a492b606b8baf4a70852eb5bd59c9a594d0c14572d52dc9ec6d9b6ba53f1ba01

Sharing

Copy URL Twitter E-mail

General

Target

a492b606b8baf4a70852eb5bd59c9a594d0c14572d52dc9ec6d9b6ba53f1ba01
Size

712KB
MD5

65d6efa0e279803a1f0e9628bc3b10a5
SHA1

4718d4fbe4619c1a176e9817939f7bfe3bb4f2f0
SHA256

a492b606b8baf4a70852eb5bd59c9a594d0c14572d52dc9ec6d9b6ba53f1ba01
SHA512

47c25a70d10eb629ed2dcfb42fbf4eeff76848505324d63cb0fa6faadc9e9db419c2ee57f4cfa7a121f10614615d20d21f6337ab25e7633a1daea3f59a42633a
SSDEEP

12288:iL2qx7/FI0fO9kXbiRqHW+D6cHUcxaWuAWxLXqs76ve7I+L:iL2qd/FI0fO9kXeVpc0cxaWuAWVR76v9

Score

N/A

Malware Config

Signatures

Files

a492b606b8baf4a70852eb5bd59c9a594d0c14572d52dc9ec6d9b6ba53f1ba01
.exe windows x86

da4d02fbab2a98e6522973361baa6e33

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
RaiseException
HeapFree
HeapReAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
HeapSize
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetCPInfo
GetACP
GetOEMCP
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
CreateEventA
CreateThread
WaitForSingleObject
SetEvent
WriteFile
FormatMessageA
GetModuleHandleA
GetTimeZoneInformation
lstrcatA
FindFirstFileA
FindNextFileA
FindClose
DeleteFileA
GetWindowsDirectoryA
FreeLibrary
CreateProcessA
CloseHandle
GetPrivateProfileIntA
Sleep
GetPrivateProfileStringA
GetFileAttributesA
lstrlenA
lstrcpynA
GetLocalTime
GetLocaleInfoA
GetDateFormatA
GetTimeFormatA
lstrcpyA
CompareFileTime
FileTimeToSystemTime
GetSystemTime
SystemTimeToFileTime
InterlockedIncrement
GetModuleFileNameA
LoadLibraryA
GetProcAddress
RtlUnwind

user32

RegisterClassExA
DefWindowProcA
BeginPaint
SetTimer
GetMessageA
RegisterWindowMessageA
GetDlgCtrlID
UpdateWindow
CreateWindowExA
LoadStringA
GetSystemMetrics
LoadAcceleratorsA
RegisterClassA
LoadCursorA
LoadIconA
SetForegroundWindow
ShowWindow
IsIconic
IsWindow
SendDlgItemMessageA
GetDlgItem
SetWindowTextA
SetWindowLongA
EndDialog
GetWindowLongA
DialogBoxParamA
GetNextDlgTabItem
GetWindowRect
MoveWindow
GetDlgItemTextA
IsDlgButtonChecked
EnableWindow
SetCursorPos
GetCursorPos
GetMenuState
GetClientRect
DrawTextA
FillRect
CopyRect
InflateRect
GetSysColor
FrameRect
CreateDialogParamA
ScreenToClient
SetDlgItemInt
CheckRadioButton
GetParent
GetDlgItemInt
DestroyIcon
LoadBitmapA
CheckDlgButton
LoadMenuA
GetSubMenu
EnableMenuItem
TrackPopupMenuEx
DestroyMenu
GetKeyState
wsprintfA
GetFocus
IsWindowVisible
DestroyWindow
GetMenuItemID
GetMenuStringA
GetMenuItemCount
GetSysColorBrush
PostQuitMessage
SendMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
PostMessageA
KillTimer
WinHelpA
CheckMenuItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
CheckMenuRadioItem
MapWindowPoints
SetScrollPos
SetScrollRange
DeleteMenu
GetNextDlgGroupItem
IsWindowEnabled
EndPaint
LoadImageA
PtInRect
SetScrollInfo
GetScrollInfo
SetRect
DrawIconEx
GetWindowTextA
EnumDesktopWindows
SetWindowPos
DrawFocusRect
DrawFrameControl
GetMenu
PeekMessageA
IsDialogMessageA
IsZoomed
MessageBoxA
SetDlgItemTextA
SetFocus
SetCursor
InvalidateRect

