d01517b7b7eecde3f27642c93cb4d45b29acd406d1ea17ced000cad74465f71e

Sharing

Copy URL Twitter E-mail

General

Target

d01517b7b7eecde3f27642c93cb4d45b29acd406d1ea17ced000cad74465f71e
Size

87KB
MD5

0db7da4e3489ba8a2ddfb128422daee2
SHA1

a51f4a98cf850f3d44756f4fd20bf39ca3bedbc2
SHA256

d01517b7b7eecde3f27642c93cb4d45b29acd406d1ea17ced000cad74465f71e
SHA512

0b84a08c1c0d6bbd4360a35f063001809158958d0d89118a41215fe3bb8c6450a54c958a02f7355396595b0dc6d3d22eccd952f12fe49dd091229506ea2eb66a
SSDEEP

1536:epwFgmlGyFhb49Jg6d4FwDHB16Y7PoyNJefki0kwF7l6JZarxFnn5PYjGHs+Y2qj:eCFplG2h09JgRFCHB16YToyCfkik5V1h

Score

N/A

Malware Config

Signatures

Files

d01517b7b7eecde3f27642c93cb4d45b29acd406d1ea17ced000cad74465f71e
.exe windows x86

67a1eef65d48da460784869da3e5b2a4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetClassLongW
DdeConnectList
KillTimer
IsDialogMessageW
GetCapture
LoadCursorA
SetWindowWord
CreateDialogParamA
GetCursor
MessageBoxExW
SetFocus
SetCursorPos
DefFrameProcA
GetDlgItemInt
SetDeskWallpaper
SubtractRect
GetMenuContextHelpId
TranslateMessage
GetQueueStatus
CharLowerA
SetMenuInfo
CreateIconFromResourceEx
RemovePropW
SetParent
GetComboBoxInfo
DragObject
CreateWindowStationW
BeginPaint
LoadStringA
SetCapture
IsWindowVisible
GetTabbedTextExtentW
DrawMenuBar
BroadcastSystemMessage
CreateWindowStationA
GetMenuItemInfoA
BringWindowToTop
ShowWindowAsync
CloseWindow
GetClassWord
DdeGetData
DrawFocusRect
ChangeClipboardChain
GetClipboardFormatNameW
DefWindowProcW
RegisterClassW
GetKeyboardLayoutNameW
ImpersonateDdeClientWindow
IsCharLowerA
DdeAbandonTransaction
SetWindowTextA
CallNextHookEx
LoadBitmapW
ModifyMenuW
GetKeyboardLayoutList
ChangeDisplaySettingsA
SwitchDesktop
DdeSetUserHandle
CreateIcon
GetScrollInfo
GetClipCursor
CreateDesktopA
GetClassNameA
VkKeyScanExA
CharPrevExA
GetClipboardOwner
GetMenuItemID
GetClassLongA
ChangeDisplaySettingsW
EndPaint
GetWindowTextA
RealChildWindowFromPoint
SetWindowsHookA
SetDebugErrorLevel
GetMessageTime
EnumPropsW
EqualRect
CopyImage
ReuseDDElParam
DrawEdge
GetMenuStringA
SetClassLongA
ChildWindowFromPointEx
CheckMenuItem
SendMessageCallbackA
GetDlgItemTextW
BroadcastSystemMessageW
GetWindowTextLengthA
TranslateAcceleratorW
CharLowerBuffA
GetSystemMenu
GetSysColor
GetMenuDefaultItem
VkKeyScanExW
CharUpperA
SetMenuItemInfoA
CloseDesktop
EnableScrollBar
ToAscii
UnregisterHotKey
GetMenu
GetParent
LockWindowUpdate
RegisterClassExW
GetKBCodePage
GetWindowTextW
IsZoomed
PostThreadMessageW
EnumDisplaySettingsW
SendMessageCallbackW
CreateWindowExW
SetMessageExtraInfo
GetInputDesktop
DispatchMessageW
DefDlgProcW
DdeGetLastError
CharUpperW
IsCharAlphaNumericA
SetForegroundWindow
CharToOemW
GetScrollPos
CharToOemBuffA
EnumDesktopsW
GetUpdateRect
ValidateRgn
TileWindows
ReplyMessage
GetGuiResources
DefFrameProcW
FindWindowExA
LoadCursorFromFileW
BeginDeferWindowPos
PeekMessageW
InsertMenuW
GetDoubleClickTime
WinHelpW
DlgDirListComboBoxW
CreateAcceleratorTableA
GetAsyncKeyState
DdeImpersonateClient
SetProcessDefaultLayout
GetWindowRgn
VkKeyScanA
LoadMenuA
ShowCursor

