b06c9f90c5a88fea752ce5ce69dce4b4cdd7e3c29eec82103af7b9d55ff961ed

Sharing

Copy URL Twitter E-mail

General

Target

b06c9f90c5a88fea752ce5ce69dce4b4cdd7e3c29eec82103af7b9d55ff961ed
Size

105KB
MD5

da9f3f2c1103ff54f7f44e1cb0cfc75b
SHA1

ceccfcf7573669f2a310e9e3e2a4369bd6a01f8c
SHA256

b06c9f90c5a88fea752ce5ce69dce4b4cdd7e3c29eec82103af7b9d55ff961ed
SHA512

6cb5cc66d6370ba221693faef3fc25579ff408b441c3e8680f26b7164b8542a3e5e69fa88ccb5ca7584d6e0f0d697e1ef260e917745547be7c687bcc4dbd89a9
SSDEEP

3072:lo+UP7ZClfk2TdW8qWPCthKpVo9qxuAI9YxUk9MZBr:++iZClfkI0+PXpVo9nAIl

Score

N/A

Malware Config

Signatures

Files

b06c9f90c5a88fea752ce5ce69dce4b4cdd7e3c29eec82103af7b9d55ff961ed
.exe windows x86

722fc99d6883fd272f71fcc07f1918fa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileExA
CopyFileExW
CopyFileW
CreateConsoleScreenBuffer
CreateDirectoryW
CreateFileA
CreateHardLinkA
CreateHardLinkW
CreateIoCompletionPort
CreateJobObjectW
CreateMailslotA
CreateNamedPipeA
CreateProcessA
CreateRemoteThread
CreateSemaphoreW
CreateTapePartition
CreateThread
CreateTimerQueue
DebugActiveProcess
DebugBreak
DefineDosDeviceA
DefineDosDeviceW
DeleteTimerQueueEx
DeleteTimerQueueTimer
DeleteVolumeMountPointW
DisconnectNamedPipe
DnsHostnameToComputerNameA
DosDateTimeToFileTime
EndUpdateResourceA
EnterCriticalSection
EnumCalendarInfoA
EnumCalendarInfoExA
EnumCalendarInfoExW
EnumCalendarInfoW
EnumResourceNamesA
EnumResourceTypesA
EnumSystemLanguageGroupsW
EnumSystemLocalesW
EnumTimeFormatsW
EnumUILanguagesW
ExitThread
FatalAppExitW
FatalExit
FileTimeToLocalFileTime
FillConsoleOutputAttribute
FillConsoleOutputCharacterA
FindAtomA
FindAtomW
FindClose
FindCloseChangeNotification
FindFirstChangeNotificationA
FindFirstFileExW
FindFirstVolumeA
FindFirstVolumeMountPointA
FindNextVolumeA
FindNextVolumeMountPointA
FindResourceExA
FlushFileBuffers
FlushInstructionCache
FoldStringA
FormatMessageA
FormatMessageW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
FreeResource
FreeUserPhysicalPages
GenerateConsoleCtrlEvent
GetACP
GetBinaryTypeW
GetCPInfoExA
GetCPInfoExW
GetCalendarInfoA
GetCalendarInfoW
GetCommMask
GetCommModemStatus
GetComputerNameA
GetComputerNameExA
GetComputerNameW
GetConsoleAliasExesLengthW
GetConsoleAliasExesW
GetConsoleAliasW
GetConsoleAliasesA
GetConsoleAliasesLengthW
GetConsoleAliasesW
GetConsoleCursorInfo
GetConsoleMode
GetConsoleOutputCP
GetConsoleTitleA
GetCurrencyFormatA
GetCurrencyFormatW
GetCurrentConsoleFont
GetDateFormatA
GetDefaultCommConfigW
GetDevicePowerState
GetDiskFreeSpaceExA
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetDriveTypeW
GetEnvironmentStrings
GetEnvironmentVariableA
GetExitCodeThread
GetFileAttributesA
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFullPathNameW
GetLocaleInfoW
GetLogicalDriveStringsA
GetLongPathNameW
GetModuleHandleA
GetNamedPipeInfo
GetNumberFormatW
GetOEMCP
GetPriorityClass
GetPrivateProfileSectionA
GetPrivateProfileSectionW
GetPrivateProfileStringA
GetPrivateProfileStructA
GetProcessHeap
GetProcessShutdownParameters
GetProcessTimes
GetProfileIntA
GetProfileStringW
GetShortPathNameA
GetShortPathNameW
