e78d324b8e6c9cd0d60a4cecf3820fac0091f71d8005351c659809c48275a28e

Sharing

Copy URL Twitter E-mail

General

Target

e78d324b8e6c9cd0d60a4cecf3820fac0091f71d8005351c659809c48275a28e
Size

294KB
MD5

42da52d6236cf4428f0a5fa6f8de2303
SHA1

2d57a4e40a4460d0bbb9e9a66d14d84f40c850d7
SHA256

e78d324b8e6c9cd0d60a4cecf3820fac0091f71d8005351c659809c48275a28e
SHA512

b938f371b131009cf986208da40f0a34faa46e65b7f90acc286f4efea0888267bfa1c9a3525262c4b2285172ddc8a41f99b77ed9b10ff446cddb7209a5f13c91
SSDEEP

6144:2jrKpwYxGDWVHHSaMK5j+9cs9XrrHPbXjlbC:2PzDUHY/BrrHP

Score

N/A

Malware Config

Signatures

Files

e78d324b8e6c9cd0d60a4cecf3820fac0091f71d8005351c659809c48275a28e
.exe windows x86

c2f3849842aa9892cd18a21cb59993e9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteW
ShellExecuteExW
SHGetSpecialFolderPathW
SHGetInstanceExplorer
SHGetFolderPathW
SHGetFileInfoW
SHGetDesktopFolder
SHBindToParent
SHAddToRecentDocs

user32

AnimateWindow
AppendMenuW
BeginDeferWindowPos
BeginPaint
CallNextHookEx
CallWindowProcW
CharNextW
ChildWindowFromPointEx
ClientToScreen
CreatePopupMenu
CreateWindowExW
DefWindowProcW
GetMenuItemCount
DeferWindowPos
DeleteMenu
DestroyMenu
GetMenuItemID
GetMenuItemInfoW
GetMessagePos
GetMessageW
DestroyWindow
DispatchMessageW
EnableMenuItem
EnableWindow
EndDeferWindowPos
EndMenu
GetMonitorInfoW
EndPaint
EnumChildWindows
EnumDisplayDevicesW
EnumDisplayMonitors
EnumDisplaySettingsW
FillRect
FindWindowW
GetActiveWindow
GetAncestor
GetCapture
GetClassInfoExW
GetClassLongW
GetClientRect
GetCursor
GetCursorPos
GetDC
GetDesktopWindow
GetDlgCtrlID
GetFocus
GetForegroundWindow
WindowFromPoint
WindowFromDC
UpdateWindow
UnregisterClassA
UnhookWindowsHookEx
TranslateMessage
TranslateAcceleratorW
TrackPopupMenuEx
TrackMouseEvent
SystemParametersInfoW
ShowWindow
ShowCursor
SetWindowsHookExW
SetWindowTextW
SetWindowPos
SetWindowPlacement
SetWindowLongW
SetTimer
SetRectEmpty
SetRect
SetMenuItemInfoW
SetMenuInfo
SetMenuDefaultItem
SetMenu
SetForegroundWindow
SetFocus
SetCursor
SetCapture
SendMessageW
ScreenToClient
RemoveMenu
ReleaseDC
ReleaseCapture
RegisterClipboardFormatW
RegisterClassExW
PtInRect
PostThreadMessageW
PostQuitMessage
PostMessageW
PeekMessageW
OffsetRect
NotifyWinEvent
MsgWaitForMultipleObjects
MoveWindow
MonitorFromRect
MonitorFromPoint
MessageBoxW
MessageBeep
MapWindowPoints
LoadStringW
LoadStringA
LoadMenuW
LoadImageW
LoadIconW
LoadCursorW
LoadAcceleratorsW
KillTimer
IsZoomed
IsWindowVisible
IsWindowEnabled
IsWindow
IsRectEmpty
IsIconic
IsDialogMessageW
IsChild
InvalidateRect
IntersectRect
InsertMenuW
InsertMenuItemW
InflateRect
GetWindowTextW
GetWindowTextLengthW
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindow
GetSystemMetrics
GetSysColorBrush
GetSysColor
GetSubMenu
GetProcessDefaultLayout
AdjustWindowRectEx
GetParent
GetNextDlgTabItem
GetNextDlgGroupItem
GetKeyState

oleacc

LresultFromObject
CreateStdAccessibleProxyW
AccessibleObjectFromWindow

advapi32

UnregisterTraceGuids
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
OpenSCManagerW
OpenServiceW
QueryServiceConfigW
RegCloseKey
RegCreateKeyExW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegSetValueExW
RegisterTraceGuidsW
TraceEvent
CloseServiceHandle