advapi32

RegQueryInfoKeyW
CreatePrivateObjectSecurity
OpenServiceW
CryptSetProviderW
ObjectDeleteAuditAlarmW
GetTokenInformation
BuildSecurityDescriptorW
GetServiceKeyNameW
CryptSetKeyParam
PrivilegeCheck
MapGenericMask
LogonUserA
GetSidSubAuthority
OpenEventLogW
GetSidIdentifierAuthority
StartServiceW
GetSecurityInfoExA
LookupPrivilegeNameW
RegGetKeySecurity
SetSecurityInfoExA
QueryServiceObjectSecurity
RegOpenKeyA
BuildSecurityDescriptorA
DeregisterEventSource
CryptSetProviderExA
GetAccessPermissionsForObjectA
SetSecurityDescriptorGroup
BuildImpersonateTrusteeA
GetSecurityInfoExW
GetAclInformation
RegEnumKeyExA
ReadEventLogA
LookupSecurityDescriptorPartsW
CryptDestroyKey
FindFirstFreeAce
GetSecurityDescriptorLength
InitializeAcl
IsValidSid
LookupPrivilegeDisplayNameA
CloseServiceHandle
RegisterEventSourceW
RegOpenKeyW
RegSetValueExW
OpenBackupEventLogW
GetMultipleTrusteeA
CancelOverlappedAccess
GetFileSecurityA
ImpersonateLoggedOnUser
CryptGetDefaultProviderW
RegQueryValueExW
ClearEventLogW
RegisterEventSourceA
GetUserNameA
SetNamedSecurityInfoW
SetThreadToken
CryptGenKey
CryptContextAddRef
GetSecurityInfo
CryptVerifySignatureA
SetKernelObjectSecurity
SetEntriesInAccessListW
ObjectPrivilegeAuditAlarmA
ReadEventLogW
InitializeSid
IsValidAcl
GetNamedSecurityInfoExA
GetFileSecurityW
GetTrusteeNameA
GetSecurityDescriptorDacl
GetEffectiveRightsFromAclW
RegSaveKeyA
GetLengthSid
GetServiceDisplayNameW
GetServiceKeyNameA
CryptHashData
GetCurrentHwProfileA
NotifyBootConfigStatus
ClearEventLogA
SetNamedSecurityInfoExA
OpenSCManagerA
RegRestoreKeyW
MakeSelfRelativeSD
BuildImpersonateExplicitAccessWithNameW
GetTrusteeNameW
GetExplicitEntriesFromAclA
RegLoadKeyA
DuplicateToken
GetMultipleTrusteeW
SetSecurityInfoExW
ConvertAccessToSecurityDescriptorA
AdjustTokenPrivileges
LookupAccountNameA
EqualSid
GetAuditedPermissionsFromAclA
LookupPrivilegeValueA
RegCloseKey
RegCreateKeyA
BuildTrusteeWithSidA
RegQueryValueExA
BuildTrusteeWithNameA
AllocateAndInitializeSid
AddAccessAllowedAce
CryptImportKey
RegEnumKeyA
CloseEventLog
GetUserNameW

