a68fd4a5a2fffa50f0a6f40fefb940a3701e1d5cff5d4c4650257ec6010f72f9

Sharing

Copy URL Twitter E-mail

General

Target

a68fd4a5a2fffa50f0a6f40fefb940a3701e1d5cff5d4c4650257ec6010f72f9
Size

2.6MB
MD5

c5af80480f0cfd6fee66d405392e5e92
SHA1

d7b973aa9119e3aa93bec3f573b01f41ceccfefc
SHA256

a68fd4a5a2fffa50f0a6f40fefb940a3701e1d5cff5d4c4650257ec6010f72f9
SHA512

6bae377fdb2860d8f88cd3c899da1940aac34d4b698d4deac5a20b1d586253f88712db260c6b7d3f2a93182547af54718fdbb0eea77cd987d76e291af072d162
SSDEEP

24576:ALcVQuHAvfp3ZycjKhAnsol1g7OAzZE+wHEDIWf72cmz89GhBlulfH77oG8bomdn:ALdvoKY3zZDEivEyxSdbC9gT7ia

Score

N/A

Malware Config

Signatures

Files

a68fd4a5a2fffa50f0a6f40fefb940a3701e1d5cff5d4c4650257ec6010f72f9
.exe windows x86

50dd7a830c1c925bde9099ded1af60a6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHAutoComplete

winmm

waveInOpen
waveInGetNumDevs
waveOutPrepareHeader
waveOutOpen
waveOutGetNumDevs
PlaySoundA
waveInAddBuffer
waveInStart
waveOutWrite
waveInStop
waveInReset
waveInUnprepareHeader
waveInClose
waveOutReset
waveOutUnprepareHeader
waveOutClose
waveInPrepareHeader

kernel32

HeapCreate
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
SetHandleCount
GetStdHandle
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
CompareStringW
SetEnvironmentVariableA
GetEnvironmentVariableA
HeapSize
GetFileType
SetStdHandle
HeapReAlloc
GetACP
GetProfileStringA
CreateEventA
CloseHandle
TerminateThread
WaitForSingleObject
SetEvent
ResumeThread
CreateThread
Sleep
VirtualFree
VirtualAlloc
DeleteFileA
WriteFile
lstrcpyA
ReadFile
GetFileSize
CreateFileA
GetFileAttributesA
lstrcatA
GetModuleFileNameA
GetTickCount
GetLocalTime
SetFilePointer
CreateDirectoryA
GetLastError
GetDiskFreeSpaceExA
GetVolumeInformationA
lstrlenA
GetLogicalDriveStringsA
LocalFree
LocalAlloc
lstrcpynA
FindClose
FindNextFileA
FindFirstFileA
RemoveDirectoryA
MoveFileA
GetPrivateProfileStringA
GetCommandLineA
GetStartupInfoA
TerminateProcess
GetSystemTime
GetTimeZoneInformation
ExitThread
RaiseException
HeapAlloc
HeapFree
RtlUnwind
SetErrorMode
GetProcessVersion
GlobalFlags
SystemTimeToFileTime
LocalFileTimeToFileTime
GetProfileIntA
TlsGetValue
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
GetDiskFreeSpaceA
GetFileTime
SetFileTime
GetCurrentThread
LocalLock
LocalUnlock
SetLastError
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
UnlockFile
LockFile
FlushFileBuffers
GetCurrentProcess
DuplicateHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrlenW
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
OpenProcess
LoadLibraryExW
LoadLibraryExA
LoadLibraryW
VirtualQuery
VirtualProtect
FormatMessageA
GetCurrentDirectoryA
CompareStringA
CopyFileA
GetTempFileNameA
GetPrivateProfileSectionNamesA
lstrcmpA
GetExitCodeThread
SetThreadPriority
ResetEvent
GetOEMCP
GetCPInfo
GetVersionExA
EnumResourceLanguagesA
EnumResourceNamesA
EnumResourceTypesA
MultiByteToWideChar
WideCharToMultiByte
SizeofResource
FindResourceA
LoadResource
LockResource
GetCurrentProcessId
FreeLibrary
SetFileAttributesA
GetCurrentThreadId
MulDiv
GetModuleHandleA
ReleaseMutex
LoadLibraryA
GetProcAddress
GetVersion
CreateFileMappingA
MapViewOfFile
FlushViewOfFile
UnmapViewOfFile
SetEndOfFile
LocalReAlloc
LocalSize
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetTempPathA
ExitProcess
DeleteCriticalSection
CancelIo
InterlockedExchange
InterlockedIncrement
InterlockedDecrement
GetQueuedCompletionStatus
CreateIoCompletionPort
GetSystemInfo
EnterCriticalSection
PostQueuedCompletionStatus
LeaveCriticalSection
InitializeCriticalSection
WritePrivateProfileStringA
GetPrivateProfileIntA
HeapDestroy

