c07535c1dcaae6aab537edba96ea9559204a1efbd82b0f90c4ab4b50883cce58

Sharing

Copy URL Twitter E-mail

General

Target

c07535c1dcaae6aab537edba96ea9559204a1efbd82b0f90c4ab4b50883cce58
Size

4.6MB
MD5

74bba1a90c61df055f2daccd1d8433f0
SHA1

f8856c4ac8d4b2b1bfdd0e47638981a8d5c4a641
SHA256

c07535c1dcaae6aab537edba96ea9559204a1efbd82b0f90c4ab4b50883cce58
SHA512

f49512f4c2c1f6fd1a3687d73c6143feb4c0ccc6063cef270ce19d850787078d80aadb5e2257c52146476fcebeb0d67f3bfa5e45a156fcb54c747d628a9356a9
SSDEEP

98304:m+X1pP9x86K3VjIg96JIAT4mRDhriHeFxM:Qcg92IsdriHeFxM

Score

N/A

Malware Config

Signatures

Files

c07535c1dcaae6aab537edba96ea9559204a1efbd82b0f90c4ab4b50883cce58
.exe windows x86

65a61d5424fa8b46909e567901ad8822

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetModuleBaseNameA
EnumProcessModules
EnumProcesses

kernel32

GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
GetOEMCP
SetErrorMode
FindResourceExA
GetCurrentDirectoryA
GetTickCount
RtlUnwind
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
GetConsoleCP
GetConsoleMode
ExitProcess
GetCommandLineA
GetSystemInfo
VirtualQuery
GlobalReAlloc
ExitThread
SetStdHandle
GetFileType
HeapSize
GetACP
IsValidCodePage
GetStdHandle
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
HeapCreate
SetHandleCount
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoW
GetProcessHeap
CompareStringW
SetEnvironmentVariableA
TlsGetValue
LocalAlloc
GetModuleHandleW
GetDiskFreeSpaceA
GetTempFileNameA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
InterlockedExchange
GetFileTime
GetFileSizeEx
GetFileAttributesExA
SystemTimeToFileTime
FileTimeToSystemTime
VirtualProtect
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetThreadLocale
GetStringTypeExA
MoveFileA
SetThreadPriority
InterlockedDecrement
GetModuleFileNameW
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
lstrcmpW
GetCurrentProcessId
lstrcmpA
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
QueryDosDeviceA
DeviceIoControl
FreeLibrary
FatalAppExitA
DebugBreak
DeleteCriticalSection
GetSystemDirectoryA
GetDriveTypeA
RemoveDirectoryA
CreateDirectoryA
GetStartupInfoA
GetLocalTime
lstrcatA
WinExec
CreateThread
Beep
OpenProcess
lstrcpyA
GetLogicalDriveStringsA
GetModuleFileNameA
GetDefaultCommConfigA
GetSystemTime
DeleteFileA
FindFirstFileA
FindNextFileA
lstrcpynA
InterlockedIncrement
MulDiv
WaitForMultipleObjects
WaitCommEvent
GetCommMask
ClearCommError
ReadFile
InitializeCriticalSection
SetCommTimeouts
GetCommState
SetupComm
GetExitCodeThread
CreateEventA
SuspendThread
ResumeThread
SetCommState
WaitForSingleObject
ResetEvent
EnterCriticalSection
WriteFile
GetOverlappedResult
FormatMessageA
LocalFree
LeaveCriticalSection
SetEvent
SetCommMask
EscapeCommFunction
PurgeComm
LocalFileTimeToFileTime
SetFileTime
CreateFileA
CloseHandle
FileTimeToLocalFileTime
VirtualAlloc
VirtualFree
GetFileAttributesA
Sleep
lstrlenW
GetLastError
SetLastError
GetProcAddress
GetModuleHandleA
LoadLibraryA
FreeResource
GetCPInfo
lstrlenA
lstrcmpiA
MultiByteToWideChar
GetVersion
GetVersionExA
GetLocaleInfoA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
HeapReAlloc