kernel32

GetTempFileNameA
OpenEventA
GlobalFix
lstrcpyW
VirtualProtect
GetTempFileNameW
GlobalAddAtomW
GetProcessHeaps
EndUpdateResourceA
OutputDebugStringW
DisconnectNamedPipe
WriteProcessMemory
Process32Next
SetCommMask
FindResourceW
CreateNamedPipeA
GetPrivateProfileIntW
GetConsoleTitleW
GetSystemTime
EnumResourceLanguagesA
GetProfileStringW
GetBinaryTypeA
SetStdHandle
WriteConsoleOutputAttribute
BuildCommDCBW
SetProcessWorkingSetSize
GlobalReAlloc
FindCloseChangeNotification
FreeLibraryAndExitThread
VirtualAlloc
IsBadHugeWritePtr
EnumCalendarInfoW
GetTempPathW
lstrcmp
SetThreadPriorityBoost
IsBadWritePtr
GetProcessAffinityMask
MapViewOfFileEx
WriteConsoleOutputCharacterW
CreateConsoleScreenBuffer
RtlFillMemory
GetNamedPipeHandleStateA
EnumTimeFormatsA
CreateProcessA
lstrcpyA
GlobalLock
HeapWalk
GetTimeFormatW
EraseTape
GetSystemInfo
FileTimeToLocalFileTime
GetStringTypeW
GetShortPathNameA
FindFirstChangeNotificationA
lstrcmpA
Heap32ListFirst
SetHandleCount
SetComputerNameA
CreateSemaphoreW
CopyFileA
GetTimeFormatA
GetCurrentThreadId
FatalAppExitW
HeapLock
IsBadStringPtrW
LocalAlloc
GetEnvironmentVariableW
GetVersionExW
SwitchToFiber
GetConsoleTitleA
GetAtomNameW
ClearCommError
GetSystemDefaultLangID
TlsAlloc
DosDateTimeToFileTime
HeapUnlock
SetCommConfig
lstrcatW
Heap32ListNext
OpenSemaphoreA
SetConsoleActiveScreenBuffer
VirtualProtectEx
CopyFileW
EnumCalendarInfoExA
GetPrivateProfileStringA
GetFileType
GlobalFlags
GlobalMemoryStatus
GetLongPathNameA
GetProfileSectionA
DeleteFileA
ExitProcess
GetTempPathA
OpenFileMappingA
GetSystemTimeAdjustment
ConnectNamedPipe
EscapeCommFunction
GetThreadLocale
ContinueDebugEvent
EnumResourceNamesA
GetShortPathNameW
GetStartupInfoA
InitAtomTable
LocalShrink
CreateDirectoryW
GetOEMCP
PeekNamedPipe
FindResourceExA
GetTapeParameters
Heap32First
GetPriorityClass
FreeLibrary
EnumSystemCodePagesW
EnumTimeFormatsW
WritePrivateProfileSectionA
ReadFile
ReadProcessMemory
OpenSemaphoreW
QueryPerformanceFrequency
GetLocaleInfoA
GetCurrentProcess
GetNumberOfConsoleInputEvents
LCMapStringA
IsBadHugeReadPtr
GetComputerNameW

shlwapi

UrlGetLocationA
StrPBrkW
PathIsSameRootA
SHRegWriteUSValueA
PathIsUNCA
PathSetDlgItemPathA
SHRegQueryInfoUSKeyW
PathBuildRootW
SHCreateStreamOnFileA
SHRegQueryInfoUSKeyA
UrlCanonicalizeA
PathGetCharTypeA
PathUndecorateA
SHRegQueryUSValueA
PathRemoveArgsW
PathRemoveBlanksW
PathIsFileSpecA
PathIsUNCServerShareA
PathFileExistsW
SHQueryValueExA
AssocQueryKeyW
StrDupA
PathAddBackslashA
StrRChrIA
PathQuoteSpacesA
PathSearchAndQualifyW
PathFindExtensionW
PathGetDriveNumberA
PathParseIconLocationA
SHRegEnumUSKeyA
PathGetArgsW
SHRegSetUSValueA
SHRegDeleteEmptyUSKeyA
StrCSpnIW
PathSkipRootA
PathIsSameRootW
StrChrA
PathAppendA
PathIsSystemFolderW
PathCanonicalizeW
PathStripPathA
PathBuildRootA
PathIsLFNFileSpecW
SHSetValueW
PathIsDirectoryEmptyW
PathFindExtensionA
PathStripToRootW
PathMakeSystemFolderA
PathMatchSpecA
SHDeleteKeyW
SHEnumKeyExA
StrRChrW
SHDeleteEmptyKeyW
StrStrIA
PathCompactPathW
UrlHashW
SHRegGetUSValueA
PathIsContentTypeW
PathFindNextComponentA
SHRegEnumUSValueA
SHOpenRegStream2A
PathUnmakeSystemFolderW
PathRenameExtensionA
PathIsNetworkPathA
PathStripToRootA
PathIsFileSpecW
ChrCmpIW
StrToIntW
StrChrIW
AssocQueryStringByKeyW
UrlIsOpaqueA
StrIsIntlEqualW
PathUnmakeSystemFolderA
PathParseIconLocationW
UrlEscapeA
StrFromTimeIntervalA
StrCmpIW
PathFindFileNameW
SHRegDeleteEmptyUSKeyW
UrlCompareA
wvnsprintfA
SHCopyKeyA
SHRegEnumUSKeyW
PathCommonPrefixA
PathRemoveFileSpecW
StrPBrkA
UrlApplySchemeA
UrlCompareW
StrCmpNA
UrlCreateFromPathW
PathRemoveExtensionW
UrlUnescapeW
StrDupW
UrlIsW
SHSetThreadRef
SHCreateShellPalette
PathCombineW
HashData
PathAddExtensionW
PathRemoveFileSpecA