user32

GetNextDlgGroupItem
PostThreadMessageA
TranslateMDISysAccel
MapDialogRect
SetWindowContextHelpId
ShowOwnedPopups
PostQuitMessage
ValidateRect
UnpackDDElParam
ReuseDDElParam
TranslateAcceleratorA
DestroyMenu
LoadStringA
wvsprintfA
GetMenuCheckMarkDimensions
ModifyMenuA
SetMenuItemBitmaps
SetWindowTextA
SetDlgItemTextA
GetDlgItemTextA
SendDlgItemMessageA
ScrollWindow
GetScrollRange
SetScrollRange
GetScrollPos
WinHelpA
GetClassInfoA
SetPropA
GetPropA
RemovePropA
GetMessageTime
GetWindowPlacement
EndDialog
CreateDialogIndirectParamA
DestroyWindow
GetClipboardFormatNameA
GetTabbedTextExtentA
CreateWindowExA
GetWindowDC
TrackPopupMenuEx
DrawMenuBar
AdjustWindowRect
RegisterClassW
RegisterClassA
DefMDIChildProcW
DefMDIChildProcA
DefDlgProcW
DefDlgProcA
DefFrameProcW
DefFrameProcA
DefWindowProcW
CallWindowProcW
EnableScrollBar
SetScrollInfo
SetScrollPos
GetSysColorBrush
EnumWindows
GetWindowThreadProcessId
EndPaint
BeginPaint
DeferWindowPos
GetMenu
SendMessageTimeoutA
CallWindowProcA
IsWindowUnicode
GetWindowLongW
SetWindowLongW
UnionRect
GetActiveWindow
DrawEdge
GetScrollInfo
GetDoubleClickTime
SetCursorPos
GetClassLongA
GetWindowRgn
HideCaret
ShowCaret
IsMenu
GetMenuDefaultItem
GetMenuItemInfoA
GetDlgItem
AdjustWindowRectEx
SetWindowRgn
GetCursor
GetMenuStringW
LookupIconIdFromDirectoryEx
CopyIcon
CreateIconIndirect
CreateIconFromResourceEx
RegisterClipboardFormatA
GetNextDlgTabItem
EqualRect
IsDialogMessageA
IsClipboardFormatAvailable
CharUpperA
GetKeyboardLayoutList
GetKeyboardState
ToAsciiEx
GetKeyboardLayout
MapVirtualKeyExA
GetKeyNameTextA
IsCharLowerA
IsWindowEnabled
IsIconic
LoadAcceleratorsA
CopyAcceleratorTableA
GrayStringA
TabbedTextOutA
GetWindowTextLengthA
GetWindowTextA
DefWindowProcA
GetForegroundWindow
GetLastActivePopup
LockWindowUpdate
GetDCEx
InvertRect
CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
UnregisterClassA
ExcludeUpdateRgn
DispatchMessageA
TranslateMessage
GetMessageA
SendMessageA
EnableWindow
RegisterWindowMessageA
SetRect
MessageBoxA
wsprintfA
GetWindow
GetClientRect
SetCapture
WaitMessage
MapVirtualKeyA
GetTopWindow
BeginDeferWindowPos
EndDeferWindowPos
ShowWindow
IsChild
SetFocus
MoveWindow
DrawFocusRect
SetActiveWindow
DrawAnimatedRects
SetParent
FindWindowA
EnumChildWindows
SystemParametersInfoA
GetClassNameA
CreatePopupMenu
InsertMenuA
BringWindowToTop
LoadBitmapA
DestroyIcon
GetMenuStringA
IsZoomed
PeekMessageA
IsRectEmpty
DrawStateA
SetRectEmpty
SetMenuDefaultItem
SetForegroundWindow
TrackPopupMenu
GetMenuItemID
IsWindow
PtInRect
GetMessagePos
KillTimer
GetCapture
MapWindowPoints
SetTimer
DrawFrameControl
CopyRect
GetSysColor
FillRect
GetKeyState
GetClipboardData
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
DrawTextA
CheckMenuItem
GetMenuState
ShowScrollBar
DrawIconEx
IntersectRect
GetSystemMenu
AppendMenuA
CheckMenuRadioItem
GetIconInfo
SetClassLongA
DestroyCursor
LoadCursorA
SetCursor
ScreenToClient
UpdateWindow
WindowFromPoint
ClientToScreen
ReleaseCapture
GetParent
IsWindowVisible
SetWindowPos
GetDlgCtrlID
GetFocus
GetCursorPos
EnableMenuItem
GetMenuItemCount
DeleteMenu
GetSubMenu
LoadMenuA
CharNextA
OffsetRect
GetSystemMetrics
LoadIconA
InflateRect
MessageBeep
SetMenu
GetDesktopWindow
PostMessageA
RedrawWindow
AnimateWindow
ReleaseDC
GetDC
InvalidateRect
GetWindowRect
SetWindowLongA
GetWindowLongA
LoadImageA

