44aedcd836bd1e6412768bc85c0b19f8411f8e06c0814044a79b5efe07d1b203

Sharing

Copy URL Twitter E-mail

General

Target

44aedcd836bd1e6412768bc85c0b19f8411f8e06c0814044a79b5efe07d1b203
Size

1.6MB
MD5

cfed935cecfe6f4049b8c4fd121330ad
SHA1

6ec28314b729084d4f17e5f2b5aa0c920c5472e8
SHA256

44aedcd836bd1e6412768bc85c0b19f8411f8e06c0814044a79b5efe07d1b203
SHA512

9a6285f7e97cdde403971a8a1f1173f016a26e7cd519dd9afe5e2feb1fd98bed0eae3bfa74988a8bd4029fe06fcc44f5de37774da3e3e655b037f00c59e70aa6
SSDEEP

49152:/g9Hf9TEzcjprF0pia+nYXAQXj9TMLwT:49Hf9LjlF0N+nYwQww

Score

N/A

Malware Config

Signatures

Files

44aedcd836bd1e6412768bc85c0b19f8411f8e06c0814044a79b5efe07d1b203
.exe windows x86

83c052b09ecbe6f7a96adc3d0381bdd9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToLocalFileTime
GetProcAddress
GlobalUnlock
FileTimeToSystemTime
GlobalLock
GetComputerNameW
GetFileSize
FindResourceExW
GetCurrentDirectoryW
CreateDirectoryW
GetPrivateProfileSectionW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileSectionNamesW
GetVersionExW
RemoveDirectoryW
DeleteCriticalSection
GetDiskFreeSpaceW
GlobalFree
EnterCriticalSection
MultiByteToWideChar
LeaveCriticalSection
Sleep
GlobalAlloc
InitializeCriticalSection
SystemTimeToFileTime
CreateMutexW
GetVolumeInformationW
VirtualAlloc
WideCharToMultiByte
VirtualFree
LoadLibraryW
FreeLibrary
CreateFileA
GetExitCodeProcess
SetFileAttributesW
GetDiskFreeSpaceExW
GetFileAttributesW
GetLogicalDriveStringsW
GetDriveTypeW
GetFileSizeEx
DeviceIoControl
GetTickCount
SetFilePointerEx
DeleteFileA
DeleteFileW
GetWindowsDirectoryW
lstrlenW
SetLastError
MulDiv
LocalFree
FormatMessageW
GetModuleHandleW
InterlockedIncrement
InterlockedDecrement
CompareStringW
lstrlenA
GetUserDefaultLCID
lstrcmpA
GetCurrentProcessId
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetVersionExA
lstrcmpW
LoadLibraryA
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
GetCurrentThreadId
FreeResource
GlobalFlags
SetFilePointer
FlushFileBuffers
SetEndOfFile
GetModuleHandleA
InterlockedExchange
GetLocaleInfoW
SetFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
HeapAlloc
ExitThread
CreateThread
GetSystemTimeAsFileTime
GetCPInfo
GetCommandLineA
GetStartupInfoA
HeapReAlloc
RtlUnwind
RaiseException
VirtualProtect
GetSystemInfo
VirtualQuery
HeapSize
ExitProcess
HeapCreate
HeapDestroy
GetStdHandle
GetACP
GetOEMCP
IsValidCodePage
SetHandleCount
GetFileType
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
InitializeCriticalSectionAndSpinCount
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetProcessHeap
InterlockedCompareExchange
CloseHandle
DosDateTimeToFileTime
DuplicateHandle
FindNextFileW
GetModuleFileNameA
CreatePipe
CreateEventW
LockResource
GetLocalTime
FindClose
GetLastError
CreateFileW
GetModuleFileNameW
ReadFile
TerminateProcess
SizeofResource
CopyFileW
WriteFile
WaitForSingleObject
GetCurrentProcess
CreateProcessW
LoadResource
FindResourceW
PeekNamedPipe
FindFirstFileW

