5edbb38e2f3257d72810806f518818d370005e197d245f60acb0bb5001148724

Sharing

Copy URL Twitter E-mail

General

Target

5edbb38e2f3257d72810806f518818d370005e197d245f60acb0bb5001148724
Size

1004KB
MD5

3105fc6e589042cd4f55c90fe84fb600
SHA1

196f9f49197ee5d5d6819079702d7c225edc4cc7
SHA256

5edbb38e2f3257d72810806f518818d370005e197d245f60acb0bb5001148724
SHA512

001892ca300eddfc7810f10932bc4818284188fb037047887b4249ca74134b8be3bcf748d7fddf250a24009bafac53531a6838dd96a5efda5c9a7eb9d1036030
SSDEEP

24576:9Hzj9psHLy2OLtuS+W8sWgNbU7p7LgCTZK12eWR:9nTYA5uS+tb7p7g2eW

Score

N/A

Malware Config

Signatures

Files

5edbb38e2f3257d72810806f518818d370005e197d245f60acb0bb5001148724
.exe windows x86

04e208123a841533aceb9c792b94dda9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

InitializeCriticalSection
GetOEMCP
GetUserDefaultLangID
GetCurrentDirectoryA
GetExitCodeProcess
lstrcmpiW
SetFileTime
GetModuleFileNameA
GetACP
EnterCriticalSection
FileTimeToSystemTime
CompareStringA
CreateThread
WaitForSingleObject
GetUserDefaultLCID
LCMapStringA
GlobalDeleteAtom
GetStdHandle
UnlockFile
DuplicateHandle
VirtualProtect
GlobalFree
GetProcAddress
GetSystemDefaultLCID
GetDateFormatA
GetTimeZoneInformation
FreeLibrary
GetCommandLineA
GetStringTypeExA
ExitThread
SetCurrentDirectoryA
lstrcmpiA
lstrcmpA
lstrcatA
IsBadReadPtr
GetCurrentProcess
DeleteFileA
ReadFile
GetFileAttributesA
lstrcpyA
GetVolumeInformationA
UnhandledExceptionFilter
GetSystemDirectoryA
InterlockedDecrement
GetSystemDefaultLangID
GetVersionExA
GlobalReAlloc
FileTimeToLocalFileTime
HeapDestroy
GetModuleFileNameW
GetCurrentProcessId
CreateDirectoryA
GetWindowsDirectoryA
Sleep
LoadResource
HeapFree
TlsSetValue
GetLastError
VirtualQuery
GetCPInfo
SetFilePointer
ExitProcess
HeapSize
FormatMessageA
SetHandleCount
TlsAlloc
GlobalAlloc
RemoveDirectoryA
CreateEventA
VirtualAlloc
GlobalAddAtomA
GetShortPathNameA
HeapAlloc
SetErrorMode
GlobalUnlock
CloseHandle
SetStdHandle
ReleaseSemaphore
RtlUnwind
MoveFileA
IsBadCodePtr
GetEnvironmentStringsW
GetSystemTime
LockFile
_llseek
GetFullPathNameA
MultiByteToWideChar
FreeEnvironmentStringsA
TlsGetValue
FlushFileBuffers
GetSystemInfo
CompareStringW
FindNextFileA
GetTempPathA
GetLocaleInfoA
VirtualFree
GetVersion
DeleteCriticalSection
GlobalSize
WideCharToMultiByte
GetTickCount
WinExec
_lread
SetLocalTime
GetDriveTypeA
GetFileType
FreeEnvironmentStringsW
SetEnvironmentVariableA
_lwrite
InterlockedIncrement
LoadLibraryA
RaiseException
SetEvent
TerminateProcess
SetEndOfFile
WriteFile
SizeofResource
GlobalHandle
HeapReAlloc
FindFirstFileA
SetFileAttributesA
lstrlenA
SystemTimeToFileTime
CreateFileA
CreateSemaphoreA
GetModuleHandleA
FindResourceA
FlushInstructionCache
GetLocalTime
GetTempFileNameA
ResumeThread
GetFileTime
FindClose
GetProfileStringA
lstrcpynA
LCMapStringW
GetStringTypeA
GetStartupInfoA
SetLastError
GetCurrentThreadId
FreeResource
HeapCreate
_lclose
CreateProcessA
IsDBCSLeadByte
TlsFree
SearchPathA
LockResource
GlobalLock
FormatMessageW
LoadLibraryExA
GetEnvironmentStrings
ResetEvent
CreateProcessW
GetStringTypeW
LeaveCriticalSection
MulDiv