gdi32

GetTextExtentPointA
GetTextExtentPoint32A
CreateCompatibleDC
StretchBlt
DeleteDC
SetBkMode
TextOutA
CreatePen
MoveToEx
LineTo
Rectangle
SetBkColor
SetTextColor
GetObjectA
DeleteObject
CreateSolidBrush
GetStockObject
SelectObject
BitBlt
CreateFontIndirectA

comdlg32

GetOpenFileNameA

advapi32

RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegEnumValueA
RegOpenKeyA
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA

shfolder

SHGetFolderPathA

comctl32

ImageList_Add
ImageList_Create
ImageList_Destroy
InitCommonControlsEx
ord17
ImageList_GetImageCount
ord6
ImageList_ReplaceIcon
ImageList_LoadImageA

winmm

sndPlaySoundA

shlwapi

StrToIntA

bvrpctln

ord6
_HTML_SetText@20
_Profile_SetString@16
?strrtrim@@YGPADPAD@Z
_Profile_GetBinary@20
_Profile_SetBinary@20
_CreateHtmlSlideView@20
_Rebar_ChevronPushed@8
?Resize_OnGetMinMaxInfo@@YGXPAUHWND__@@PAUtagMINMAXINFO@@@Z
?Resize_Exit@@YGXPAUHWND__@@@Z
?Resize_OnNCHitTest@@YGIPAUHWND__@@HH@Z
_HTML_CreateEx@24
?strremove@@YGPADPADPBD@Z
_Profile_GetProfile@4
?Resize_Init@@YG_NPAUHWND__@@IQAUSIZING@@H@Z
_Profile_SetInt@16
_Profile_GetString@24
_CenterWindow@4
MakeFullPathName
??0CProfile@@QAE@PBD_N@Z
?FindSection@CProfile@@ABEPAUSection@1@PBD@Z
?GetInt@CProfile@@QBEHPBDH@Z
??1CProfile@@UAE@XZ
_Profile_GetInt@16
ord8
?Resize_OnSize@@YGXPAUHWND__@@IHH@Z

calengine

?_ReadAppointment@@YAJPAXHPAU_PB_ENTRY_ID@@1PAUTagAGDEVENT@@@Z
?_EnumAppointments@@YAJPAXHPAU_PB_ENTRY_ID@@PAUTagENUMAGDEVENT@@P6GH11PAUTagAGDEVENT@@J@ZJ@Z
_LocalFileTimeToFileTimeEx@8
?_DeleteAppointment@@YAJPAXHPAU_PB_ENTRY_ID@@1@Z
_Util_SetDate@16
_FileTimeToLocalSystemTimeEx@8
_EnumEvent@24
?_AddAppointment@@YAJPAXHPAU_PB_ENTRY_ID@@PAUTagAGDEVENTINFOS@@PAUTagAGDCATEGORYINFOS@@PAUTagAGDALARMINFOS@@1@Z
?_EnumException@@YAJPAXPAU_PB_ENTRY_ID@@1P6GH1PAUTagAGDEVENT@@KJ@ZJPAUTagENUMAGDEVENT@@@Z
?_CloseCalendar@@YAJPAX@Z
?_WriteRegisterTechnology@@YA_NPAUHKEY__@@PAD11@Z
?_WriteRegisterTechnologyEx@@YA_NPAUHKEY__@@PAD1PAH@Z
?_EnumAllFolders@@YAJPAXP6GHW4CALFOLDERTYPES@@PADKPAU_PB_ENTRY_ID@@J@ZJ@Z
?_OpenLastUsedCalendar@@YA?AW4CALENDAR_TECHNOLOGIES@@PAPAXW41@PAD@Z
?_IsCalendarAvailable@@YAHW4CALENDAR_TECHNOLOGIES@@@Z
?_OpenCalendar@@YAJW4CALENDAR_TECHNOLOGIES@@PAUHWND__@@PBDPAPAX@Z
?_CreateFolderAppointment@@YAJPAXHPAU_PB_ENTRY_ID@@PAD1@Z
?_CreateException@@YAJPAXPAU_PB_ENTRY_ID@@PAUTagAGDEVENT@@K@Z
_FileTimeToLocalFileTimeEx@8
_SystemTimeToLocalFileTimeEx@8
?_GetPathCalendar@@YAJPAXW4CALENDAR_TECHNOLOGIES@@PAD@Z
__GetRegisterTechnology@20
?_ModifyAppointment@@YAJPAXHPAU_PB_ENTRY_ID@@1PAUTagAGDEVENTINFOS@@PAUTagAGDCATEGORYINFOS@@PAUTagAGDALARMINFOS@@@Z