user32

ValidateRect
GetCursorPos
TranslateMessage
GetMessageW
DestroyMenu
FillRect
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
BeginPaint
EndPaint
InvalidateRect
SetCursor
ReleaseCapture
SetRect
SetTimer
KillTimer
IsRectEmpty
SetCapture
RegisterClassExW
UpdateLayeredWindow
GetUpdateRect
wvsprintfW
CharNextW
DrawIconEx
CharPrevW
CreateCaret
HideCaret
ShowCaret
SetCaretPos
InvalidateRgn
CreateAcceleratorTableW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SetFocus
GetForegroundWindow
DispatchMessageW
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
LoadIconW
GetKeyState
SetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
GetDlgCtrlID
DefWindowProcW
CopyRect
PtInRect
GetMenu
SystemParametersInfoA
GetWindow
LoadCursorW
GetSystemMetrics
GetSysColor
GetSysColorBrush
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxW
GetWindowTextLengthW
UnhookWindowsHookEx
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
SetWindowTextW
IsWindow
RegisterWindowMessageW
WinHelpW
GetCapture
GetDC
InflateRect
OffsetRect
ReleaseDC
SetWindowRgn
IsIconic
SetForegroundWindow
IntersectRect
MonitorFromWindow
MapWindowPoints
GetMonitorInfoW
MoveWindow
CharLowerW
PostMessageW
ClientToScreen
ScreenToClient
PostQuitMessage
SetWindowsHookExW
CallNextHookEx
PeekMessageW
IsZoomed
GetClientRect
CharUpperW
GetWindowRect
GetParent
GetWindowLongW
GetWindowTextW
GetDlgItem
SetWindowLongW
EndDialog
SetWindowPos
CallWindowProcW
FindWindowW
ShowWindow
wsprintfW
SendMessageW
GetClassLongW
GetWindowPlacement

gdi32

Escape
TextOutW
RectVisible
PtVisible
CreatePen
CreateSolidBrush
CreateCompatibleBitmap
CreateRectRgnIndirect
CombineRgn
SelectClipRgn
MoveToEx
GetStockObject
GetTextMetricsW
Rectangle
CreateDIBSection
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetTextColor
SetBkColor
GetObjectW
CreateFontIndirectW
CreateCompatibleDC
BitBlt
ExtTextOutW
GetTextExtentPoint32W
SaveDC
RestoreDC
SetBkMode
SetStretchBltMode
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetClipBox
CreateBitmap
SetMapMode
GetObjectA
GetCharABCWidthsW
RoundRect
CreatePenIndirect
StretchBlt
CreateRoundRectRgn
DeleteObject
LineTo
GetDeviceCaps
SelectObject

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

GetUserNameW
RegCloseKey
RegOpenKeyA
RegSetValueExA
RegQueryValueExA
RegCreateKeyA

shell32

SHGetSpecialFolderPathW
ord165
ShellExecuteW
SHGetFileInfoW

ole32

CoTaskMemFree
CoInitialize
OleUninitialize
OleInitialize
CoUninitialize
CoCreateInstance
CoDisconnectObject
CLSIDFromString
CLSIDFromProgID
OleLockRunning

oleaut32

LoadRegTypeLi
DispInvoke
DispGetIDsOfNames
SysFreeString
SysAllocStringLen
SysAllocString
LoadTypeLi
VariantInit
SysStringLen
VariantClear
VariantCopy
VariantChangeType

shlwapi

PathIsDirectoryW
PathFileExistsW
PathRemoveFileSpecA
SHCreateStreamOnFileEx
PathIsDirectoryEmptyW
PathFindFileNameW
PathAppendW
PathFindExtensionW
PathRemoveFileSpecW

gdiplus

GdipSetTextRenderingHint
GdipCreateFromHDC
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipCreateLineBrushI
GdipDeleteFont
GdipDrawString
GdipDeleteStringFormat
GdipCreateStringFormat
GdipAlloc
GdipFree
GdipDeleteBrush
GdiplusShutdown
GdipCloneBrush
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipDeleteGraphics
GdiplusStartup

oleacc

LresultFromObject
CreateStdAccessibleObject

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

comctl32

_TrackMouseEvent
ord17

Sections

.text
Size: 669KB - Virtual size: 669KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 715KB - Virtual size: 714KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

83c052b09ecbe6f7a96adc3d0381bdd9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

gdiplus

oleacc

winspool.drv

comctl32

Sections

.text Size: 669KB - Virtual size: 669KB

.rdata Size: 139KB - Virtual size: 138KB

.data Size: 15KB - Virtual size: 34KB

.rsrc Size: 715KB - Virtual size: 714KB

.reloc Size: 65KB - Virtual size: 65KB

.text
Size: 669KB - Virtual size: 669KB

.rdata
Size: 139KB - Virtual size: 138KB

.data
Size: 15KB - Virtual size: 34KB

.rsrc
Size: 715KB - Virtual size: 714KB

.reloc
Size: 65KB - Virtual size: 65KB