user32

GetWindowLongA
DrawFrameControl
ScreenToClient
GetUpdateRgn
IsChild
SetCursorPos
LoadAcceleratorsA
WindowFromPoint
RegisterClassExA
MapWindowPoints
SetDlgItemTextA
SetMenu
GetPropA
DdeClientTransaction
ShowWindow
PostQuitMessage
DdeGetData
HideCaret
AdjustWindowRectEx
GetForegroundWindow
BeginDeferWindowPos
CharLowerA
TrackPopupMenu
EndDeferWindowPos
GetMenuItemInfoA
UnhookWindowsHookEx
DialogBoxParamA
GetWindowTextLengthA
CreateMenu
IsDialogMessageA
CloseClipboard
RegisterClassA
DestroyAcceleratorTable
TabbedTextOutA
GetKeyboardLayout
PtInRect
GetDC
CharPrevA
CreateCursor
DeleteMenu
DdeCreateDataHandle
MsgWaitForMultipleObjects
IsZoomed
GetSystemMetrics
GetDCEx
FindWindowW
ReleaseCapture
RegisterClipboardFormatA
GetCapture
DefMDIChildProcA
GetKeyboardState
DispatchMessageA
OemToCharA
GetMessageTime
MessageBeep
DdeDisconnect
GetWindowRgn
GetSystemMenu
SetWindowLongA
EqualRect
SetPropA
PostMessageW
AppendMenuA
GetWindowThreadProcessId
CreateAcceleratorTableA
DdeInitializeA
DdePostAdvise
SetRect
DdeFreeDataHandle
GetParent
GetCaretBlinkTime
EndPaint
OffsetRect
DdeFreeStringHandle
PostMessageA
VkKeyScanA
GetWindowTextA
SetScrollRange
GetLastActivePopup
DrawIcon
SetWindowTextA
GetClipboardFormatNameA
IsWindow
GetDoubleClickTime
SetCaretPos
GetSubMenu
CharUpperBuffA
SendMessageA
wsprintfA
GetMenu
DdeUninitialize
DdeQueryConvInfo
GetWindowDC
CreateWindowExA
SetActiveWindow
LoadImageA
FindWindowA
InvalidateRgn
GetWindow
InvalidateRect
ShowCursor
SetWindowRgn
DdeCmpStringHandles
DdeQueryStringA
IntersectRect
GetUpdateRect
RemovePropA
IsIconic
GetCursorPos
ClientToScreen
GetCaretPos
InflateRect
DdeGetLastError
FrameRect
CopyRect
EndDialog
BringWindowToTop
DestroyIcon
ToAscii
CallNextHookEx
ClipCursor
DefWindowProcA
MessageBoxA
WaitMessage
GetIconInfo
SetForegroundWindow
DeferWindowPos
LoadBitmapA
GetQueueStatus
MoveWindow
CharLowerBuffW
EnumThreadWindows
DrawFocusRect
DdeSetUserHandle
PeekMessageA
SetParent
CopyAcceleratorTableA
ShowScrollBar
DdeAbandonTransaction
DdeCreateStringHandleA
CreateCaret
EnableMenuItem
SetScrollInfo
BeginPaint
GetActiveWindow
SetMenuItemInfoA
SetWindowPos
SetWindowContextHelpId
UnregisterClassA
SetCapture
InsertMenuA
DdeConnect
CharToOemBuffA
SetWindowsHookExW
GetCursor
AttachThreadInput
EmptyClipboard
PostThreadMessageA
WaitForInputIdle
DdeNameService
SystemParametersInfoA
ShowCaret
GetMenuItemID
CharLowerBuffA
TranslateMessage
IsRectEmpty
SetClipboardData
WinHelpA
IsClipboardFormatAvailable
GetDlgItem
GetMenuStringA
GetClientRect
UpdateWindow
CreateDialogParamA
CharNextA
GetMessagePos
GetSysColor
SetTimer
DestroyCursor
AdjustWindowRect
DestroyCaret
MessageBoxIndirectA
GetClassInfoExA
LoadCursorA
KillTimer
CreatePopupMenu
GetKeyState
IsWindowEnabled
SetMenuDefaultItem
GetClassNameA
SetWindowsHookExA
SetFocus
LockWindowUpdate
IsWindowVisible
GetClipboardData
GetFocus
GetTabbedTextExtentA
CreateIcon
GetAsyncKeyState
keybd_event
SetCursor
GetWindowRect
SubtractRect
LoadIconA
ReleaseDC
ModifyMenuA
FillRect
GetClassInfoA
GetMenuItemCount
DrawTextA
TranslateMDISysAccel
GetScrollInfo
EnableWindow
SetScrollPos
LoadStringA
SetKeyboardState
CallWindowProcA
VkKeyScanW
CharUpperBuffW
DefFrameProcA
GetMenuState
RemoveMenu
CharUpperA
CharToOemA
IsCharAlphaA
DestroyWindow
OpenClipboard
DrawMenuBar
CheckMenuItem
GetScrollPos
GetDesktopWindow
PeekMessageW
DestroyMenu
EnumClipboardFormats
SendDlgItemMessageA

