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
GetVolumeInformationA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GetProcessVersion
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrlenW
MulDiv
lstrcpynA
FindNextFileA
GetLastError
SetLastError
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GetModuleHandleA
FormatMessageA
FindResourceA
InterlockedIncrement
CreateEventA
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
CloseHandle
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
SizeofResource
LoadResource
LockResource
GetComputerNameA
GetLocalTime
GlobalFlags
GetSystemTime
GlobalSize
GetVersionExA
GetProcessHeap
HeapAlloc
GetWindowsDirectoryA
GetTempPathA
GetLongPathNameA
LoadLibraryA
GetProcAddress
FreeLibrary
GetSystemDirectoryA
SetFileAttributesA
RemoveDirectoryA
GetDiskFreeSpaceA
GetDriveTypeA
GetModuleFileNameA
GlobalAlloc
GlobalUnlock
GlobalFree
GetCurrentThreadId
CopyFileA
LocalFree
InterlockedDecrement
lstrlenA
FindFirstFileA
FindClose
MultiByteToWideChar
lstrcpyA
WideCharToMultiByte
GlobalLock
GetCurrentDirectoryA
CreateDirectoryA
WaitForSingleObject
GetFileAttributesA
GetShortPathNameA
DeleteFileA
SetCurrentDirectoryA
IsBadReadPtr

user32

GetNextDlgGroupItem
CopyAcceleratorTableA
CharNextA
GetDialogBaseUnits
GetMenuStringA
InsertMenuA
GetWindowThreadProcessId
WaitMessage
ReleaseCapture
SetCapture
GetDesktopWindow
IsRectEmpty
CharUpperA
LoadStringA
GetSysColorBrush
LoadCursorA
WindowFromPoint
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
wvsprintfA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SendDlgItemMessageA
MapWindowPoints
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
AppendMenuA
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
WinHelpA
GetClassInfoA
SendMessageA
EnableWindow
ModifyMenuA
DeleteMenu
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode
GetParent
PostThreadMessageA
InvalidateRect
GetCapture
LoadIconA
ChangeClipboardChain
RegisterClassA
GetMenu
SetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
RemoveMenu
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
SetMenu
ReuseDDElParam
UnpackDDElParam
BringWindowToTop
ScrollWindow
RegisterClipboardFormatA
SetWindowLongA
RegisterWindowMessageA
SystemParametersInfoA
GetWindowPlacement
MapDialogRect
SetWindowPos
SetWindowContextHelpId
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
GetFocus
SetClipboardViewer
FindWindowA
GetWindow
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
PtInRect
IsWindowVisible
EnableMenuItem
GetMenuItemID
GetMenuItemCount
GetSubMenu
LoadMenuA
GetWindowRect
OffsetRect
IntersectRect
UpdateWindow
GetKeyState
IsClipboardFormatAvailable
CloseClipboard
EmptyClipboard
OpenClipboard
GetCursorPos
MessageBeep
GetKeyboardLayout
ReleaseDC
GetDC
GetCaretPos
ClientToScreen
ScreenToClient
DestroyMenu
wsprintfA
TrackPopupMenu
CreatePopupMenu
SetRect
DestroyIcon
GetSysColor
DestroyWindow
GetDlgItem
OemToCharA
CharToOemA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
SetMenuItemBitmaps
CheckMenuItem
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
CallNextHookEx
ValidateRect
PeekMessageA
SetWindowsHookExA
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
SetCursor
ShowOwnedPopups
PostQuitMessage
PostMessageA
GetClipboardData
SetClipboardData
InflateRect
FillRect
IsZoomed
GetClassNameA

