20c2b265c124245e1ffb233477c553904d056c8bfc868938c81174e83be41475

Sharing

Copy URL

Twitter E-mail

General

Target

20c2b265c124245e1ffb233477c553904d056c8bfc868938c81174e83be41475
Size

984KB
MD5

df7640543a07700b7c2ab4fca51a1dce
SHA1

29416b54a9647161208206432859d51387fbe5e7
SHA256

20c2b265c124245e1ffb233477c553904d056c8bfc868938c81174e83be41475
SHA512

787ddd76a70093d9c1033783c9cfaf189b6f3aff8c80f84bcdfe0aea8692de34aca26d481856341eb967e0e3269d905de846a237d71261930992b333450b0c85
SSDEEP

24576:elpHK9MvdNJdXGFmrn9t5CE5fku/I9+htAmKT:azXGArnbvl/I9+h4

Score

N/A

Malware Config

Signatures

Files

20c2b265c124245e1ffb233477c553904d056c8bfc868938c81174e83be41475
.exe windows x86

731329b6d8a02ed90d1522b22fce1fb4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

InsertMenuItemA
CreatePopupMenu
SetRectEmpty
BringWindowToTop
SetMenu
TranslateAcceleratorA
GetDialogBaseUnits
GetNextDlgGroupItem
InvalidateRgn
InvalidateRect
CopyAcceleratorTableA
SetRect
IsRectEmpty
CharNextA
DestroyIcon
GetSysColorBrush
DeleteMenu
WaitMessage
ReleaseCapture
WindowFromPoint
SetCapture
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
ScrollWindowEx
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
RegisterWindowMessageA
WinHelpA
GetCapture
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
SetFocus
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
GetMenu
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetClassInfoA
UnregisterClassA
SetWindowPlacement
GetDlgCtrlID
LoadAcceleratorsA
SetWindowLongA
OffsetRect
IntersectRect
GetWindowPlacement
GetWindowRect
PtInRect
GetSysColor
SystemParametersInfoA
DestroyMenu
GetMenuItemInfoA
InflateRect
CopyRect
UnhookWindowsHookEx
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
IsWindow
GetNextDlgTabItem
EndDialog
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
GetDlgItem
wsprintfA
SetMenuItemBitmaps
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
GetCursorPos
ValidateRect
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
ShowOwnedPopups
GetMenuState
GetMenuStringA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
PostQuitMessage
LoadCursorA
SetCursor
PeekMessageA
DdePostAdvise
DdeConnect
DdeNameService
DdeCreateStringHandleA
DdeClientTransaction
DdeDisconnect
DdeInitializeA
DdeGetLastError
DdeCreateDataHandle
DdeGetData
DdeFreeDataHandle
DdeUninitialize
DdeQueryStringA
DdeFreeStringHandle
EnumWindows
PostMessageA
RegisterClassA
ExitWindowsEx
MessageBeep
GetWindowThreadProcessId
CreateWindowExA
MsgWaitForMultipleObjects
PostThreadMessageA
MessageBoxA
WaitForInputIdle
DestroyWindow
DefWindowProcA
ReuseDDElParam
UnpackDDElParam
LoadMenuA
RegisterClipboardFormatA
GetKeyNameTextA
MapVirtualKeyA
UnionRect
SetTimer
KillTimer
IsClipboardFormatAvailable
GetTabbedTextExtentA
GetDCEx
LockWindowUpdate
CallWindowProcA
SetParent
GetSystemMetrics
EnableWindow
LoadIconA
GetClientRect
IsIconic
GetSystemMenu
SendMessageA
AppendMenuA
DrawIcon
CharUpperW
CharUpperA
CharLowerW
GetClassLongA
CharLowerA

kernel32

SetEvent
CreateEventA
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
FreeResource
lstrcmpW
lstrcatA
CompareStringA
CreateProcessA
WaitForSingleObject
CloseHandle
lstrlenA
lstrcmpiW
lstrlenW
lstrcmpiA
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
SetLastError
GlobalFree
MulDiv
GlobalAddAtomA
GlobalFindAtomA
GlobalGetAtomNameA
GetCurrentDirectoryA
GlobalFlags
EnumResourceLanguagesA
GlobalSize
ConvertDefaultLocale
lstrcmpA
GlobalDeleteAtom
GlobalAlloc
GlobalLock
GetCurrentThread
lstrcpynA
GlobalUnlock
LocalAlloc
GlobalReAlloc
GlobalHandle
LocalReAlloc
MoveFileA
DeleteFileA
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetVolumeInformationA
LocalLock
GetFullPathNameA
LocalUnlock
GetTickCount
SetFileAttributesA
CompareStringW
GetEnvironmentVariableA
RaiseException
ExpandEnvironmentStringsA
IsBadStringPtrA
IsBadReadPtr
OpenProcess
TerminateProcess
GlobalMemoryStatus
SetEnvironmentVariableA
GetDiskFreeSpaceA
GetComputerNameA
IsValidCodePage
GetCPInfo
GetCurrentProcessId
GetProfileStringA
FindNextFileA
GetWindowsDirectoryA
SetCurrentDirectoryA
CopyFileA
GetFileAttributesA
GetFileType
GetModuleFileNameA
FreeLibrary
GetModuleHandleA
GetTimeZoneInformation
OutputDebugStringA
GetStdHandle
SetThreadLocale
IsValidLocale
GetUserDefaultLCID
ExitProcess
GetExitCodeThread
GetProcessAffinityMask
GetProcAddress
TlsAlloc
TlsSetValue
TlsFree
TlsGetValue
SuspendThread
TerminateThread
SetThreadPriority
InterlockedDecrement
InterlockedIncrement
ReleaseSemaphore
CreateSemaphoreA
ReleaseMutex
CreateMutexA
GetSystemInfo
GetCurrentThreadId
LoadLibraryA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FormatMessageA
LocalFree
GetCurrentProcess
DuplicateHandle
CreateThread
ResumeThread
Sleep
GetExitCodeProcess
SetNamedPipeHandleState
PeekNamedPipe
CreatePipe
WriteFile
ReadFile
GetTempFileNameA
GetFileTime
SetFileTime
FindFirstFileA
FindClose
GetShortPathNameA
GetTempPathA
GetFileSize
SystemTimeToFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateFileA
FindResourceA
LoadResource
LockResource
SizeofResource
GetStringTypeExW
GetStringTypeExA
lstrcpyA
GetEnvironmentVariableW
GetLocaleInfoW
IsBadCodePtr
QueryPerformanceCounter
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
EnumSystemLocalesA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetOEMCP
LCMapStringW
LCMapStringA
SetHandleCount
SetConsoleCtrlHandler
IsBadWritePtr
VirtualFree
HeapCreate
HeapDestroy
FatalAppExitA
HeapSize
GetDriveTypeA
RemoveDirectoryA
CreateDirectoryA
ExitThread
GetSystemTimeAsFileTime
GetDateFormatA
GetTimeFormatA
SetStdHandle
HeapReAlloc
GetCommandLineA
GetStartupInfoA
RtlUnwind
VirtualQuery
VirtualAlloc
VirtualProtect
HeapFree
HeapAlloc
SetErrorMode