pbkengine

_RegisterNotifications
_GetFullName
_DeleteRecord
_UnregisterNotifications

pbkuser

ord7
__GetCurrentFolderID@4
ord9
ord3

syncengine

__EnumMobileCalEntries@16
__GetAutoDeleteEventTaskActived@0
__GetAutoDeleteEventTask@0
__AutoDeleteEventTask@4
__GetPhoneCapacities@4
__Synchronize@4
__ConfigurateSynchro@4
__BackupRestoreWizard@4
__InitializeSyncEngine@0
__UpdateMobileCalEntries@12
__UninitializeSyncEngine@0

printcalendar

?Print@@YAXPAUHWND__@@PAUPrintData@@@Z
?TerminatePrint@@YAXXZ
?Preview@@YAXPAUHWND__@@PAUPrintData@@@Z

newui

?SetToolBar@CCommandBarXP@@QAEHPAUHWND__@@@Z
?AutoCustomDraw@CToolBarXP@@QAEXXZ
?SetGroupXP@@YGXPAUHWND__@@PBU_GROUPXP@@@Z
??1CToolBarXP@@UAE@XZ
??0CToolBarXP@@QAE@XZ
?OnSysCommand@CCommandBarXP@@QAEHI@Z
?OnMenuChar@CCommandBarXP@@QAEJI@Z
?Create@CCommandBarXP@@QAEHKPAUHWND__@@I@Z
?SetMenu@CCommandBarXP@@QAEHPAUHMENU__@@@Z
?Show@CCommandBarXP@@QAEXIH@Z
?AddToolBar@CCommandBarXP@@QAEHPAUHWND__@@HI@Z
?LoadImageList@CToolbarWindow32@@QAEHPAUHINSTANCE__@@PBDIK@Z
??_7CToolbarWindow32@@6B@
??1CCommandBarXP@@UAE@XZ
??0CCommandBarXP@@QAE@XZ

Sections

.text
Size: 260KB - Virtual size: 259KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 4KB - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 168KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tc
Size: 248KB - Virtual size: 248KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

da4d02fbab2a98e6522973361baa6e33

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shfolder

comctl32

winmm

shlwapi

bvrpctln

calengine

pbkengine

pbkuser

syncengine

printcalendar

newui

Sections

.text Size: 260KB - Virtual size: 259KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 8KB - Virtual size: 2.6MB

Shared Size: 4KB - Virtual size: 8B

.rsrc Size: 168KB - Virtual size: 164KB

.tc Size: 248KB - Virtual size: 248KB

.text
Size: 260KB - Virtual size: 259KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 8KB - Virtual size: 2.6MB

Shared
Size: 4KB - Virtual size: 8B

.rsrc
Size: 168KB - Virtual size: 164KB

.tc
Size: 248KB - Virtual size: 248KB