1fd130903e9118ecb946021cf8d2b93e4507c1aaec9b1e597169fbf0694152e0

Sharing

Copy URL Twitter E-mail

General

Target

1fd130903e9118ecb946021cf8d2b93e4507c1aaec9b1e597169fbf0694152e0
Size

835KB
MD5

540fc3c62075a754a73309ffbf4e3690
SHA1

d8ef6e2e0e2186f94afe749a9916cb664dff251d
SHA256

1fd130903e9118ecb946021cf8d2b93e4507c1aaec9b1e597169fbf0694152e0
SHA512

04be0eca634268952d3a786858b4bb414df7e84ae6536ffe42fd27e2d76f0763ba0ff4dad4d1ded44de0419282142321e65ea637842873dca43c706d294d6716
SSDEEP

24576:JGqmA0GBUPxTFA+vjQ1ggEO7yPdTo9NYcw:JG+0fPxrvMn7y1gYL

Score

N/A

Malware Config

Signatures

Files

1fd130903e9118ecb946021cf8d2b93e4507c1aaec9b1e597169fbf0694152e0
.exe windows x86

6b260629ab04c89331e49f51de1580e5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

FormatMessageW
VirtualUnlock
HeapDestroy
GetSystemTimeAsFileTime
VirtualLock
EnumSystemLocalesA
VirtualQuery
TlsSetValue
ExitThread
lstrlenW
GetCommandLineW
GetFileSizeEx
GetProcessWorkingSetSize
GlobalGetAtomNameW
GetStartupInfoW
LoadLibraryExW
HeapSize
CloseHandle
LoadLibraryA
GlobalLock
FindClose
LoadLibraryW
FindFirstFileExW
VirtualProtect
InitializeCriticalSectionAndSpinCount
FlushInstructionCache
UnlockFile
UnhandledExceptionFilter
lstrcatA
AddAtomA
GetModuleHandleA
lstrcpyA
GetDriveTypeW
Sleep
LeaveCriticalSection
CopyFileW
GetLocaleInfoA
lstrcmpA
DeleteAtom
GetUserDefaultLCID
lstrcmpW
GlobalFlags
WaitForSingleObject
GetLastError
HeapReAlloc
ConvertDefaultLocale
GetModuleFileNameW
PeekNamedPipe
GetCurrentThread
GlobalFree
SetFilePointer
GetNumberFormatW
GetStdHandle
GlobalMemoryStatus
CreateFileW
WriteFile
EnterCriticalSection
DeleteFileW
SetHandleCount
SetThreadPriority
FreeLibrary
DuplicateHandle
GetProfileIntW
GetFileAttributesW
ResumeThread
GetVersion
SetUnhandledExceptionFilter
GetProcAddress
ExitProcess
lstrcmpiW
GetEnvironmentStringsW
GetStartupInfoA
GetVolumeInformationW
FindFirstFileW
InterlockedExchange
SuspendThread
MultiByteToWideChar
QueryPerformanceCounter
ReleaseMutex
RaiseException
SearchPathW
InterlockedDecrement
GetFullPathNameW
GlobalAlloc
GetSystemDirectoryW
GetFileInformationByHandle
GlobalSize
lstrcpyW
CreateMutexW
GlobalHandle
CreateThread
LocalFree
WritePrivateProfileStringW
CreateEventW
GlobalReAlloc
IsValidCodePage
GetTempPathW
GetCurrentDirectoryW
GetConsoleMode
LoadResource
WideCharToMultiByte
SetStdHandle
GetSystemInfo
GlobalUnlock
GetThreadLocale
SetLastError
GetFileSize
GetProcessTimes
GetFileType
LocalAlloc
HeapCreate
GetCurrentThreadId
GetLocaleInfoW
CompareStringA
FindResourceW
TlsGetValue
VirtualFree
GetTempFileNameW
FindNextFileW
GetWindowsDirectoryW
GetSystemDefaultUILanguage
SetErrorMode
ReadFile
FileTimeToSystemTime
WriteConsoleW
InterlockedCompareExchange
GetVersionExW
GlobalFindAtomW
GetTickCount
HeapQueryInformation
LocalReAlloc
GetFileAttributesExW
RtlUnwind
IsDebuggerPresent
GlobalAddAtomW
InitializeCriticalSection
LockFile
GetModuleHandleW
FindResourceExW
GetThreadTimes
GetLongPathNameW
CompareStringW
FlushFileBuffers
GlobalDeleteAtom
DeleteCriticalSection
GetTimeZoneInformation
GetCurrentProcess
GetProcessHeap
LockResource
lstrlenA
FileTimeToLocalFileTime
IsValidLocale
IsProcessorFeaturePresent
GetOEMCP
FreeResource
SetEnvironmentVariableA
SetEndOfFile
SizeofResource
HeapFree
FreeEnvironmentStringsW
GetPrivateProfileStringW
GetFileTime
GetCurrentProcessId
GetACP
HeapSetInformation
MoveFileExW
MulDiv
HeapAlloc
InterlockedIncrement
GetPrivateProfileIntW
GetConsoleCP
TlsFree

