a4368430bf6dfcb9336326411bbedf7dd6bd53abf6d554f85bce9536a2862a64

Sharing

Copy URL Twitter E-mail

General

Target

a4368430bf6dfcb9336326411bbedf7dd6bd53abf6d554f85bce9536a2862a64
Size

1.2MB
MD5

aa97f7ed8c93ae2ec3d23e179cb459b4
SHA1

740b58a80f942eea6265d2a65e77e0096b5def3b
SHA256

a4368430bf6dfcb9336326411bbedf7dd6bd53abf6d554f85bce9536a2862a64
SHA512

2440afde737c3b8e06ed0218d7561ff0b933e5b9d05cd3b6eabfa05249aed735ac1dffed421850616f34edd6e6715166ac582dea0fd5e09e986683d43d42bed6
SSDEEP

12288:WhLzPAkE/rtTT4Foe9vIyT49Mv+JAHV8tAcvM7REk6A7YdeMZ+tpDyb80+OeO+Om:kzqrt4Ke9QyT2t1iDybJlNGVcsQY8ZI

Score

N/A

Malware Config

Signatures

Files

a4368430bf6dfcb9336326411bbedf7dd6bd53abf6d554f85bce9536a2862a64
.exe windows x86

14db9c53ea33bb075042ea1f6bdcd811

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipCreateBitmapFromScan0
GdipGetImagePixelFormat
GdipCreateBitmapFromStream
GdipCreateBitmapFromHICON
GdipDrawImageRectRect
GdipGetImageGraphicsContext
GdipSetStringFormatAlign
GdipCreateFontFromLogfontA
GdipDrawRectangleI
GdipCreatePen2
GdipFillPolygonI
GdipFillRectangleI
GdipCreateFontFromDC
GdipDeleteStringFormat
GdipCreatePen1
GdipCreateStringFormat
GdipSetSolidFillColor
GdipDrawString
GdipDrawLinesI
GdipDeleteFont
GdipSetStringFormatLineAlign
GdipDeletePen
GdipGetImageFlags
GdipCloneImage
GdipDeleteRegion
GdipCreateBitmapFromFile
GdipDisposeImage
GdipAlloc
GdipCreateSolidFill
GdipCreateRegionHrgn
GdipFillRegion
GdipCloneBrush
GdipCreateLineBrushFromRectI
GdipFree
GdipDeleteBrush
GdipCreateHICONFromBitmap
GdipFillRectangle
GdiplusStartup
GdiplusShutdown
GdipGetImageWidth
GdipCreateFromHDC
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipDeleteGraphics
GdipDrawImageRectRectI
GdipGetImageHeight
GdipDrawLineI
GdipSetImageAttributesColorMatrix

comctl32

InitCommonControlsEx
_TrackMouseEvent

kernel32

RemoveDirectoryW
SetFileAttributesW
SetFileTime
SystemTimeToFileTime
FileTimeToSystemTime
FlushFileBuffers
InitializeCriticalSection
FreeResource
GetConsoleMode
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetFileType
GetTimeZoneInformation
HeapReAlloc
GetStdHandle
HeapSize
AreFileApisANSI
GetModuleHandleExW
ExitProcess
GetOEMCP
IsValidCodePage
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
GetUserDefaultLangID
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
UnhandledExceptionFilter
GetCPInfo
RtlUnwind
GetCommandLineW
ExitThread
CreateThread
IsDebuggerPresent
GetSystemTimeAsFileTime
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
InterlockedCompareExchange
GetProcessHeap
HeapFree
HeapAlloc
DecodePointer
EncodePointer
GetStringTypeW
MoveFileExW
CreateIoCompletionPort
PostQueuedCompletionStatus
GetTickCount
GetQueuedCompletionStatus
GetStartupInfoW
WideCharToMultiByte
WaitForSingleObject
GetCurrentProcessId
CloseHandle
DeleteCriticalSection
GetLocalTime
GetLastError
MultiByteToWideChar
CreateFileW
GetModuleFileNameW
SizeofResource
LoadLibraryW
CreateDirectoryW
InterlockedDecrement
InterlockedIncrement
LoadLibraryExW
SetUnhandledExceptionFilter
LoadResource
FreeLibrary
FindResourceW
GlobalFree
GlobalUnlock
GlobalAlloc
GlobalLock
GetFileTime
GetFileSizeEx
ReadFile
Sleep
WriteFile
SetFilePointerEx
FindNextFileW
FindClose
FindFirstFileW
GetFullPathNameW
DeleteFileW
lstrcmpiW
GetProcAddress
CompareStringW
GetModuleHandleW
lstrlenW
GetCurrentThreadId
EnterCriticalSection
SetLastError
RaiseException
FlushInstructionCache
GetACP
LeaveCriticalSection
GetVersionExW
GetCurrentProcess
InitializeCriticalSectionAndSpinCount
ReadConsoleW
SetFilePointer
OutputDebugStringW
GetConsoleCP
SetStdHandle
WriteConsoleW
SetEnvironmentVariableA
SetEndOfFile
SetThreadPriority

