68832cbc0c1bcba40fa1a6c97fcb6a4f621a21952cb07428e2e520077d5e420a

Sharing

Copy URL Twitter E-mail

General

Target

68832cbc0c1bcba40fa1a6c97fcb6a4f621a21952cb07428e2e520077d5e420a
Size

632KB
MD5

1237e2f8ca090448abc172aa287471f0
SHA1

32051b0e4d083c663461856e6b5886c701b23096
SHA256

68832cbc0c1bcba40fa1a6c97fcb6a4f621a21952cb07428e2e520077d5e420a
SHA512

204c2c5b6ef0b5d5d0ee9d31164f648bbde5900fb69eb3ea5d8fea1922cad5772f337c407740e1b63ab8a943c06318f6d46848d6149771d4d120c7a8152771ac
SSDEEP

12288:UCm9cF1znWpgnKv2EyOvjkM/SPVyH9ImSyQktlhHZCcpn47nKIWcGwHEgRyqGL+L:UCmogjL5Cc2hPoDvBclPlwnRK0k+SD

Score

N/A

Malware Config

Signatures

Files

68832cbc0c1bcba40fa1a6c97fcb6a4f621a21952cb07428e2e520077d5e420a
.exe windows x86

fc0000bc8adbc1e89ee89437dd2dc8e3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

NdrServerCall
RpcMgmtStopServerListening
RpcServerUnregisterIf
RpcServerUseProtseqEpA
RpcServerRegisterIf
RpcServerListen

wintrust

WinVerifyTrust

kernel32

WritePrivateProfileStringA
GlobalFlags
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileA
GetVolumeInformationA
GetCPInfo
GetOEMCP
SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesA
GetFileTime
GetTickCount
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
RtlUnwind
HeapAlloc
HeapFree
HeapReAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetProcessHeap
GetStartupInfoA
ExitThread
CreateThread
GetTimeFormatA
GetDateFormatA
ExitProcess
HeapSize
VirtualFree
HeapDestroy
HeapCreate
GetACP
IsValidCodePage
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
SetEnvironmentVariableA
SetConsoleMode
ReadConsoleInputA
FileTimeToSystemTime
GetThreadLocale
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
InterlockedDecrement
GetModuleFileNameW
FreeResource
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetVersionExA
GetCurrentProcessId
GlobalAddAtomA
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
LoadLibraryA
lstrcmpA
FreeLibrary
GetModuleHandleA
GetProcAddress
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
LocalFree
MulDiv
ExpandEnvironmentStringsA
GetStdHandle
WaitForMultipleObjects
GetLocalTime
GetFullPathNameA
DeleteFileA
GetModuleFileNameA
GetTempPathA
GetTempFileNameA
GetDiskFreeSpaceExA
Sleep
OutputDebugStringA
SetEvent
CloseHandle
CreateEventA
WaitForSingleObject
ResetEvent
lstrlenA
CompareStringW
CompareStringA
GetVersion
MultiByteToWideChar
InterlockedExchange
GetCurrentDirectoryA
CreateFileA
GetFileSize
ReadFile
GetLastError
FormatMessageA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetFileInformationByHandle
PeekNamedPipe
GetCommandLineA
CreateFileW

user32

RegisterClipboardFormatA
PostThreadMessageA
CharNextA
DestroyMenu
ReleaseCapture
SetCapture
LoadCursorA
GetSysColorBrush
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetDesktopWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
ReleaseDC
GetDC
SetWindowContextHelpId
MapDialogRect
RegisterWindowMessageA
WinHelpA
IsChild
GetCapture
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
SetActiveWindow
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
SetForegroundWindow
UpdateWindow
GetMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
EqualRect
CopyRect
PtInRect
DefWindowProcA
CallWindowProcA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
SetWindowPos
SetFocus
ShowWindow
MoveWindow
SetWindowLongA
GetDlgCtrlID
IsWindow
SetWindowTextA
CharUpperA
IsDialogMessageA
SendDlgItemMessageA
GetDlgItem
GetWindow
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
UnregisterClassA
MessageBeep
GetNextDlgGroupItem
IsWindowEnabled
MessageBoxA
InvalidateRgn
InvalidateRect
SetRect
IsRectEmpty
MapWindowPoints
CopyAcceleratorTableA
DrawIcon
SendMessageA
PostMessageA
IsIconic
GetWindowRect
GetClientRect
EnableWindow
LoadIconA
GetSystemMetrics
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
PostQuitMessage
CheckMenuItem
EnableMenuItem
ModifyMenuA
GetParent
GetFocus
LoadBitmapA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
GetCursorPos
PeekMessageA
GetKeyState
IsWindowVisible
GetActiveWindow
DispatchMessageA
TranslateMessage
GetMessageA
SetCursor
SetWindowsHookExA
CallNextHookEx
GetClassLongA

gdi32

ExtSelectClipRgn
DeleteDC
GetStockObject
GetBkColor
GetTextColor
GetRgnBox
GetMapMode
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetTextColor
SetViewportExtEx
OffsetViewportOrgEx
GetClipBox
CreateBitmap
GetDeviceCaps
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject
SetMapMode
RestoreDC
SaveDC
CreateRectRgnIndirect
GetObjectA
SetBkColor
SetViewportOrgEx

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegOpenKeyA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA

shell32

ShellExecuteA
ShellExecuteExA

comctl32

ord17

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

OleIsCurrentClipboard
CoTaskMemAlloc
CLSIDFromProgID
CoTaskMemFree
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
OleFlushClipboard
CoRegisterMessageFilter
CoRevokeClassObject
CLSIDFromString

oleaut32

SysFreeString
SysAllocStringByteLen
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SysAllocString
SysStringLen

ws2_32

WSACreateEvent
WSAEventSelect
WSAEnumNetworkEvents
bind
listen
gethostbyaddr
getsockname
accept
socket
connect
getsockopt
ioctlsocket
recv
send
__WSAFDIsSet
closesocket
htons
ntohs
select
inet_addr
ntohl
gethostbyname
htonl
inet_ntoa
WSACleanup
WSAStartup

Sections

.text
Size: 460KB - Virtual size: 456KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lea
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fc0000bc8adbc1e89ee89437dd2dc8e3

Headers

File Characteristics

Imports

rpcrt4

wintrust

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

Sections

.text Size: 460KB - Virtual size: 456KB

.rdata Size: 92KB - Virtual size: 90KB

.data Size: 20KB - Virtual size: 33KB

.rsrc Size: 36KB - Virtual size: 32KB

.lea Size: 20KB - Virtual size: 20KB

.text
Size: 460KB - Virtual size: 456KB

.rdata
Size: 92KB - Virtual size: 90KB

.data
Size: 20KB - Virtual size: 33KB

.rsrc
Size: 36KB - Virtual size: 32KB

.lea
Size: 20KB - Virtual size: 20KB