user32

PostMessageW
DrawEdge
GetWindowRgn
DrawTextW
GetSysColorBrush
DefFrameProcW
IsChild
GetProcessWindowStation
CloseClipboard
GetLastActivePopup
GetClassNameW
ClipCursor
CreateDialogIndirectParamW
SetDlgItemTextW
SetRect
GetWindowRect
TranslateMDISysAccel
InvalidateRect
GetDialogBaseUnits
EndDialog
CopyRect
MapWindowPoints
GetClassLongW
GetMenuState
CopyIcon
AppendMenuW
IsWindowEnabled
GetDesktopWindow
EnableWindow
SetPropW
DefWindowProcW
DrawIconEx
DrawFocusRect
OffsetRect
SetScrollInfo
RegisterWindowMessageW
DrawTextExW
CreateIcon
CreateWindowExW
LoadIconW
SetLayeredWindowAttributes
DefMDIChildProcW
DestroyIcon
SetWindowTextW
DeleteMenu
ReleaseCapture
GetWindowThreadProcessId
GetFocus
RemoveMenu
MapVirtualKeyW
GetSystemMenu
GetSubMenu
GetClassInfoExW
DialogBoxIndirectParamW
GetMenu
EmptyClipboard
GetQueueStatus
MapVirtualKeyExW
RealChildWindowFromPoint
WaitMessage
GetMenuItemID
EndDeferWindowPos
GetWindowTextW
IsClipboardFormatAvailable
DrawStateW
GetAsyncKeyState
PeekMessageW
GetDlgItemTextW
SetMenuDefaultItem
IsDialogMessageW
GetDlgCtrlID
ShowOwnedPopups
GetKeyState
GetMenuStringW
SetTimer
LoadImageW
GetMenuCheckMarkDimensions
GetDoubleClickTime
CallNextHookEx
ValidateRect
SetWindowPlacement
GetTopWindow
IsMenu
EnableScrollBar
SendMessageW
GetScrollInfo
InsertMenuW
SetMenuItemBitmaps
UnregisterClassW
GetUpdateRect
GetWindow
HideCaret
DrawFrameControl
GetMonitorInfoW
DispatchMessageW
GetCapture
SetScrollPos
GetWindowTextLengthW
UpdateLayeredWindow
CreateIconFromResourceEx
CallWindowProcW
ShowWindow
CreatePopupMenu
CharUpperW
EndPaint
SetWindowContextHelpId
GetWindowLongW
FillRect
BeginDeferWindowPos
GetSystemMetrics
UnhookWindowsHookEx
GetDC
SetWindowLongW
SetCursor
FrameRect
GetClipboardViewer
GetClientRect
GetForegroundWindow
SystemParametersInfoW
RegisterClassW
MapDialogRect
UpdateWindow
CheckDlgButton
GetScrollRange
TranslateMessage
PtInRect
MoveWindow
TabbedTextOutW
GetMenuItemInfoW
MonitorFromWindow
DrawIcon
RegisterClipboardFormatW
GetCaretPos
GetKeyNameTextW
SetActiveWindow
KillTimer
ScrollWindow
SetMenu
EnableMenuItem
CopyImage
SetWindowRgn
GetMessageTime
ModifyMenuW
UnionRect
AdjustWindowRectEx
TranslateAcceleratorW
UnregisterClassA
GetNextDlgTabItem
CheckMenuItem
LoadBitmapW
SetWindowsHookExW
ClientToScreen
GetMessagePos
GetClassInfoW
CharUpperBuffW
InvertRect
EqualRect
WinHelpW
SetFocus
IntersectRect
LoadMenuW
OpenClipboard
SetCapture
PostQuitMessage
GetOpenClipboardWindow
InsertMenuItemW
DialogBoxParamW
DestroyCursor
GetDlgItem
ReleaseDC
CharNextW
InflateRect
MonitorFromPoint
SetClipboardData
GetIconInfo
SetScrollRange
CreateMenu
TrackPopupMenu
GetPropW
GetMessageW
GetScrollPos
GetWindowDC
LoadCursorW
SetWindowPos
RemovePropW