ole32

StringFromGUID2
ReleaseStgMedium
PropVariantClear
OleUninitialize
OleSetClipboard
OleInitialize
OleGetClipboard
OleFlushClipboard
CoUninitialize
CoTaskMemRealloc
CoTaskMemFree
CoRevokeClassObject
CoRegisterClassObject
CoMarshalInterThreadInterfaceInStream
CoLockObjectExternal
CoInitializeEx
CoInitialize
CoGetInterfaceAndReleaseStream
CoCreateInstance
CoAllowSetForegroundWindow
CLSIDFromString
CoTaskMemAlloc

shlwapi

StrStrIW
StrChrW
SHStrDupW
ord16
PathRenameExtensionW
PathRemoveFileSpecW
PathRemoveExtensionW
PathMatchSpecW
PathIsRootW
PathIsRelativeW
PathIsNetworkPathW
PathIsDirectoryW
PathFindFileNameW
PathFindExtensionW
PathFileExistsW
PathAddBackslashW
PathAppendW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

odbc32

ord13

kernel32

InterlockedDecrement
GetCurrentThreadId
CloseHandle
CompareStringW
CopyFileW
CreateDirectoryW
CreateEventW
CreateFileMappingW
CreateFileW
CreateMutexW
CreateSemaphoreW
CreateThread
DeleteCriticalSection
DeleteFileW
DisableThreadLibraryCalls
EnterCriticalSection
EnumUILanguagesW
FindResourceExW
FindResourceW
FlushInstructionCache
FormatMessageW
FreeLibrary
FreeLibraryAndExitThread
lstrlenW
lstrcmpiW
WideCharToMultiByte
WaitForSingleObject
WaitForMultipleObjects
VirtualFree
VirtualAlloc
UnhandledExceptionFilter
TerminateProcess
SystemTimeToFileTime
Sleep
SizeofResource
SetUnhandledExceptionFilter
SetThreadPriority
SetThreadExecutionState
SetLastError
SetEvent
ReleaseSemaphore
ReleaseMutex
RaiseException
QueryPerformanceCounter
PulseEvent
OutputDebugStringA
MultiByteToWideChar
MulDiv
MoveFileExW
LockResource
LocalFree
LocalAlloc
LoadResource
LoadLibraryW
LoadLibraryExW
LoadLibraryA
LeaveCriticalSection
IsProcessorFeaturePresent
InterlockedIncrement
InterlockedExchange
GetCurrentProcessId
InterlockedCompareExchange
InitializeCriticalSection
HeapFree
HeapAlloc
GlobalUnlock
GlobalMemoryStatusEx
GlobalLock
GlobalFree
GlobalAlloc
GetVersionExW
GetVersionExA
GetVersion
GetUserDefaultUILanguage
GetTickCount
GetTempPathW
GetTempFileNameW
GetSystemTimeAsFileTime
GetSystemTime
GetSystemDirectoryW
GetProcessHeap
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetLocaleInfoW
GetLocalTime
GetLastError
GetFullPathNameW
GetFileAttributesW
GetFileAttributesExW
GetCurrentProcess
GetExitCodeThread

oleaut32

LoadRegTypeLi
LoadTypeLi
SysAllocString
SysAllocStringByteLen
SysAllocStringLen
SysFreeString
SysStringByteLen
SysStringLen
VarUI4FromStr
VariantClear
VariantCopy
VariantInit

gdi32

ModifyWorldTransform
OffsetRgn
PatBlt
RealizePalette
SelectObject
SelectPalette
GetWorldTransform
SetDIBitsToDevice
SetGraphicsMode
SetLayout
SetWorldTransform
GetStockObject
ExtTextOutW
GetRegionData
GetObjectW
GetObjectA
GetLayout
GetDeviceCaps
GetDIBits
GetClipRgn
BitBlt
CombineTransform
CreateCompatibleDC
CreateDIBSection
CreateRectRgn
CreateRectRgnIndirect
CreateSolidBrush
DeleteDC
DeleteObject
ExtCreateRegion
SetBkColor

ntdll

RtlInitUnicodeString

Sections

.text
Size: 92KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c2f3849842aa9892cd18a21cb59993e9

Headers

File Characteristics

Imports

shell32

user32

oleacc

advapi32

ole32

shlwapi

version

odbc32

kernel32

oleaut32

gdi32

ntdll

Sections

.text Size: 92KB - Virtual size: 96KB

.rdata Size: 156KB - Virtual size: 156KB

.data Size: 14KB - Virtual size: 16KB

.idata Size: 9KB - Virtual size: 11KB

.rsrc Size: 21KB - Virtual size: 23KB

.text
Size: 92KB - Virtual size: 96KB

.rdata
Size: 156KB - Virtual size: 156KB

.data
Size: 14KB - Virtual size: 16KB

.idata
Size: 9KB - Virtual size: 11KB

.rsrc
Size: 21KB - Virtual size: 23KB