9e7ac440b3bb3f03346e9af045dca4c427c865abd267de7c35ad7549f95985a7

Sharing

Copy URL Twitter E-mail

General

Target

9e7ac440b3bb3f03346e9af045dca4c427c865abd267de7c35ad7549f95985a7
Size

277KB
MD5

44a07533f8eba17bb94250d363a7bfd7
SHA1

e9d20021bddb88c695c27b94a4c8920e988d169f
SHA256

9e7ac440b3bb3f03346e9af045dca4c427c865abd267de7c35ad7549f95985a7
SHA512

4dd54ac013a686a5b3ed929a88fe3da2d2a9269d8ce4afe37747e46b7dde553ce7287eefb669398827d3acc726f8bffcec352da21655eb38772db7b7f2c737d8
SSDEEP

6144:65slPwKh6flsm5cWBSLdEthed3Gy22jr5tC6ox3AA:6SmK+sKcWBS2ed3Hf9tC6ox

Score

N/A

Malware Config

Signatures

Files

9e7ac440b3bb3f03346e9af045dca4c427c865abd267de7c35ad7549f95985a7
.exe windows x86

1431379ff578b8b86324983fe0048686

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

CreateStdAccessibleProxyW
LresultFromObject
AccessibleObjectFromWindow

gdi32

GetObjectW
GetRegionData
GetStockObject
GetWorldTransform
ModifyWorldTransform
OffsetRgn
PatBlt
RealizePalette
SelectObject
GetObjectA
SetBkColor
SetDIBitsToDevice
SetGraphicsMode
SetLayout
SetWorldTransform
GetLayout
GetDeviceCaps
GetDIBits
GetClipRgn
ExtTextOutW
ExtCreateRegion
BitBlt
CombineTransform
CreateCompatibleDC
CreateDIBSection
CreateRectRgn
CreateRectRgnIndirect
CreateSolidBrush
DeleteObject
DeleteDC
SelectPalette

ole32

CoLockObjectExternal
CoMarshalInterThreadInterfaceInStream
CoRegisterClassObject
CoRevokeClassObject
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoUninitialize
CoInitializeEx
OleGetClipboard
OleInitialize
OleSetClipboard
OleUninitialize
PropVariantClear
ReleaseStgMedium
StringFromGUID2
CoInitialize
CoGetInterfaceAndReleaseStream
CoCreateInstance
CoAllowSetForegroundWindow
OleFlushClipboard
CLSIDFromString

shell32

ShellExecuteExW
SHGetSpecialFolderPathW
SHGetInstanceExplorer
SHAddToRecentDocs
SHGetFolderPathW
SHGetFileInfoW
SHGetDesktopFolder
SHBindToParent
ShellExecuteW

rpcrt4

RpcErrorResetEnumeration

kernel32

WaitForSingleObject
WideCharToMultiByte
lstrcmpiW
lstrlenW
WaitForMultipleObjects
VirtualFree
VirtualAlloc
UnhandledExceptionFilter
TerminateProcess
SystemTimeToFileTime
Sleep
SizeofResource
SetUnhandledExceptionFilter
SetThreadPriority
SetThreadExecutionState
SetLastError
SetEvent
ReleaseSemaphore
CloseHandle
CompareStringW
CopyFileW
CreateDirectoryW
CreateEventW
CreateFileMappingW
CreateFileW
CreateMutexW
CreateSemaphoreW
CreateThread
DeleteCriticalSection
DeleteFileW
DisableThreadLibraryCalls
EnterCriticalSection
EnumUILanguagesW
FindResourceExW
FindResourceW
FlushInstructionCache
FoldStringA
FormatMessageW
FreeLibrary
FreeLibraryAndExitThread
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetExitCodeThread
GetFileAttributesExW
GetFileAttributesW
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetProcessHeap
GetSystemDirectoryW
GetSystemTime
GetSystemTimeAsFileTime
GetTempFileNameW
GetTempPathW
GetTickCount
GetUserDefaultUILanguage
GetVersion
GetVersionExA
GetVersionExW
GlobalAlloc
GlobalFree
GlobalLock
GlobalMemoryStatusEx
GlobalUnlock
HeapAlloc
HeapFree
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsProcessorFeaturePresent
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalFree
LockResource
MoveFileExW
MulDiv
MultiByteToWideChar
OutputDebugStringA
PulseEvent
QueryPerformanceCounter
RaiseException
ReleaseMutex