user32

CreateDialogParamW
CheckRadioButton
IsWindowVisible
GetDlgItemTextW
SetDlgItemTextW
GetMessageW
LoadImageW
TranslateMessage
DispatchMessageW
CloseClipboard
EmptyClipboard
OpenClipboard
SetClipboardData
PeekMessageW
GetClassInfoExW
RegisterClassExW
MoveWindow
DestroyWindow
SetCursor
IsDlgButtonChecked
CharNextW
LoadCursorW
SetFocus
SetRectEmpty
GetCapture
DrawFocusRect
OffsetRect
SystemParametersInfoW
CreateWindowExW
GetDlgCtrlID
SendDlgItemMessageW
RedrawWindow
SetParent
SendMessageW
GetDlgItem
GetClassNameW
GetWindow
DefWindowProcW
GetMonitorInfoW
DestroyIcon
EnableWindow
MapWindowPoints
GetWindowRgn
UnregisterClassW
IsIconic
GetKeyState
FlashWindow
SetForegroundWindow
ScreenToClient
GetSystemMetrics
ReleaseCapture
GetCursorPos
UpdateWindow
GetActiveWindow
SetWindowPos
EndDialog
SetWindowLongW
MonitorFromWindow
ReleaseDC
SetClassLongW
GetWindowTextW
GetWindowLongW
SetRect
GetAsyncKeyState
PtInRect
GetClassLongW
GetClientRect
IsWindowEnabled
GetParent
DrawIconEx
IsZoomed
DrawTextW
PostMessageW
SetCapture
FillRect
GetWindowDC
GetWindowRect
SetWindowRgn
GetWindowTextLengthW
ClientToScreen
SetWindowTextW
CopyRect
CallWindowProcW
MessageBoxW
PostThreadMessageW
IsWindow
FrameRect
ShowWindow
EnumChildWindows
GetSysColor
InvalidateRect
IsDialogMessageW
InflateRect
GetDC
GetUpdateRect
BeginPaint
DialogBoxParamW
GetFocus
EndPaint
KillTimer
SetTimer

gdi32

StretchBlt
GetObjectW
CreateFontIndirectW
CreateBrushIndirect
SetStretchBltMode
PtInRegion
ExcludeClipRect
FillRgn
Ellipse
GetBkColor
Polygon
GetObjectA
GetBitmapDimensionEx
CreateDIBSection
SaveDC
CreatePen
RoundRect
GetStockObject
CreateSolidBrush
CreateRectRgn
CreateRoundRectRgn
ExtTextOutW
CreateCompatibleBitmap
CombineRgn
CreateCompatibleDC
SelectClipRgn
SelectObject
DeleteObject
SetBkMode
SetBkColor
DeleteDC
SetTextColor
SetViewportOrgEx
FrameRgn
GetViewportOrgEx
GetTextExtentPoint32W
RestoreDC
BitBlt

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
InitializeSecurityDescriptor
RegQueryInfoKeyW

shell32

ShellExecuteW
SHGetFolderPathW

ole32

CreateStreamOnHGlobal
CoCreateGuid
CoTaskMemAlloc
CoTaskMemFree
CoInitialize
CoTaskMemRealloc
CoUninitialize
CoCreateInstance

oleaut32

VarUI4FromStr

shlwapi

PathFileExistsW
PathIsDirectoryW

msimg32

GradientFill

dbghelp

MiniDumpWriteDump

ws2_32

freeaddrinfo
getaddrinfo
closesocket
__WSAFDIsSet
select
socket
setsockopt
WSAGetLastError
WSASend
WSARecv
connect
ioctlsocket
WSAStartup
WSACleanup
htonl
htons
ntohs
ntohl
inet_addr

Sections

.text
Size: 777KB - Virtual size: 776KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

14db9c53ea33bb075042ea1f6bdcd811

Headers

DLL Characteristics

File Characteristics

Imports

gdiplus

comctl32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

msimg32

dbghelp

ws2_32

Sections

.text Size: 777KB - Virtual size: 776KB

.rdata Size: 128KB - Virtual size: 128KB

.data Size: 34KB - Virtual size: 77KB

.rsrc Size: 138KB - Virtual size: 137KB

.reloc Size: 100KB - Virtual size: 99KB

.text
Size: 777KB - Virtual size: 776KB

.rdata
Size: 128KB - Virtual size: 128KB

.data
Size: 34KB - Virtual size: 77KB

.rsrc
Size: 138KB - Virtual size: 137KB

.reloc
Size: 100KB - Virtual size: 99KB