gdi32

EndPath
CloseFigure
MoveToEx
LineTo
PolyBezierTo
BeginPath
OffsetViewportOrgEx
GetTextExtentPoint32W
ExtTextOutW
GetCharWidthA
GetCurrentPositionEx
ExtFloodFill
LPtoDP
DPtoLP
StartDocA
SaveDC
RestoreDC
SetMapMode
SetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
SetTextAlign
CreateBitmap
StrokeAndFillPath
GetMapMode
SetRectRgn
CopyMetaFileA
CreateDCA
AbortDoc
EndDoc
EndPage
StartPage
SetAbortProc
DeleteDC
GetWindowOrgEx
GetObjectType
GetTextAlign
Escape
RectVisible
PtVisible
EnumFontFamiliesExA
PatBlt
CreateRectRgnIndirect
GetDeviceCaps
GetStockObject
GetTextColor
GetCurrentObject
GetPixel
SetBkMode
SetPixel
TextOutA
GetObjectA
Rectangle
CreateCompatibleBitmap
CreatePen
SetBkColor
SetTextColor
ExtTextOutA
BitBlt
StretchDIBits
CreateCompatibleDC
CreateDIBSection
SelectObject
FillPath
StrokePath
Ellipse
GetWindowExtEx
GetViewportExtEx
SelectPalette
CreateDIBitmap
CreatePalette
GetClipBox
SetBrushOrgEx
RoundRect
CreatePolygonRgn
GetRgnBox
GetClipRgn
IntersectClipRect
ExtSelectClipRgn
OffsetRgn
GetTextCharsetInfo
GetBkColor
CreatePatternBrush
GetViewportOrgEx
CombineRgn
Polyline
CreateFontA
PtInRegion
CreateRectRgn
ExtCreateRegion
GetBitmapBits
GetDIBits
SetStretchBltMode
DeleteObject
GetTextMetricsA
GetTextExtentPointA
CreateFontIndirectA
CreateSolidBrush
Polygon
StretchBlt
GetTextExtentPoint32A
SetBitmapBits