GetStringTypeA
GetSystemDefaultLCID
GetSystemDirectoryA
GetSystemTimeAsFileTime
GetSystemWindowsDirectoryA
GetTempFileNameW
GetTempPathA
GetTempPathW
GetThreadContext
GetThreadLocale
GetThreadPriority
GetThreadSelectorEntry
GetTickCount
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetUserDefaultLangID
GetVersion
GetVersionExA
CompareStringA
GetVolumePathNameW
GlobalAddAtomW
GlobalCompact
GlobalDeleteAtom
GlobalFindAtomA
GlobalFix
GlobalFlags
GlobalFree
GlobalGetAtomNameA
GlobalLock
GlobalMemoryStatusEx
GlobalSize
GlobalUnfix
GlobalUnlock
Heap32First
HeapFree
HeapSize
HeapUnlock
InitAtomTable
InitializeCriticalSection
InterlockedDecrement
IsBadHugeWritePtr
IsBadReadPtr
IsBadStringPtrA
IsBadStringPtrW
IsBadWritePtr
IsDebuggerPresent
IsSystemResumeAutomatic
IsValidLanguageGroup
LCMapStringW
LeaveCriticalSection
LocalAlloc
LocalFree
LocalHandle
LocalShrink
LocalSize
LocalUnlock
LockFile
LockResource
MapUserPhysicalPages
MapViewOfFile
MapViewOfFileEx
Module32FirstW
MoveFileWithProgressW
OpenEventW
OpenFileMappingW
OpenProcess
OpenWaitableTimerW
OutputDebugStringA
PeekNamedPipe
Process32Next
ProcessIdToSessionId
QueryDosDeviceA
QueryDosDeviceW
QueryInformationJobObject
QueryPerformanceCounter
QueryPerformanceFrequency
ReadConsoleInputW
ReadConsoleOutputW
ReadDirectoryChangesW
ReadProcessMemory
ReleaseMutex
ReleaseSemaphore
ReplaceFile
ResumeThread
RtlFillMemory
RtlUnwind
RtlZeroMemory
ScrollConsoleScreenBufferA
ScrollConsoleScreenBufferW
SetCalendarInfoA
SetCommBreak
SetCommMask
SetCommState
SetComputerNameExA
SetComputerNameExW
SetConsoleActiveScreenBuffer
SetConsoleCP
SetConsoleCursor
SetConsoleCursorPosition
SetConsoleTextAttribute
SetConsoleTitleA
SetCriticalSectionSpinCount
SetFileApisToANSI
SetHandleInformation
SetInformationJobObject
SetLastError
SetLocaleInfoA
SetMailslotInfo
SetMessageWaitingIndicator
SetPriorityClass
SetProcessPriorityBoost
SetProcessShutdownParameters
SetSystemTimeAdjustment
SetThreadAffinityMask
SetThreadIdealProcessor
SetThreadPriorityBoost
SetUnhandledExceptionFilter
SetVolumeMountPointA
SetVolumeMountPointW
SetWaitableTimer
SetupComm
SignalObjectAndWait
Sleep
SwitchToFiber
Thread32Next
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnlockFile
UnlockFileEx
UnregisterWait
UnregisterWaitEx
UpdateResourceW
VerLanguageNameA
VerLanguageNameW
VerifyVersionInfoA
VirtualFree
VirtualQuery
VirtualUnlock
WaitForMultipleObjects
WaitForSingleObject
WaitNamedPipeA
WriteConsoleInputA
WriteConsoleOutputA
WriteConsoleOutputAttribute
WriteConsoleOutputCharacterW
WriteFile
WritePrivateProfileSectionA
WriteProcessMemory
WriteProfileSectionA
WriteTapemark
_hread
_llseek
_lwrite
lstrcatA
lstrcmpA
lstrcmpW
lstrcmpiW
lstrcpy
lstrcpyW
lstrcpynA
lstrlen
lstrlenA
lstrlenW
CommConfigDialogW
ClearCommError
CancelWaitableTimer
CancelTimerQueueTimer
CallNamedPipeW
BuildCommDCBW
BuildCommDCBAndTimeoutsW
BuildCommDCBA
BindIoCompletionCallback
BeginUpdateResourceA
AssignProcessToJobObject
AreFileApisANSI
AllocateUserPhysicalPages
AddConsoleAliasW
AddAtomA
LoadLibraryA
GetProcAddress
GetWindowsDirectoryW
lstrcatW
CreateFileW
GetVersionExW
VirtualAlloc