user32

MapDialogRect
GetAsyncKeyState
CharUpperA
ValidateRect
GetCursorPos
SetRectEmpty
DestroyMenu
CreateDialogIndirectParamA
EndDialog
IsDialogMessageA
SetDlgItemTextA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
SetWindowsHookExA
CallNextHookEx
RemovePropA
GetWindowTextLengthA
GetForegroundWindow
SetActiveWindow
GetDlgItem
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
TrackPopupMenu
SetMenu
GetScrollRange
ShowScrollBar
IsWindowVisible
GetClassInfoExA
GetClassInfoA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CallWindowProcA
GetMenu
IntersectRect
GetWindowPlacement
GetLastActivePopup
IsWindowEnabled
GetMenuStringA
PostQuitMessage
RegisterClassExA
SetWindowRgn
PostThreadMessageA
GetClassLongA
BeginDeferWindowPos
EndDeferWindowPos
wsprintfA
SetParent
GetDCEx
GetSystemMenu
IsRectEmpty
GetClassNameA
GetWindowTextA
SetPropA
MoveWindow
SetForegroundWindow
GetKeyState
SetFocus
TranslateMessage
DispatchMessageA
SetWindowLongA
EnumWindows
GetWindowThreadProcessId
LoadMenuA
GetFocus
GetDlgCtrlID
SetWindowPos
MessageBoxA
ClipCursor
SetScrollRange
SetScrollPos
GetScrollPos
GetWindow
UpdateWindow
IsIconic
DrawIcon
SetWindowTextA
ScreenToClient
RegisterClassA
CreateWindowExA
ShowWindow
FillRect
GetClientRect
InvalidateRect
EnableWindow
PtInRect
BeginPaint
EndPaint
GetWindowDC
DefWindowProcA
DestroyWindow
UnregisterClassA
CreateCursor
RedrawWindow
DestroyCursor
PostMessageA
GetWindowLongA
WindowFromPoint
GetParent
GetNextDlgTabItem
GetActiveWindow
ClientToScreen
TranslateAcceleratorA
BringWindowToTop
InsertMenuItemA
LoadAcceleratorsA
ReuseDDElParam
UnpackDDElParam
IsZoomed
LockWindowUpdate
WaitMessage
RegisterClipboardFormatA
GetNextDlgGroupItem
DrawFocusRect
FrameRect
OffsetRect
InvalidateRgn
CopyAcceleratorTableA
CharNextA
GetMessageA
InflateRect
SendMessageA
GetWindowRect
GetDC
SetWindowContextHelpId
ShowOwnedPopups
GetPropA
SetCursorPos
ReleaseDC
GetCapture
SetCapture
IsWindow
MessageBeep
GetSysColor
ReleaseCapture
LoadImageA
SetRect
CopyRect
LoadBitmapA
DrawEdge
CreateMenu
CreatePopupMenu
DeleteMenu
AppendMenuA
GetMenuItemCount
GetMenuItemID
GetMenuState
GetSubMenu
InsertMenuA
ModifyMenuA
GetDesktopWindow
GetSysColorBrush
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
GetIconInfo
CreateIconIndirect
DrawStateA
IsMenu
LoadIconA
LoadCursorA
SetCursor
KillTimer
SetTimer
GetMenuItemInfoA
GetSystemMetrics
SystemParametersInfoA
DrawIconEx
DestroyIcon
ScrollWindow

gdi32

SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
CreateRectRgnIndirect
GetCharWidthA
StretchDIBits
SetRectRgn
CombineRgn
CreateEllipticRgn
LPtoDP
GetTextMetricsA
GetRgnBox
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
SetTextAlign
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
EnumFontFamiliesA
DPtoLP
GetMapMode
AngleArc
CreateDCA
RoundRect
Polyline
GetCurrentObject
MoveToEx
LineTo
CreateBitmap
SetBkColor
SetTextColor
GetStockObject
Polygon
GetTextExtentPoint32W
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateDIBSection
SelectObject
DeleteObject
DeleteDC
GetTextExtentPoint32A
PatBlt
Ellipse
GetBkMode
GetDeviceCaps
CreateFontIndirectA
GetDIBColorTable
CreateHalftonePalette
CreatePalette
EnumFontFamiliesExA
GetPixel
Rectangle
GetTextColor
GetBkColor
GetObjectA
SetPixel
BitBlt
CreateCompatibleDC
SetROP2
SetBkMode
RestoreDC
CreateCompatibleBitmap
CreateFontA
CreateSolidBrush
CreatePen
SaveDC

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegEnumValueA
RegSetValueExA
RegSetValueA
RegOpenKeyA
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegCreateKeyA
GetFileSecurityA
SetFileSecurityA

shell32

Shell_NotifyIconA
SHGetPathFromIDListA
SHGetFileInfoA
DragQueryFileA
DragFinish
ShellExecuteExA
ShellExecuteA
SHGetSpecialFolderLocation
ExtractIconA

comctl32

_TrackMouseEvent

shlwapi

PathFindExtensionA
PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW
PathFindFileNameA

oledlg

ord8

ole32

CoTaskMemAlloc
CoUninitialize
CoCreateInstance
CoInitializeEx
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
CoTaskMemFree
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime
VariantChangeType
VariantClear
SysStringLen
SysFreeString
SysAllocStringByteLen
VariantInit
SysAllocStringLen
VariantCopy
SafeArrayDestroy
OleCreateFontIndirect
SysAllocString

ws2_32

WSAStartup
WSACleanup
closesocket
accept
socket
select
gethostbyname
htonl
htons
inet_addr
bind
WSAGetLastError
WSASetLastError
connect
sendto
recvfrom
WSAAsyncSelect
send
recv

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA
SetupDiGetClassDevsW

Sections

.text
Size: 2.0MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 378KB - Virtual size: 378KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

65a61d5424fa8b46909e567901ad8822

Headers

DLL Characteristics

File Characteristics

Imports

psapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

setupapi

Sections

.text Size: 2.0MB - Virtual size: 1.9MB

.rdata Size: 378KB - Virtual size: 378KB

.data Size: 79KB - Virtual size: 95KB

.rsrc Size: 2.2MB - Virtual size: 2.2MB

.text
Size: 2.0MB - Virtual size: 1.9MB

.rdata
Size: 378KB - Virtual size: 378KB

.data
Size: 79KB - Virtual size: 95KB

.rsrc
Size: 2.2MB - Virtual size: 2.2MB