ole32

StringFromGUID2
WriteClassStg
StgOpenStorageOnILockBytes
OleFlushClipboard
OleLoad
OleNoteObjectVisible
CoFreeUnusedLibraries
CoCreateGuid
OleLockRunning
CreateGenericComposite
OleSetContainedObject
CreateFileMoniker
StgCreateDocfile
GetHGlobalFromStream
CoRevokeClassObject
ProgIDFromCLSID
OleQueryCreateFromData
CoLoadLibrary
OpenOrCreateStream
OleSaveToStream
CreateILockBytesOnHGlobal
DllDebugObjectRPCHook
CoGetStandardMarshal
StringFromCLSID
StgOpenAsyncDocfileOnIFillLockBytes
OleCreateLinkFromData
OleCreateDefaultHandler
CoRegisterClassObject
CoFileTimeToDosDateTime
CoGetMarshalSizeMax
OleGetClipboard
IIDFromString
IsAccelerator
CoGetCallerTID
SetDocumentBitStg
ReleaseStgMedium
CoIsOle1Class
OleCreateEx
FreePropVariantArray
CreateAntiMoniker
OleIsCurrentClipboard
WriteOleStg
OleBuildVersion
CoRegisterChannelHook
BindMoniker
StgOpenStorage
CreateOleAdviseHolder
UtConvertDvtd32toDvtd16
ReadStringStream
CoGetMalloc
OleSetClipboard
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
CoResumeClassObjects
CreateClassMoniker
CoGetInstanceFromIStorage
OleLoadFromStream
CoCopyProxy
OleConvertOLESTREAMToIStorage
CreatePointerMoniker
StgOpenStorageEx
CoGetCurrentProcess
CoQueryAuthenticationServices
OleSetAutoConvert
OleIsRunning
IsEqualGUID
MonikerCommonPrefixWith
CoInitializeEx
CLSIDFromProgID
CoRegisterPSClsid
CoRegisterSurrogate
CoFreeAllLibraries
CoBuildVersion
OleRegEnumVerbs
CoGetCallContext
UtGetDvtd16Info
CoGetClassObject
CoLockObjectExternal
CoReleaseMarshalData
OleCreateFromFileEx
OleGetAutoConvert
GetHGlobalFromILockBytes
OleDoAutoConvert
UtGetDvtd32Info
CoGetPSClsid
CoQueryProxyBlanket
WriteClassStm
CoTaskMemAlloc
CoIsHandlerConnected
CoInitialize
CoMarshalHresult
OleSetMenuDescriptor
OleCreateLinkToFile
CoInitializeSecurity
CoImpersonateClient
GetConvertStg
CoUnmarshalHresult
CoTaskMemFree
UpdateDCOMSettings
OleGetIconOfClass
WriteFmtUserTypeStg
GetClassFile
OleCreateLink
CoMarshalInterThreadInterfaceInStream
PropVariantCopy
CoGetInterfaceAndReleaseStream
ReadFmtUserTypeStg
CoMarshalInterface
RegisterDragDrop
CoGetTreatAsClass

Sections

.text
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

67a1eef65d48da460784869da3e5b2a4

Headers

DLL Characteristics

File Characteristics

Imports

user32

advapi32

kernel32

shlwapi

ole32

Sections

.text Size: 69KB - Virtual size: 68KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 512B - Virtual size: 228B

.text
Size: 69KB - Virtual size: 68KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 512B - Virtual size: 228B