e25c5db360706581dc134fe55ad1eb0f13fef0e7cda8668a4e4cfe6c697396b3

Sharing

Copy URL Twitter E-mail

General

Target

e25c5db360706581dc134fe55ad1eb0f13fef0e7cda8668a4e4cfe6c697396b3
Size

1.9MB
MD5

212bd7c22e28ea122e1afa86eba04877
SHA1

8026105b552a2373dd515642cfd1ff22225b2e32
SHA256

e25c5db360706581dc134fe55ad1eb0f13fef0e7cda8668a4e4cfe6c697396b3
SHA512

e9a971a108b834c6bce5c1075e3ca9fbb29c5c1fc7573e49c0b1f712dcaa4e1efe06aafc38b60ea6452ebbc81f4e9b25b88ddddea4036767ac911cc3a4a80292
SSDEEP

24576:wtwI/3zL5TrAB7hC6rV1tOFpRaawAawAyq7awYkR8SorPfdNxuja:IDLW7hFZfzawAawAyq7awPR8rf

Score

N/A

Malware Config

Signatures

Files

e25c5db360706581dc134fe55ad1eb0f13fef0e7cda8668a4e4cfe6c697396b3
.exe windows x86

2cdf678d32929926712e32e350643e03

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
GetFileAttributesA
LCMapStringA
LCMapStringW
GetTimeFormatA
GetDateFormatA
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
GetACP
GetExitCodeProcess
CreateProcessA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
CreateFileA
GetCPInfo
QueryPerformanceCounter
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetFileType
SetStdHandle
HeapSize
ExitProcess
RaiseException
RtlUnwind
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
ExitThread
HeapReAlloc
GetSystemTimeAsFileTime
VirtualQuery
GetSystemInfo
VirtualAlloc
GetStartupInfoW
GetCurrentDirectoryW
SetErrorMode
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
GetFileTime
GetPrivateProfileIntW
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
lstrcmpA
SuspendThread
LocalAlloc
DeleteCriticalSection
InitializeCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
GetVersion
GetCurrentProcessId
GlobalGetAtomNameW
GetShortPathNameW
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetThreadLocale
GetStringTypeExW
GetProfileIntW
GetModuleHandleA
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
GetVersionExA
GlobalSize
FormatMessageW
LocalFree
ResumeThread
InterlockedExchange
lstrcmpiA
SetUnhandledExceptionFilter
CreateEventW
ReadFile
WaitForSingleObject
CreateProcessW
GetStdHandle
CreatePipe
OpenThread
LoadLibraryA
VirtualProtect
GetExitCodeThread
TerminateThread
SetEvent
GetTickCount
GetPrivateProfileSectionW
WritePrivateProfileSectionW
GetModuleFileNameW
LeaveCriticalSection
EnterCriticalSection
FileTimeToDosDateTime
MoveFileW
CopyFileW
OpenFile
InterlockedIncrement
lstrcmpiW
MulDiv
FreeResource
lstrlenW
InterlockedDecrement
lstrcmpW
WideCharToMultiByte
ExpandEnvironmentStringsW
GetCurrentThreadId
lstrlenA
MultiByteToWideChar
CreateThread
Sleep
CloseHandle
WriteFile
SetFilePointer
GetFileSize
CreateFileW
HeapFree
GetProcessHeap
HeapAlloc
GetCurrentProcess
GetVersionExW
FindClose
FindNextFileW
DeleteFileW
RemoveDirectoryW
SetFileAttributesW
GetFileAttributesW
FindFirstFileW
GetModuleHandleW
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetLastError
SetLastError
FindResourceW
LoadResource
LockResource
SizeofResource
WritePrivateProfileStringW
FreeLibrary
GetProcAddress
LoadLibraryW
GetPrivateProfileStringW

