9403504c935b144576432ec5a2e91c454dfa04b50b3c4c33cbe6e10cd433a2b9

Sharing

Copy URL Twitter E-mail

General

Target

9403504c935b144576432ec5a2e91c454dfa04b50b3c4c33cbe6e10cd433a2b9
Size

2.4MB
MD5

c23d7ad7adc921674373b13b7a967158
SHA1

b5000df1ccb800dfb17131be36d49edb979d0cad
SHA256

9403504c935b144576432ec5a2e91c454dfa04b50b3c4c33cbe6e10cd433a2b9
SHA512

42b582a138ae62ad6f79a8170f65323dd2d5339cddcef4a3a326862916a24dae9f9c530364c04ed8502bb371af854194a2a3e7dd01dad5208c96c42f091d9590
SSDEEP

49152:sz5If4v9YVoFcc1Mtgudsgsp777ZsxptzZLr/U0zf7pTi:sz6QOg17ZsBzZv8

Score

N/A

Malware Config

Signatures

Files

9403504c935b144576432ec5a2e91c454dfa04b50b3c4c33cbe6e10cd433a2b9
.exe windows x86

a773d82d892146598a04906c11062c9f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocalTime
MoveFileW
CreateThread
GetPrivateProfileSectionNamesW
GetPrivateProfileSectionW
lstrcmpW
GetFileAttributesW
MapViewOfFile
CreateFileMappingW
UnmapViewOfFile
TerminateProcess
CreateProcessW
VerifyVersionInfoW
VerSetConditionMask
GetVersionExW
GetCurrentThread
CreateMutexW
ReleaseMutex
OpenFileMappingW
CreateDirectoryW
lstrlenA
OpenEventW
GetModuleHandleW
GetExitCodeProcess
ProcessIdToSessionId
GetCurrentProcessId
RemoveDirectoryW
FindClose
FindNextFileW
FindFirstFileW
GetCurrentDirectoryW
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetFileInformationByHandle
GetTickCount
DeleteCriticalSection
TerminateThread
InitializeCriticalSectionAndSpinCount
WaitForMultipleObjects
PeekNamedPipe
SystemTimeToFileTime
FileTimeToSystemTime
GetFileSize
CompareStringW
CompareStringA
FlushFileBuffers
GetLocaleInfoA
IsBadCodePtr
IsBadReadPtr
GetCPInfo
GetOEMCP
GetACP
GetFileAttributesA
SetConsoleCtrlHandler
GetCurrentThreadId
QueryPerformanceCounter
SetStdHandle
SetEndOfFile
SetHandleCount
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetModuleFileNameA
GetStdHandle
HeapSize
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
InterlockedExchange
SetUnhandledExceptionFilter
GetTimeZoneInformation
IsBadWritePtr
HeapCreate
HeapDestroy
ExitProcess
GetFileType
GetVersionExA
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
VirtualQuery
VirtualProtect
RaiseException
RtlUnwind
GetSystemTimeAsFileTime
CreateFileA
LoadLibraryA
GetModuleFileNameW
GetCurrentProcess
VirtualAlloc
VirtualFree
GetSystemInfo
SetFileAttributesW
Sleep
GetComputerNameW
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapReAlloc
GetEnvironmentVariableW
SetFilePointer
WaitForSingleObject
ResetEvent
CreateEventW
SetEvent
WritePrivateProfileStringW
WriteFile
GetPrivateProfileIntW
GetPrivateProfileStringW
CreateFileW
ReadFile
CloseHandle
GetAtomNameW
DeleteAtom
AddAtomW
DeleteFileA
FindResourceW
LoadResource
LockResource
FreeResource
MultiByteToWideChar
FreeLibrary
SearchPathW
GetProcAddress
OutputDebugStringW
OutputDebugStringA
GetLastError
SetLastError
GlobalAlloc
GlobalFree
lstrcmpiW
GetProcessHeap
HeapAlloc
HeapFree
DeleteFileW
MulDiv
LocalAlloc
LocalFree
CopyFileW
GetWindowsDirectoryW
GetSystemDirectoryW
GetTempPathW
GlobalMemoryStatus
lstrlenW
WideCharToMultiByte
SetEnvironmentVariableA
LoadLibraryW

