b56d3d7cf72876aece189ab2d5f3ea8eab713d88becbb7f68e8a95c2050b09bf

Sharing

Copy URL Twitter E-mail

General

Target

b56d3d7cf72876aece189ab2d5f3ea8eab713d88becbb7f68e8a95c2050b09bf
Size

1.6MB
MD5

3f330a24aa756809939a0b8b13d2ba58
SHA1

11864228d849b77b815695e5fce4b06c4d8f7047
SHA256

b56d3d7cf72876aece189ab2d5f3ea8eab713d88becbb7f68e8a95c2050b09bf
SHA512

83099ad6fa2a7e9ae1b0d63f661b48c37a2a5b5b1e1f6b34fc3ac2b660a8095d86ff5639386301ffd93468645cee995e8cda2bde37d81b04773cddfb3a1f6919
SSDEEP

24576:PsIIlOF9HZi4krB3XyAlp8wHxHd1DxBLHeunmZEsQY8t/9t:PnIAbsnjrJeunm98tFt

Score

N/A

Malware Config

Signatures

Files

b56d3d7cf72876aece189ab2d5f3ea8eab713d88becbb7f68e8a95c2050b09bf
.exe windows x86

ae98d0d4c46ecd9e2883414cd87954a1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipCreateBitmapFromScan0
GdipGetImagePixelFormat
GdipCreateBitmapFromStream
GdipCreateBitmapFromHICON
GdipGetImageGraphicsContext
GdipSetStringFormatAlign
GdipCreateFontFromLogfontA
GdipDrawRectangleI
GdipDrawLineI
GdipCreatePen2
GdipFillPolygonI
GdipFillRectangleI
GdipCreateFontFromDC
GdipDeleteStringFormat
GdipCreatePen1
GdipCreateStringFormat
GdipSetSolidFillColor
GdipDrawString
GdipDrawLinesI
GdipDeleteFont
GdipSetStringFormatLineAlign
GdipDeletePen
GdipGetImageFlags
GdipCloneImage
GdipDeleteRegion
GdipCreateBitmapFromFile
GdipDisposeImage
GdipAlloc
GdipCreateSolidFill
GdipCreateRegionHrgn
GdipFillRegion
GdipCloneBrush
GdipCreateLineBrushFromRectI
GdipFree
GdipDeleteBrush
GdipCreateHICONFromBitmap
GdipFillRectangle
GdiplusStartup
GdiplusShutdown
GdipGetImageWidth
GdipCreateFromHDC
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipDeleteGraphics
GdipDrawImageRectRectI
GdipGetImageHeight
GdipDrawImageRectRect
GdipSetImageAttributesColorMatrix

comctl32

_TrackMouseEvent
InitCommonControlsEx

kernel32

RemoveDirectoryW
SetFileAttributesW
FlushFileBuffers
InitializeCriticalSection
FreeResource
GetConsoleCP
OutputDebugStringW
SetFilePointer
ReadConsoleW
GetConsoleMode
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetFileType
GetTimeZoneInformation
HeapReAlloc
GetStdHandle
HeapSize
AreFileApisANSI
GetModuleHandleExW
ExitProcess
GetOEMCP
IsValidCodePage
EnumSystemLocalesW
GetUserDefaultLCID
GetUserDefaultLangID
GetLocaleInfoW
LCMapStringW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
UnhandledExceptionFilter
GetCPInfo
RtlUnwind
GetCommandLineW
ExitThread
CreateThread
IsDebuggerPresent
GetSystemTimeAsFileTime
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
InterlockedCompareExchange
GetProcessHeap
HeapFree
HeapAlloc
DecodePointer
EncodePointer
GetStringTypeW
MoveFileExW
CreateIoCompletionPort
PostQueuedCompletionStatus
GetTickCount
GetQueuedCompletionStatus
SetFileTime
FileTimeToSystemTime
SystemTimeToFileTime
WideCharToMultiByte
WaitForSingleObject
GetCurrentProcessId
CloseHandle
DeleteCriticalSection
GetLocalTime
GetLastError
MultiByteToWideChar
CreateFileW
GetModuleFileNameW
SizeofResource
LoadLibraryW
CreateDirectoryW
InterlockedDecrement
InterlockedIncrement
LoadLibraryExW
SetUnhandledExceptionFilter
LoadResource
FreeLibrary
FindResourceW
GlobalFree
GlobalUnlock
GlobalAlloc
GlobalLock
GetFileTime
Sleep
WriteFile
SetFilePointerEx
FindNextFileW
FindClose
FindFirstFileW
GetFullPathNameW
lstrcmpiW
GetProcAddress
CompareStringW
GetModuleHandleW
lstrlenW
GetACP
GetCurrentThreadId
EnterCriticalSection
SetLastError
RaiseException
FlushInstructionCache
LeaveCriticalSection
GetVersionExW
GetCurrentProcess
DeleteFileW
GetFileSizeEx
ReadFile
InitializeCriticalSectionAndSpinCount
SetStdHandle
WriteConsoleW
SetEnvironmentVariableA
SetEndOfFile
SetThreadPriority
IsValidLocale