user32

AttachThreadInput
BeginDeferWindowPos
BeginPaint
BroadcastSystemMessageW
CallMsgFilter
CallMsgFilterW
ChangeDisplaySettingsExW
CharToOemA
CloseClipboard
CloseWindowStation
CopyImage
CreateDialogIndirectParamW
CreateIcon
CreateIconFromResourceEx
DdeConnect
DdeCreateDataHandle
DdeDisconnect
DdeFreeStringHandle
DdeGetData
DdeGetLastError
DdeInitializeW
DefDlgProcW
keybd_event
WindowFromDC
VkKeyScanExA
TrackMouseEvent
ToUnicode
ToAsciiEx
TileWindows
SwitchDesktop
SetWindowsHookExA
SetWindowsHookA
SetWindowTextA
SetWindowLongW
SetWinEventHook
SetTimer
SetProcessWindowStation
SetProcessDefaultLayout
SetMenuDefaultItem
SetLastErrorEx
SetKeyboardState
SetDlgItemTextW
SetClipboardData
SetClassWord
SetClassLongA
SetCapture
SendMessageTimeoutW
SendInput
RemovePropW
PostThreadMessageW
PostQuitMessage
PostMessageW
OpenWindowStationA
MsgWaitForMultipleObjectsEx
MonitorFromRect
ModifyMenuW
MessageBoxExW
MessageBoxExA
MapVirtualKeyW
LoadMenuIndirectA
IsWindowVisible
IsDialogMessageA
IsDialogMessage
InvalidateRect
IntersectRect
IMPSetIMEW
HiliteMenuItem
GetWindowTextA
GetPriorityClipboardFormat
GetNextDlgGroupItem
GetMenuStringA
GetLastInputInfo
GetIconInfo
GetGUIThreadInfo
GetDlgItem
GetDialogBaseUnits
GetClassInfoA
GetCaretPos
GetAltTabInfoA
FreeDDElParam
FlashWindow
FindWindowW
FindWindowExA
EnumThreadWindows
EnumDisplaySettingsExA
EndPaint
EnableScrollBar
DrawIconEx
DrawFrameControl
DragDetect
DlgDirSelectComboBoxExW
DlgDirListComboBoxA
DestroyAcceleratorTable
DefFrameProcA

comdlg32

ChooseColorA
ChooseFontA
ChooseFontW
CommDlgExtendedError
FindTextA
FindTextW
GetFileTitleA
GetFileTitleW
GetOpenFileNameA
GetOpenFileNameW
GetSaveFileNameA
GetSaveFileNameW
PageSetupDlgA
PageSetupDlgW
PrintDlgA
PrintDlgExA
PrintDlgExW
PrintDlgW
ReplaceTextA
ReplaceTextW
ChooseColorW

ole32

UtGetDvtd32Info
UtConvertDvtd32toDvtd16
StringFromCLSID
StgOpenStorage
StgCreatePropStg
SetConvertStg
STGMEDIUM_UserSize
STGMEDIUM_UserFree
ReleaseStgMedium
ReadFmtUserTypeStg
ReadClassStg
OleSave
OleRegGetUserType
OleNoteObjectVisible
OleLoadFromStream
OleIsCurrentClipboard
OleFlushClipboard
OleDoAutoConvert
OleCreateMenuDescriptor
OleCreateFromDataEx
OleCreate
MonikerRelativePathTo
IsAccelerator
IIDFromString
HWND_UserUnmarshal
HMETAFILE_UserUnmarshal
HMETAFILE_UserMarshal
HMETAFILE_UserFree
HMENU_UserMarshal
HGLOBAL_UserUnmarshal
HGLOBAL_UserFree
HENHMETAFILE_UserMarshal
HENHMETAFILE_UserFree
HDC_UserSize
HBRUSH_UserMarshal
HBRUSH_UserFree
WdtpInterfacePointer_UserUnmarshal
HACCEL_UserMarshal
GetHGlobalFromILockBytes
GetConvertStg
GetClassFile
FreePropVariantArray
DcomChannelSetHResult
CreateGenericComposite
CreateAntiMoniker
CoWaitForMultipleHandles
CoUnloadingWOW
CoTaskMemFree
CoSuspendClassObjects
CoSetProxyBlanket
CoSetCancelObject
CoRevokeMallocSpy
CoRevokeClassObject
CoRevertToSelf
CoRegisterClassObject
CoRegisterChannelHook
CoReactivateObject
CoQueryReleaseObject
CoQueryAuthenticationServices
CoLockObjectExternal
CoIsOle1Class
CoIsHandlerConnected
CoInitializeEx
CoGetTreatAsClass
CoGetStandardMarshal
CoGetInterfaceAndReleaseStream
CoEnableCallCancellation
CoDisconnectObject
CoDeactivateObject
CoCreateInstance
CoCreateGuid
CLSIDFromProgID
CLIPFORMAT_UserSize
HACCEL_UserSize