user32

WinHelpW
IsChild
GetClassNameW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
SetActiveWindow
DispatchMessageW
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
GetMenu
CreateWindowExW
GetClassInfoExW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
IntersectRect
SystemParametersInfoA
GetWindowPlacement
SetRectEmpty
GetMenuState
GetMenuStringW
RedrawWindow
IsRectEmpty
EndDeferWindowPos
BeginDeferWindowPos
GetSysColorBrush
GetSysColor
SetRect
IsMenu
FillRect
MessageBoxW
EnumWindows
FindWindowW
GetWindowTextW
ShowWindow
GetLastActivePopup
GetCapture
SetClassLongW
GetClassLongW
GetClassInfoW
SetMenu
LockWindowUpdate
ReleaseCapture
WindowFromPoint
UnionRect
SetCapture
GetDesktopWindow
ClientToScreen
GetSubMenu
LoadIconW
SystemParametersInfoW
ModifyMenuW
DeleteMenu
MoveWindow
SendDlgItemMessageA
GetMenuItemCount
PostThreadMessageW
UnhookWindowsHookEx
ActivateKeyboardLayout
SetTimer
IsIconic
SetWindowRgn
IsZoomed
SetWindowsHookExW
InvalidateRect
UpdateWindow
ScreenToClient
GetAsyncKeyState
GetCursorPos
GetKeyState
CallNextHookEx
GetKeyboardLayout
EnumChildWindows
FindWindowExW
KillTimer
IsDialogMessageW
SetWindowTextW
EnableMenuItem
GetMenuCheckMarkDimensions
UnregisterClassA
SetMenuItemBitmaps
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamW
SetWindowLongW
GetWindowLongW
SetWindowPos
InsertMenuW
IsClipboardFormatAvailable
LoadBitmapW
OffsetRect
InvalidateRgn
GetWindowRect
SetCursor
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
ReleaseDC
GetWindowDC
SetForegroundWindow
GetSystemMetrics
CopyRect
LoadCursorW
EnableWindow
SendMessageW
AppendMenuW
CreatePopupMenu
PtInRect
PostMessageW
GetForegroundWindow
GetFocus
GetParent
GetWindow
InflateRect
GetDC
GetClientRect
IsWindowEnabled
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
BeginPaint
EndPaint
GetMenuItemInfoW
DestroyMenu
IsWindowVisible
IsWindow
LoadImageW
SendDlgItemMessageW
RegisterWindowMessageW
GetMenuItemID
GetActiveWindow
GetDCEx
GetMessageW
CharUpperW
DefFrameProcW
DrawMenuBar
BringWindowToTop
TranslateMDISysAccel
TranslateAcceleratorW
InsertMenuItemW
LoadAcceleratorsW
GetWindowThreadProcessId
LoadMenuW
ReuseDDElParam
UnpackDDElParam
CheckMenuItem
ValidateRect
TranslateMessage
CharNextW
DrawIcon
CopyAcceleratorTableW
GetSystemMenu
SetParent
PostQuitMessage
RegisterClipboardFormatW
MapDialogRect
SetWindowContextHelpId
ShowOwnedPopups
UnregisterClassW
GetNextDlgGroupItem
MessageBeep

gdi32

GetClipBox
SetTextColor
SetBkColor
SaveDC
RestoreDC
SetBkMode
SetROP2
SetMapMode
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SelectClipRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
StretchDIBits
ExtSelectClipRgn
CreateBitmap
CreatePen
GetBkColor
Rectangle
UnrealizeObject
SetRectRgn
GetMapMode
DPtoLP
LPtoDP
Ellipse
GetRgnBox
GetCharWidthW
CopyMetaFileW
SetStretchBltMode
GetTextColor
ExtTextOutW
CreateFontIndirectW
EnumFontFamiliesW
SetDIBColorTable
GetDIBColorTable
CreateDIBSection
DeleteDC
CreateEllipticRgn
GetStockObject
StretchBlt
GetDeviceCaps
TextOutW
SelectObject
PatBlt
CreatePolygonRgn
CreatePatternBrush
GetDIBits
CombineRgn
CreateRectRgnIndirect
CreateRectRgn
GetTextExtentPoint32W
CreateCompatibleBitmap
CreateDCW
GetObjectW
BitBlt
CreateCompatibleDC
CreateSolidBrush
CreateFontW
GetTextMetricsW
DeleteObject