ole32

OleDoAutoConvert
OleIsRunning
ProgIDFromCLSID
OleUninitialize
CoGetMalloc
MkParseDisplayName
OleRun
RevokeDragDrop
OleConvertIStorageToOLESTREAM
OleCreateLinkFromData
CoDisconnectObject
StgOpenStorageOnILockBytes
CoFreeUnusedLibraries
OleRegGetUserType
OleLoad
OleDestroyMenuDescriptor
OleLoadFromStream
CoRegisterMessageFilter
CreateBindCtx
WriteClassStg
CreateDataAdviseHolder
StringFromCLSID
CLSIDFromString
OleLockRunning
BindMoniker
OleQueryCreateFromData
OleGetAutoConvert
OleSetMenuDescriptor
OleCreateMenuDescriptor
CoRegisterClassObject
CoGetClassObject
OleSetClipboard
GetClassFile
CoCreateInstance
OleCreateFromFile
OleIsCurrentClipboard
OleGetIconOfClass
OleDuplicateData
OleSaveToStream
OleInitialize
CoUnmarshalInterface
IsAccelerator
StgOpenStorage
OleTranslateAccelerator
CoIsOle1Class
CoRevokeClassObject
OleFlushClipboard
OleCreateFromData
ReadClassStm
CoMarshalInterface
StgCreateDocfile
OleQueryLinkFromData
CoLockObjectExternal
CLSIDFromProgID
OleSave
ReadClassStg
OleGetClipboard
StgCreateDocfileOnILockBytes
IIDFromString
DoDragDrop
OleConvertOLESTREAMToIStorage
StgIsStorageILockBytes
OleCreateLink
CreateOleAdviseHolder
ReleaseStgMedium
RegisterDragDrop
StringFromGUID2
CreateILockBytesOnHGlobal
CreateStreamOnHGlobal
OleCreateLinkToFile

advapi32

LookupPrivilegeValueA
DeregisterEventSource
RegisterEventSourceA
RegQueryValueExW
RegDeleteValueA
RegCloseKey
RegCreateKeyA
InitializeSecurityDescriptor
RegCreateKeyW
RegSetValueExA
RegQueryValueA
RegDeleteKeyA
RegEnumKeyW
AdjustTokenPrivileges
RegDeleteValueW
RegEnumValueW
RegEnumValueA
RegSetValueA
RegOpenKeyExA
RegEnumKeyA
RegSetValueExW
OpenProcessToken
SetSecurityDescriptorDacl
ReportEventA
RegQueryValueExA
RegOpenKeyA
RegOpenKeyW
RegDeleteKeyW
RegQueryInfoKeyA

ws2_32

WSAConnect
accept

ddraw

DirectDrawEnumerateA

samlib

SamConnect

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 892KB - Virtual size: 888KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

04e208123a841533aceb9c792b94dda9

Headers

File Characteristics

Imports

kernel32

user32

ole32

advapi32

ws2_32

ddraw

samlib

Sections

.text Size: 4KB - Virtual size: 1KB

.data Size: 12KB - Virtual size: 12.9MB

.idata Size: 16KB - Virtual size: 12KB

.rsrc Size: 72KB - Virtual size: 70KB

.rdata Size: 892KB - Virtual size: 888KB

.tls Size: 4KB - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 1KB

.data
Size: 12KB - Virtual size: 12.9MB

.idata
Size: 16KB - Virtual size: 12KB

.rsrc
Size: 72KB - Virtual size: 70KB

.rdata
Size: 892KB - Virtual size: 888KB

.tls
Size: 4KB - Virtual size: 4KB