oleaut32

VarNeg
VarI1FromI2
VarI1FromDisp
VarI1FromCy
VarI1FromBool
VarFormatPercent
VarFormatNumber
VarFormatFromTokens
VarFormatCurrency
VarFormat
VarDecMul
VarDecInt
VarDecFromUI4
VarDecFromUI1
VarDecFromI4
VarDecFromI2
VarDecFromDate
VarDecFromCy
VarDecDiv
VarDecCmp
VarDecAdd
VarDateFromUdateEx
VarDateFromUdate
VarDateFromUI4
VarDateFromUI2
VarDateFromUI1
VarDateFromStr
VarDateFromR4
VarDateFromI4
VarDateFromI2
VarDateFromI1
VarDateFromDec
VarDateFromCy
VarCySu
VarCyNeg
VarCyMul
VarCyInt
VarCyFromUI4
VarCyFromStr
VarCyFromR8
VarCyFromR4
VarCyFromI4
VarCyFromI2
VarCyFromDisp
VarCyFromDec
VarCyFromBool
VarCyCmpR8
VarCmp
VarCat
VarBstrFromUI4
VarBstrFromUI2
VarBstrFromR4
VarBstrFromI4
VarBstrFromI1
VarBstrFromDisp
VarBstrFromDec
VarBstrFromDate
VarBstrFromCy
VarBstrFromBool
VarBstrCmp
VarBstrCat
VarBoolFromStr
VarBoolFromR8
VarBoolFromI2
VarBoolFromI1
VarBoolFromCy
VarAnd
VarAdd
VARIANT_UserSize
VARIANT_UserFree
SystemTimeToVariantTime
SysStringLen
SysReAllocStringLen
SysAllocStringLen
SysAllocString
SetErrorInfo
SafeArrayUnlock
SafeArraySetIID
SafeArrayRedim
SafeArrayPutElement
SafeArrayLock
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetElement
SafeArrayGetDim
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayCreateVector
SafeArrayCreateEx
SafeArrayCreate
SafeArrayCopy
SafeArrayAllocDescriptorEx
SafeArrayAllocData
RevokeActiveObject
RegisterTypeLi
VariantTimeToSystemTime
VariantCopy
VariantClear
VariantChangeType
VarWeekdayName
VarUdateFromDate
VarUI4FromUI2
VarUI4FromUI1
VarUI4FromR4
VarUI4FromI4
VarUI4FromI2
VarUI4FromI1
VarUI4FromDec
VarUI4FromDate
VarUI4FromCy
VarUI4FromBool
VarUI2FromUI1
VarUI2FromStr
VarUI2FromR8
VarUI2FromR4
VarUI2FromI4
VarUI2FromI2
VarUI2FromDec
VarUI1FromStr
VarUI1FromI2
VarUI1FromI1
VarUI1FromDisp
VarUI1FromCy
VarUI1FromBool
VarTokenizeFormatString
VarRound
VarR8FromUI4
VarR8FromUI1
VarR8FromR4
VarR8FromI2
VarR8FromI1
VarR8FromDisp
VarR8FromDec
VarR8FromCy
VarR4FromUI4
VarR4FromR8
VarR4FromI2
VarR4FromI1
VarR4FromCy
VarR4FromBool
VarR4CmpR8
VarPow
VarParseNumFromStr
VarOr
VarI1FromR8
VarMul
VarMonthName
VarMod
VarInt
VarImp
VarI4FromUI2
VarI4FromUI1
VarI4FromR4
VarI4FromDisp
VarI4FromDec
VarI4FromDate
VarI4FromBool
VarI2FromUI2
VarI2FromR8
VarI2FromR4
VarI2FromI4
VarI2FromI1
VarI2FromDisp
VarI2FromDec
VarI2FromDate
VarI2FromCy
VarI2FromBool
VarI1FromUI4
VarI1FromUI2
BSTR_UserFree
BSTR_UserMarshal
BSTR_UserSize
BstrFromVector
CreateErrorInfo
DispGetParam
DosDateTimeToVariantTime
GetActiveObject
GetAltMonthNames
GetErrorInfo
GetRecordInfoFromTypeInfo
LHashValOfNameSysA
LPSAFEARRAY_UserMarshal
LPSAFEARRAY_UserSize
LoadTypeLi
LoadTypeLibEx
OACreateTypeLib2
OleCreatePropertyFrameIndirect
OleIconToCursor
OleLoadPictureEx
OleLoadPictureFile
OleLoadPictureFileEx
OleLoadPicturePath
OleSavePictureFile
QueryPathOfRegTypeLi
RegisterActiveObject

msvcrt

memcpy

Sections

.text
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 728B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mm1
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

722fc99d6883fd272f71fcc07f1918fa

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

comdlg32

ole32

oleaut32

msvcrt

Sections

.text Size: 79KB - Virtual size: 79KB

.rdata Size: 15KB - Virtual size: 15KB

.data Size: 512B - Virtual size: 728B

.mm1 Size: 1024B - Virtual size: 1000B

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 4KB - Virtual size: 279KB

.text
Size: 79KB - Virtual size: 79KB

.rdata
Size: 15KB - Virtual size: 15KB

.data
Size: 512B - Virtual size: 728B

.mm1
Size: 1024B - Virtual size: 1000B

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 279KB