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegQueryInfoKeyW
GetTokenInformation
RegQueryValueW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegSetValueExW
RegCreateKeyW
RegSetValueW
RegQueryValueExW
RegOpenKeyW
GetUserNameW
RegEnumKeyW
OpenProcessToken
RegSetKeySecurity
FreeSid
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AddAce
InitializeAcl
AllocateAndInitializeSid
RegCloseKey
RegGetKeySecurity
RegOpenKeyExW
GetSidSubAuthority
GetSidSubAuthorityCount
GetSidIdentifierAuthority
CopySid
GetLengthSid

shell32

SHAppBarMessage
DragQueryFileW
SHGetDesktopFolder
Shell_NotifyIconW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetMalloc
ShellExecuteW
SHGetSpecialFolderPathW
DragFinish

comctl32

ImageList_AddMasked
InitCommonControlsEx

shlwapi

UrlUnescapeW
PathIsUNCW
PathStripToRootW
PathRemoveExtensionW
PathFindExtensionW
PathFileExistsW
SHDeleteKeyW
PathFindFileNameW

oledlg

OleUIBusyW

ole32

OleIsCurrentClipboard
CLSIDFromProgID
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoInitialize
CoUninitialize
CoCreateInstance
CoTaskMemFree
CoFreeAllLibraries
CreateStreamOnHGlobal
CoGetInterfaceAndReleaseStream
CoMarshalInterThreadInterfaceInStream
CoRegisterClassObject
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
OleGetClipboard
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CLSIDFromString
CoRevokeClassObject
CoRegisterMessageFilter
OleFlushClipboard
CoDisconnectObject

oleaut32

LoadTypeLi
VariantCopy
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayDestroy
SystemTimeToVariantTime
VariantTimeToSystemTime
OleCreateFontIndirect
VariantChangeType
SysAllocStringLen
SysAllocString
SysStringLen
SysAllocStringByteLen
SysFreeString
VariantClear
VariantInit

gdiplus

GdipFree
GdipBitmapLockBits
GdipCreateBitmapFromFile
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDrawImageI
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipSaveImageToFile
GdipAlloc
GdipDisposeImage
GdipCloneImage

ws2_32

WSAStartup
send
recv
WSAAsyncSelect
WSACleanup
setsockopt
connect
htons
inet_addr
WSASocketW
closesocket

wininet

InternetOpenUrlW
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetOpenW
InternetGetLastResponseInfoW
InternetCloseHandle
FindFirstUrlCacheEntryW
HttpQueryInfoW
InternetQueryDataAvailable
InternetQueryOptionW
InternetCanonicalizeUrlW
InternetCrackUrlW
FindCloseUrlCache
DeleteUrlCacheEntryW
FindNextUrlCacheEntryW

Sections

.text
Size: 772KB - Virtual size: 771KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 188KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 708KB - Virtual size: 705KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

\]��J(
Size: 224KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2cdf678d32929926712e32e350643e03

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

ws2_32

wininet

Sections

.text Size: 772KB - Virtual size: 771KB

.rdata Size: 188KB - Virtual size: 184KB

.data Size: 16KB - Virtual size: 34KB

.rsrc Size: 708KB - Virtual size: 705KB

\]��J( Size: 224KB - Virtual size: 224KB

.text
Size: 772KB - Virtual size: 771KB

.rdata
Size: 188KB - Virtual size: 184KB

.data
Size: 16KB - Virtual size: 34KB

.rsrc
Size: 708KB - Virtual size: 705KB

\]��J(
Size: 224KB - Virtual size: 224KB