user32

GetDlgItem
GetWindowLongW
SendDlgItemMessageW
GetWindowTextW
GetMessageW
TranslateMessage
DispatchMessageW
PostQuitMessage
DefWindowProcW
FindWindowExW
GetProcessWindowStation
GetUserObjectInformationW
BringWindowToTop
EnumWindows
IsWindowVisible
GetWindow
GetSystemMetrics
DestroyWindow
SetWindowLongW
UpdateWindow
SetLayeredWindowAttributes
KillTimer
SetTimer
DrawFrameControl
OffsetRect
CopyRect
EnableMenuItem
GetGuiResources
SetForegroundWindow
LoadImageW
GetDesktopWindow
GetWindowRect
GetParent
MoveWindow
SetWindowPos
EnableWindow
ShowWindow
LoadStringW
DialogBoxParamW
EndDialog
CheckRadioButton
IsDlgButtonChecked
CheckDlgButton
RegisterWindowMessageW
FindWindowW
PostMessageW
SendMessageW
SetWindowTextW
DrawTextW
LoadCursorW
SetCursor
CallWindowProcW
RegisterClassExW
LoadIconW
CharLowerBuffA
CreateDialogParamW
SetDlgItemInt
GetDlgItemInt
CreateWindowExW
MapDialogRect
ScreenToClient
MessageBoxW
CharLowerBuffW
CharUpperBuffW
GetComboBoxInfo
DestroyMenu
TrackPopupMenu
GetCursorPos
GetSubMenu
LoadMenuW
SetFocus
FillRect
InflateRect
GetClientRect
GetDC
ReleaseDC
GetSysColor
GetDialogBaseUnits
DrawFocusRect
FrameRect
IsDialogMessageW

gdi32

GetTextMetricsW
DeleteObject
SelectObject
CreateFontIndirectW
GetObjectW
GetStockObject
SetBkMode
SetTextColor
DeleteDC
TextOutW
PatBlt
EnumFontFamiliesExW
CreateDIBSection
CreateFontW
GetDeviceCaps
SetMapMode
CreateCompatibleDC
ResetDCW
StartDocW
CreateDCW
EndDoc
StretchDIBits
EndPage
StartPage
SetBkColor
BitBlt
GetPixel
CreateSolidBrush
ExtTextOutW

winspool.drv

GetPrinterDriverDirectoryW
DeviceCapabilitiesW
DocumentPropertiesW
ClosePrinter
GetPrinterW
EnumPrintersW
SetPrinterW
EnumFormsW
AddFormW
GetJobW
GetPrinterDriverW
ord203
ord204
DeleteFormW
SetFormW
OpenPrinterW

comdlg32

GetSaveFileNameW
ChooseColorW
GetOpenFileNameW

advapi32

GetSecurityDescriptorSacl
RegQueryValueExA
SetTokenInformation
RegDeleteValueW
RegSetValueExW
OpenProcessToken
GetTokenInformation
EqualSid
BuildExplicitAccessWithNameW
SetEntriesInAclW
SetNamedSecurityInfoW
DuplicateTokenEx
CreateProcessAsUserW
AllocateAndInitializeSid
CheckTokenMembership
FreeSid
OpenThreadToken
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
GetUserNameW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegOpenKeyExA
SetSecurityDescriptorSacl

shell32

ShellExecuteW
SHGetFolderPathW
ord171
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetMalloc
SHGetFileInfoW
ord47
ShellExecuteExW

ole32

CoCreateGuid
CoTaskMemFree
StringFromGUID2

comctl32

PropertySheetW
ord17

shlwapi

PathRemoveFileSpecW
PathRemoveBackslashW
PathFindFileNameW
PathRemoveExtensionW
PathRemoveBlanksW
PathIsFileSpecW
PathMakePrettyW
PathUnquoteSpacesW
PathFindExtensionW
PathAddBackslashW

userenv

CreateEnvironmentBlock
DestroyEnvironmentBlock

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

wininet

FtpPutFileW
InternetOpenW
InternetCloseHandle
InternetConnectW
FtpCreateDirectoryW
DeleteUrlCacheEntryW
FtpSetCurrentDirectoryW

urlmon

URLDownloadToFileW

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 284KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sqetivd
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a773d82d892146598a04906c11062c9f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

comctl32

shlwapi

userenv

version

wininet

urlmon

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.rdata Size: 284KB - Virtual size: 281KB

.data Size: 56KB - Virtual size: 120KB

.rsrc Size: 32KB - Virtual size: 32KB

sqetivd Size: - Virtual size: 4KB

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 284KB - Virtual size: 281KB

.data
Size: 56KB - Virtual size: 120KB

.rsrc
Size: 32KB - Virtual size: 32KB

sqetivd
Size: - Virtual size: 4KB