gdi32

CopyMetaFileA
GetBkColor
GetTextColor
GetTextMetricsA
BitBlt
LPtoDP
SetRectRgn
GetMapMode
Escape
TextOutA
RectVisible
PtVisible
CreateDIBPatternBrushPt
CreatePatternBrush
CreateHatchBrush
ExtCreatePen
GetWindowExtEx
GetViewportExtEx
PlayMetaFile
EnumMetaFile
GetObjectType
PlayMetaFileRecord
ExtSelectClipRgn
SelectClipPath
GetClipRgn
PolyBezierTo
SetColorAdjustment
CreatePalette
PolyDraw
SetArcDirection
ArcTo
GetCurrentPositionEx
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
LineTo
MoveToEx
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateRectRgnIndirect
SetTextColor
GetClipBox
GetDCOrgEx
CreateBitmap
SetEnhMetaFileBits
GetEnhMetaFileHeader
SetWinMetaFileBits
DeleteEnhMetaFile
SelectObject
SetBkColor
GetEnhMetaFilePaletteEntries
CreateFontIndirectA
GetStockObject
GetObjectA
GetTextExtentPoint32A
PatBlt
GetDeviceCaps
Rectangle
CreatePen
ExtTextOutA
AbortDoc
EndDoc
EndPage
StartPage
DPtoLP
StartDocA
SetAbortProc
CreateDCA
EnumFontFamiliesA
CreateSolidBrush
StretchBlt
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
DeleteObject
CombineRgn
CreateRectRgn
GetDIBits
PlayEnhMetaFile
GetTextExtentPointA
CreateDIBitmap
RealizePalette
SelectPalette
PolylineTo

comdlg32

GetSaveFileNameA
CommDlgExtendedError
GetFileTitleA
ChooseFontA
GetOpenFileNameA
PrintDlgA
PageSetupDlgA
ChooseColorA

winspool.drv

DocumentPropertiesA
ClosePrinter
EnumPrintersA
OpenPrinterA
DeleteFormA
DeviceCapabilitiesA
AddFormA

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegEnumKeyExA
RegEnumValueA
RegDeleteKeyA
RegDeleteValueA
GetUserNameA
RegOpenKeyA
RegSetValueA
RegCreateKeyA
RegEnumKeyA
RegQueryValueA
GetFileSecurityA
SetFileSecurityA
RegOpenKeyExA

shell32

DragQueryFileA
DragFinish
DragAcceptFiles
SHGetFileInfoA
SHGetPathFromIDListA
SHGetMalloc
SHGetDesktopFolder
ShellExecuteExA
ExtractIconA

comctl32

ord17
ord13
ord14
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA
ImageList_Merge
ImageList_Read
ImageList_Write
ImageList_ReplaceIcon

oledlg

ord8

ole32

WriteFmtUserTypeStg
SetConvertStg
CreateBindCtx
OleDuplicateData
CoDisconnectObject
CoTaskMemAlloc
CoTaskMemFree
WriteClassStg
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoUninitialize
CoInitialize
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CreateStreamOnHGlobal
CoCreateInstance
OleRegGetUserType
ReadFmtUserTypeStg
ReadClassStg
StringFromCLSID
CoTreatAsClass
ReleaseStgMedium
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRegisterClassObject
CoRevokeClassObject
OleSetClipboard
OleFlushClipboard
OleIsCurrentClipboard
CreateILockBytesOnHGlobal
OleRun

olepro32

ord251
ord253

oleaut32

VariantTimeToSystemTime
SysStringLen
SafeArrayDestroyDescriptor
LoadTypeLi
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCopy
VarBstrFromDate
VarDateFromStr
VarBstrFromCy
VarCyFromStr
SafeArrayRedim
SafeArrayGetDim
CreateErrorInfo
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SysAllocString
SysAllocStringLen
SafeArrayCreate
SafeArrayPutElement
SafeArrayAccessData
SafeArrayUnaccessData
SysStringByteLen
SysAllocStringByteLen
VariantChangeType
VariantCopy
VariantInit
SysFreeString
SysReAllocStringLen
GetErrorInfo
SetErrorInfo
VariantClear

urlmon

URLDownloadToFileA

odbc32

ord2
ord72
ord4
ord48
ord49
ord20
ord17
ord59
ord8
ord44
ord19
ord46
ord12
ord68
ord43
ord41
ord1
ord23
ord50
ord51
ord15
ord9
ord14
ord3
ord11
ord18
ord13
ord61
ord16
ord5
ord10
ord45

wininet

InternetGetConnectedState

imm32

ImmIsIME
ImmSimulateHotKey

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 276KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 308KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2f62f8036e0efa66382a326192aebc4d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

urlmon

odbc32

wininet

imm32

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 276KB - Virtual size: 274KB

.data Size: 76KB - Virtual size: 117KB

.rsrc Size: 308KB - Virtual size: 304KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 276KB - Virtual size: 274KB

.data
Size: 76KB - Virtual size: 117KB

.rsrc
Size: 308KB - Virtual size: 304KB