comdlg32

FindTextA
ReplaceTextA
ChooseColorA
CommDlgExtendedError
GetFileTitleA
PrintDlgA
GetOpenFileNameA
GetSaveFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegEnumKeyA
RegDeleteValueA
RegDeleteKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCreateKeyA
RegQueryValueExA
RegSetValueA
GetFileSecurityA
SetFileSecurityA
RegCloseKey
RegQueryValueA
RegOpenKeyA

shell32

ShellExecuteA
Shell_NotifyIconA
SHAppBarMessage
SHGetPathFromIDListA
SHGetSpecialFolderLocation
ord71
DragFinish
DragQueryFileA
ExtractIconA
SHGetFileInfoA
SHGetMalloc

comctl32

ImageList_LoadImageA
ord17
ImageList_Remove
ImageList_DrawIndirect
ImageList_GetBkColor
FlatSB_GetScrollProp
ImageList_GetImageInfo
ImageList_Add
ImageList_Destroy
ImageList_Create
ImageList_GetImageCount
ImageList_GetIcon
_TrackMouseEvent
ImageList_DragShowNolock
ImageList_DragLeave
ImageList_EndDrag
ImageList_DragMove
ImageList_AddMasked
ImageList_DrawEx
ImageList_Draw
ImageList_ReplaceIcon
ImageList_GetIconSize

oledlg

ord8
ord1

ole32

CoDisconnectObject
CoCreateInstance
OleInitialize
CoUninitialize
CoInitialize
CLSIDFromProgID
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CoTaskMemFree
ReleaseStgMedium
OleGetClipboard
CoTaskMemAlloc
OleDuplicateData
CoRevokeClassObject
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
CoFreeUnusedLibraries
CLSIDFromString
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleUninitialize

olepro32

ord253

oleaut32

VariantCopy
SysAllocStringByteLen
VariantChangeType
SysStringByteLen
VarDateFromStr
VarBstrFromDate
SafeArrayGetDim
SysAllocStringLen
VariantTimeToSystemTime
SysStringLen
LoadTypeLi
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
VariantChangeTypeEx
VariantClear
SysFreeString
OleLoadPicturePath
SysAllocString

ws2_32

inet_ntoa
getpeername
closesocket
gethostname
gethostbyname
WSACloseEvent
WSASend
WSARecv
socket
accept
WSAGetLastError
setsockopt
WSAIoctl
WSAEnumNetworkEvents
WSAWaitForMultipleEvents
WSASocketA
WSACreateEvent
WSAEventSelect
htons
bind
listen
WSACleanup
WSAStartup

pdh

PdhAddCounterA
PdhOpenQueryA
PdhGetFormattedCounterValue
PdhCollectQueryData
PdhCloseQuery

avifil32

AVIFileInit
AVIStreamRelease
AVIFileExit
AVIFileCreateStreamA
AVIFileOpenA
AVIStreamWrite
AVIStreamSetFormat
AVIFileRelease

msvfw32

DrawDibDraw
ICSeqCompressFrameEnd
ICCompressorFree
ICClose
ICOpen
ICSendMessage
ICSeqCompressFrameStart
ICDecompress
DrawDibOpen
DrawDibClose

imagehlp

ImageDirectoryEntryToData

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rodata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 312KB - Virtual size: 311KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 610KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

50dd7a830c1c925bde9099ded1af60a6

Headers

File Characteristics

Imports

shlwapi

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

ws2_32

pdh

avifil32

msvfw32

imagehlp

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.rodata Size: 12KB - Virtual size: 10KB

.rdata Size: 312KB - Virtual size: 311KB

.data Size: 104KB - Virtual size: 610KB

.rsrc Size: 160KB - Virtual size: 158KB

.text
Size: 2.0MB - Virtual size: 2.0MB

.rodata
Size: 12KB - Virtual size: 10KB

.rdata
Size: 312KB - Virtual size: 311KB

.data
Size: 104KB - Virtual size: 610KB

.rsrc
Size: 160KB - Virtual size: 158KB