shlwapi

PathRemoveExtensionW
PathRemoveFileSpecW
PathRenameExtensionW
PathMatchSpecW
SHStrDupW
StrChrW
StrStrIW
PathIsRootW
PathIsRelativeW
PathIsNetworkPathW
PathIsDirectoryW
PathFindExtensionW
PathFileExistsW
PathAppendW
ord16
PathAddBackslashW
PathFindFileNameW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

ntdll

RtlInitUnicodeString

advapi32

GetTraceLoggerHandle
GetTraceEnableLevel
GetTraceEnableFlags
CloseServiceHandle
RegEnumValueW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegSetValueExW
RegisterTraceGuidsW
TraceEvent
UnregisterTraceGuids
RegDeleteValueW
RegCreateKeyExW
RegCloseKey
QueryServiceConfigW
OpenServiceW
OpenSCManagerW
RegEnumKeyExW

oleaut32

SysFreeString
VariantInit
VariantCopy
VariantClear
VarUI4FromStr
SysStringLen
SysAllocStringLen
LoadRegTypeLi
LoadTypeLi
SysAllocString
SysAllocStringByteLen
SysStringByteLen

user32

GetProcessDefaultLayout
WindowFromPoint
WindowFromDC
UpdateWindow
UnregisterClassA
UnhookWindowsHookEx
TranslateMessage
TranslateAcceleratorW
TrackPopupMenuEx
TrackMouseEvent
SystemParametersInfoW
ShowWindow
ShowCursor
SetWindowsHookExW
SetWindowTextW
SetWindowPos
SetWindowPlacement
SetWindowLongW
SetTimer
SetRectEmpty
SetRect
SetMenuItemInfoW
SetMenuInfo
SetMenuDefaultItem
SetMenu
SetForegroundWindow
SetFocus
SetCursor
SetCapture
AdjustWindowRectEx
AnimateWindow
AppendMenuW
BeginDeferWindowPos
BeginPaint
CallNextHookEx
CallWindowProcW
CharNextW
ChildWindowFromPointEx
ClientToScreen
CreatePopupMenu
CreateWindowExW
DefWindowProcW
DeferWindowPos
DeleteMenu
DestroyMenu
DestroyWindow
DispatchMessageW
EnableMenuItem
EnableWindow
EndDeferWindowPos
EndMenu
EndPaint
EnumChildWindows
EnumDisplayDevicesW
EnumDisplayMonitors
EnumDisplaySettingsW
FillRect
FindWindowW
GetActiveWindow
GetAncestor
GetCapture
GetClassInfoExW
GetClassLongW
GetClientRect
GetCursor
GetCursorPos
GetDC
GetDesktopWindow
GetDlgCtrlID
GetFocus
GetForegroundWindow
GetKeyState
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoW
GetMessagePos
GetMessageW
GetMonitorInfoW
GetNextDlgGroupItem
GetNextDlgTabItem
GetParent
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMetrics
GetWindow
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
InflateRect
InsertMenuItemW
InsertMenuW
IntersectRect
InvalidateRect
IsChild
IsDialogMessageW
IsIconic
IsRectEmpty
IsWindow
IsWindowEnabled
IsWindowVisible
IsZoomed
KillTimer
LoadAcceleratorsW
LoadCursorW
LoadIconW
LoadImageW
LoadMenuW
LoadStringA
LoadStringW
MapWindowPoints
MessageBeep
MessageBoxW
MonitorFromPoint
MonitorFromRect
MoveWindow
MsgWaitForMultipleObjects
NotifyWinEvent
OffsetRect
PeekMessageW
PostMessageW
PostQuitMessage
PostThreadMessageW
PtInRect
RegisterClassExW
RegisterClipboardFormatW
ReleaseCapture
ReleaseDC
RemoveMenu
ScreenToClient
SendMessageW

Sections

.text
Size: 75KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 155KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1431379ff578b8b86324983fe0048686

Headers

File Characteristics

Imports

oleacc

gdi32

ole32

shell32

rpcrt4

kernel32

shlwapi

version

ntdll

advapi32

oleaut32

user32

Sections

.text Size: 75KB - Virtual size: 76KB

.rdata Size: 155KB - Virtual size: 156KB

.data Size: 15KB - Virtual size: 40KB

.idata Size: 9KB - Virtual size: 11KB

.rsrc Size: 21KB - Virtual size: 23KB

.text
Size: 75KB - Virtual size: 76KB

.rdata
Size: 155KB - Virtual size: 156KB

.data
Size: 15KB - Virtual size: 40KB

.idata
Size: 9KB - Virtual size: 11KB

.rsrc
Size: 21KB - Virtual size: 23KB