user32

RedrawWindow
SendDlgItemMessageW
IsDlgButtonChecked
CreateDialogParamW
CheckRadioButton
IsWindowVisible
GetDlgItemTextW
SetDlgItemTextW
GetMessageW
LoadImageW
TranslateMessage
DispatchMessageW
CloseClipboard
EmptyClipboard
OpenClipboard
SetClipboardData
PeekMessageW
GetClassInfoExW
RegisterClassExW
SetParent
DestroyWindow
SetCursor
ScreenToClient
CharNextW
LoadCursorW
SetFocus
SetRectEmpty
GetCapture
SendMessageW
GetDlgItem
GetClassNameW
GetWindow
DefWindowProcW
GetMonitorInfoW
DestroyIcon
MapWindowPoints
GetSystemMetrics
MonitorFromPoint
GetWindowRgn
UnregisterClassW
IsIconic
ReleaseCapture
PostThreadMessageW
GetKeyState
FlashWindow
SetForegroundWindow
MoveWindow
DrawFocusRect
OffsetRect
SetWindowPos
EndDialog
SetWindowLongW
MonitorFromWindow
ReleaseDC
SetClassLongW
GetWindowLongW
SetRect
GetAsyncKeyState
PtInRect
GetClassLongW
GetClientRect
IsWindowEnabled
GetParent
DrawIconEx
IsZoomed
DrawTextW
PostMessageW
SetCapture
FillRect
GetWindowDC
GetWindowRect
SetWindowRgn
GetWindowTextLengthW
ClientToScreen
EnableWindow
MessageBoxW
GetActiveWindow
GetWindowTextW
CopyRect
CallWindowProcW
IsWindow
SetWindowTextW
FrameRect
ShowWindow
EnumChildWindows
GetSysColor
InvalidateRect
IsDialogMessageW
InflateRect
GetDC
GetUpdateRect
BeginPaint
DialogBoxParamW
GetFocus
EndPaint
KillTimer
SetTimer
UpdateWindow
GetCursorPos
GetDlgCtrlID
CreateWindowExW
SystemParametersInfoW

gdi32

StretchBlt
GetObjectW
CreateFontIndirectW
SetStretchBltMode
GetTextExtentPoint32W
PtInRegion
ExcludeClipRect
FillRgn
Ellipse
GetBkColor
Polygon
GetObjectA
GetBitmapDimensionEx
CreateDIBSection
SaveDC
CreatePen
CreateSolidBrush
CreateRectRgn
CreateRoundRectRgn
ExtTextOutW
CreateCompatibleBitmap
CombineRgn
CreateCompatibleDC
SelectClipRgn
SelectObject
DeleteObject
SetBkMode
SetBkColor
DeleteDC
SetTextColor
SetViewportOrgEx
FrameRgn
GetViewportOrgEx
BitBlt
RestoreDC
CreateBrushIndirect
RoundRect
GetStockObject

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegQueryValueExW
CryptGenRandom
CryptReleaseContext
CryptAcquireContextA
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
InitializeSecurityDescriptor
RegQueryInfoKeyW

shell32

ShellExecuteW
SHGetFolderPathW

ole32

CreateStreamOnHGlobal
CoCreateGuid
CoTaskMemAlloc
CoTaskMemFree
CoInitialize
CoTaskMemRealloc
CoUninitialize
CoCreateInstance

oleaut32

VarUI4FromStr

dbghelp

MiniDumpWriteDump

shlwapi

PathFileExistsW
PathIsDirectoryW

msimg32

GradientFill

winmm

timeEndPeriod
timeBeginPeriod

ws2_32

socket
setsockopt
WSAGetLastError
WSASend
WSARecv
connect
select
getaddrinfo
freeaddrinfo
WSAStartup
WSACleanup
htonl
htons
ntohs
ntohl
inet_addr
__WSAFDIsSet
ioctlsocket
closesocket

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 208KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 141KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae98d0d4c46ecd9e2883414cd87954a1

Headers

DLL Characteristics

File Characteristics

Imports

gdiplus

comctl32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

dbghelp

shlwapi

msimg32

winmm

ws2_32

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 208KB - Virtual size: 208KB

.data Size: 42KB - Virtual size: 86KB

.rsrc Size: 141KB - Virtual size: 141KB

.reloc Size: 147KB - Virtual size: 146KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 208KB - Virtual size: 208KB

.data
Size: 42KB - Virtual size: 86KB

.rsrc
Size: 141KB - Virtual size: 141KB

.reloc
Size: 147KB - Virtual size: 146KB