comctl32

ImageList_Create
ImageList_Destroy
ord14
ImageList_Write
ImageList_Read
ImageList_LoadImageA
ord13
ImageList_GetImageInfo
ImageList_Draw
ImageList_Merge
ord17

ole32

CoGetClassObject
CoDisconnectObject
CLSIDFromString
CLSIDFromProgID
OleDuplicateData
ReleaseStgMedium
CoTaskMemAlloc
CreateBindCtx
StgOpenStorageOnILockBytes
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
StringFromGUID2
OleRun
OleUninitialize
CoFreeUnusedLibraries
CreateStreamOnHGlobal
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard
CoRevokeClassObject
CoRegisterClassObject
CoTreatAsClass
CoUninitialize
CoCreateInstance
CoInitialize
OleInitialize

shlwapi

PathIsUNCA
PathStripToRootA
PathFindFileNameA
PathFindExtensionA
PathRemoveExtensionA

oledlg

ord8

advapi32

RegCloseKey
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegOpenKeyExA
RegQueryInfoKeyA
RegCreateKeyA
RegEnumValueA
RegEnumKeyA
RegDeleteValueA
GetFileSecurityA
SetFileSecurityA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegSetValueA
RegDeleteKeyA
RegSetValueExA
RegQueryValueExA
GetUserNameA

shell32

SHGetPathFromIDListA
DragQueryFileA
DragFinish
SHGetFileInfoA
ExtractIconA
ShellExecuteExA
SHGetMalloc
SHGetSpecialFolderLocation

gdi32

GetDeviceCaps
CreateDCA
CreateBitmap
GetObjectA
CreateFontIndirectA
CreateCompatibleDC
BitBlt
ExtTextOutA
GetTextExtentPoint32A
GetDCOrgEx
GetClipBox
SetTextColor
SetBkColor
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
LineTo
MoveToEx
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
SetArcDirection
SetColorAdjustment
DeleteObject
SelectClipRgn
GetClipRgn
CreateRectRgn
SelectClipPath
GetViewportExtEx
GetWindowExtEx
GetPixel
StartDocA
PtVisible
RectVisible
TextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
DeleteDC
CreateDIBPatternBrushPt
CreatePatternBrush
GetStockObject
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
GetTextMetricsA
SetRectRgn
CombineRgn
GetMapMode
PatBlt
DPtoLP
CreateCompatibleBitmap
StretchDIBits
GetCharWidthA
CreateFontA
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
CopyMetaFileA

comdlg32

PageSetupDlgA
FindTextA
ReplaceTextA
GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError
PrintDlgA
GetFileTitleA

winspool.drv

GetJobA
OpenPrinterA
DocumentPropertiesA
ClosePrinter

oleaut32

SysFreeString
VarBstrFromCy
VarDecFromStr
VarBstrFromDec
VarDateFromStr
SysReAllocStringLen
VariantTimeToSystemTime
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayCopy
SafeArrayAllocDescriptor
SafeArrayAllocData
VariantCopy
VarBstrFromDate
LoadTypeLi
SafeArrayRedim
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocString
SafeArrayDestroy
SystemTimeToVariantTime
OleCreateFontIndirect
SysStringByteLen
SysAllocStringByteLen
SysStringLen
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
VarCyFromStr

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 740KB - Virtual size: 739KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 180KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

731329b6d8a02ed90d1522b22fce1fb4

Headers

File Characteristics

Imports

user32

kernel32

comctl32

ole32

shlwapi

oledlg

advapi32

shell32

gdi32

comdlg32

winspool.drv

oleaut32

oleacc

Sections

.text Size: 740KB - Virtual size: 739KB

.rdata Size: 180KB - Virtual size: 176KB

.data Size: 20KB - Virtual size: 38KB

.rsrc Size: 40KB - Virtual size: 37KB

.text
Size: 740KB - Virtual size: 739KB

.rdata
Size: 180KB - Virtual size: 176KB

.data
Size: 20KB - Virtual size: 38KB

.rsrc
Size: 40KB - Virtual size: 37KB