gdi32

SetWindowOrgEx
SetWindowExtEx
SetMapMode
SetROP2
GetViewportExtEx
ExcludeClipRect
CreateFontW
GetClipBox
SelectPalette
GetBkMode
PtInRegion
GetTextExtentPointW
CreateCompatibleBitmap
CreateDCW
SetBkColor
GetWindowExtEx
CreateDIBitmap
SetRectRgn
GetMapMode
ScaleWindowExtEx
PtVisible
SetPixel
SetBkMode
SetStretchBltMode
SetViewportExtEx
GetBitmapBits
GetNearestPaletteIndex
CreateBitmap
OffsetRgn
GetViewportOrgEx
DeleteObject
LineTo
ExtFloodFill
CreateDIBSection
ScaleViewportExtEx
GetTextCharsetInfo
FillRgn
CreateRoundRectRgn
BitBlt
CreateSolidBrush
SaveDC
GetDeviceCaps
CombineRgn
GetRgnBox
EnumFontFamiliesExW
SetPolyFillMode
SetDIBColorTable
RoundRect
SetPaletteEntries
GetStockObject
SetTextColor
OffsetWindowOrgEx
GetLayout
SetDIBits
FrameRgn
SetPixelV
GetTextExtentPoint32W
CreatePolygonRgn
SetLayout
RectVisible
CreateRectRgnIndirect
Polyline
SelectObject
EnumFontFamiliesW
GetCurrentObject
GetPaletteEntries
Polygon
GetPixel
SelectClipRgn
TextOutW
OffsetViewportOrgEx
ExtTextOutW
CreatePalette
PatBlt
CreateRectRgn
MoveToEx
CreateEllipticRgn
ExtSelectClipRgn
CreatePen
GetBkColor
CopyMetaFileW
GetBoundsRect
CreateCompatibleDC
GetTextColor
GetSystemPaletteEntries
DPtoLP
SetBitmapBits
GetTextMetricsW
GetTextFaceW
CreateFontIndirectW
SetDIBitsToDevice
IntersectClipRect
GetObjectW
SetTextAlign
LPtoDP
GetWindowOrgEx
DeleteDC
Ellipse
RealizePalette
CreateHatchBrush
CreatePatternBrush
GetObjectType
SetViewportOrgEx
Rectangle
StretchBlt
Escape
RestoreDC

winspool.drv

ClosePrinter

comdlg32

GetOpenFileNameW
GetSaveFileNameW
GetFileTitleW

advapi32

FreeSid
RegSetValueExW
RegOpenKeyExA
CryptGenRandom
RegCloseKey
RegQueryInfoKeyW
AllocateAndInitializeSid
RegCreateKeyExW
RegQueryValueW
RegEnumValueW
GetTokenInformation
RegQueryValueExW
RegDeleteValueW
RegQueryValueExA
OpenProcessToken
RegOpenKeyExW
RegEnumKeyExW
RegDeleteKeyW
CheckTokenMembership
RegEnumKeyW

shell32

ShellExecuteW
ShellExecuteExW
SHGetSpecialFolderLocation
ExtractIconExW
SHGetDesktopFolder
SHGetFileInfoW
Shell_NotifyIconW
DragQueryFileW
DragFinish
SHGetPathFromIDListW
DuplicateIcon
SHBrowseForFolderW
SHAppBarMessage

ole32

CLSIDFromProgID
CreateILockBytesOnHGlobal
OleInitialize
CoInitialize
CoTaskMemFree
CoRegisterClassObject
OleLockRunning
CoCreateInstance
OleCreateMenuDescriptor
StringFromGUID2
OleIsCurrentClipboard
OleDuplicateData
CLSIDFromString
CoGetClassObject
DoDragDrop
CoTaskMemRealloc
IsAccelerator
OleGetClipboard
OleDestroyMenuDescriptor
CoFreeUnusedLibraries
RevokeDragDrop
CoCreateGuid
OleTranslateAccelerator
CreateStreamOnHGlobal
CoTaskMemAlloc
CoRegisterMessageFilter
OleUninitialize
CoLockObjectExternal
OleFlushClipboard
StgCreateDocfileOnILockBytes
CoInitializeEx
StgOpenStorageOnILockBytes
CoUninitialize
ReleaseStgMedium
CoRevokeClassObject
RegisterDragDrop

oleaut32

SystemTimeToVariantTime
OleCreateFontIndirect
VariantChangeType
VarBstrFromDate
VarUI4FromStr
VariantCopy
SysAllocString
SafeArrayDestroy
UnRegisterTypeLi
SysAllocStringLen
VariantTimeToSystemTime
SysStringByteLen
VarBstrCat
LoadTypeLi
VarBstrCmp
SysAllocStringByteLen
VariantClear
SysFreeString
RegisterTypeLi
VariantInit
SysStringLen

comctl32

ImageList_DragMove
InitCommonControlsEx
_TrackMouseEvent
ImageList_DragShowNolock
ImageList_GetIconSize
ord17

shlwapi

PathFindFileNameW
PathStripToRootW
PathFindExtensionW
PathIsUNCW
PathRemoveFileSpecW

rpcrt4

NdrProxyErrorHandler

Sections

.text
Size: 616KB - Virtual size: 615KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bzz
Size: - Virtual size: 5.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 101B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b260629ab04c89331e49f51de1580e5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

rpcrt4

Sections

.text Size: 616KB - Virtual size: 615KB

.bzz Size: - Virtual size: 5.2MB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 166KB - Virtual size: 166KB

.CRT Size: 512B - Virtual size: 8B

.tls Size: - Virtual size: 101B

.rsrc Size: 20KB - Virtual size: 20KB

.reloc Size: 14KB - Virtual size: 13KB

.text
Size: 616KB - Virtual size: 615KB

.bzz
Size: - Virtual size: 5.2MB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 166KB - Virtual size: 166KB

.CRT
Size: 512B - Virtual size: 8B

.tls
Size: - Virtual size: 101B

.rsrc
Size: 20KB - Virtual size: 20KB

.reloc
Size: 14KB - Virtual size: 13KB