9f50e3b09e510679d382d2bbb29708cb206fddd73e4ee0eb0875a70cd49b52dd

Sharing

Copy URL Twitter E-mail

General

Target

9f50e3b09e510679d382d2bbb29708cb206fddd73e4ee0eb0875a70cd49b52dd
Size

1.9MB
MD5

248447c90c9d191af7c3de08952e26be
SHA1

014126768838655c80971f6a6596c47ea14cc304
SHA256

9f50e3b09e510679d382d2bbb29708cb206fddd73e4ee0eb0875a70cd49b52dd
SHA512

e9544e92bad087f98ed5b3cf64a21a9997b3f0a876f831fb88cd8faeb4e16e4617c343574aad0aa6c21acd495dad7e9cea4edfa09ab412a33d78f0999a8f715d
SSDEEP

49152:/1cfIHkMfY4GGDakf69ojxqzm+dTtdJWH:GKkMAvGRnjA1Dn2

Score

N/A

Malware Config

Signatures

Files

9f50e3b09e510679d382d2bbb29708cb206fddd73e4ee0eb0875a70cd49b52dd
.exe windows x86

495920dca1a731b3ec9116ff7e8a6996

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

PlaySoundW

kernel32

GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetCurrentDirectoryA
GetDriveTypeA
GetFullPathNameA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
GetLastError
SizeofResource
LockResource
Sleep
LoadResource
FindResourceW
lstrlenA
OutputDebugStringW
InitializeCriticalSection
GetSystemTimeAsFileTime
QueryPerformanceCounter
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetUserDefaultLangID
GetPrivateProfileStringA
GetTempPathW
CreateThread
CreateDirectoryW
GetModuleFileNameW
GetTickCount
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
lstrlenW
RaiseException
lstrcmpiW
InterlockedIncrement
InterlockedDecrement
FreeLibrary
LoadLibraryExW
GetModuleHandleW
GetCurrentProcess
GetProcAddress
ExpandEnvironmentStringsA
GetLocalTime
GetStdHandle
HeapSize
ExitProcess
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapReAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
GetStartupInfoW
HeapAlloc
GetVersionExW
GetTempFileNameW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
GetFileTime
GetFileAttributesW
SetErrorMode
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetCurrentThread
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
InterlockedExchange
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileW
GetModuleHandleA
GetProfileIntW
GetCurrentProcessId
CreateFileW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetThreadLocale
DeleteFileW
CloseHandle
lstrcmpA
CreateEventW
ResumeThread
WideCharToMultiByte
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
LoadLibraryW
MultiByteToWideChar
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
FreeResource
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
MulDiv
SetLastError
GetProcessHeap
HeapFree
CreateMutexW
WaitForSingleObject
DeleteFileA
GetCommandLineW
GetFileAttributesA

user32

SetFocus
GetWindowTextLengthW
GetWindowTextW
GetLastActivePopup
DispatchMessageW
GetTopWindow
GetMessageTime
PeekMessageW
TrackPopupMenu
GetMenu
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
SetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetFocus
GetMenuState
GetMenuStringW
GetMenuItemID
GetMenuItemCount
GetDesktopWindow
LoadMenuW
EnumWindows
IsIconic
ShowWindow
SendMessageTimeoutW
UpdateLayeredWindow
ScreenToClient
SetWindowRgn
SetRect
MapWindowPoints
CharNextW
RegisterWindowMessageW
LoadImageW
GetSubMenu
EnableMenuItem
CheckMenuItem
MapVirtualKeyW
ReleaseCapture
SetCapture
GetCapture
PostMessageW
DrawFocusRect
FillRect
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
IsRectEmpty
GetCursorPos
SetWindowLongW
SetLayeredWindowAttributes
OffsetRect
InvalidateRect
GetKeyboardState
GetWindowLongW
RemovePropW
GetPropW
SetPropW
GetClassLongW
CallNextHookEx
SetWindowsHookExW
IsChild
WinHelpW
SendDlgItemMessageA
SendDlgItemMessageW
ModifyMenuW
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
UnhookWindowsHookEx
SetCursor
SendMessageW
LoadCursorW
IsWindow
SetWindowPos
GetMessagePos
GetKeyState
SetMenuItemInfoW
CheckMenuRadioItem
LoadStringW
RegisterHotKey
UnregisterHotKey
MsgWaitForMultipleObjects
GetWindowTextA
GetForegroundWindow
SetForegroundWindow
GetParent
GetActiveWindow
KillTimer
SetTimer
IsWindowVisible
UpdateWindow
GetClientRect
GetWindowRect
EqualRect
CopyRect
InflateRect
SetRectEmpty
PtInRect
GetSystemMetrics
LoadIconW
DestroyIcon
GetDC
ReleaseDC
IsDialogMessageW
SetWindowTextW
MoveWindow
ValidateRect
TranslateMessage
GetMessageW
CharUpperW
GetWindowThreadProcessId
GetKeyNameTextW
ClientToScreen
GetWindowDC
BeginPaint
EndPaint
WindowFromPoint
GetMenuItemInfoW
DestroyMenu
UnionRect
PostThreadMessageW
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableW
UnregisterClassW
GetSysColorBrush
RegisterClipboardFormatW
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
RedrawWindow
SystemParametersInfoW
EnableWindow
UnregisterClassA
GetClassNameW
EnumChildWindows

gdi32

GetObjectW
CreateCompatibleDC
DeleteObject
CreatePen
CreateSolidBrush
Ellipse
CreatePatternBrush
CreateBitmap
GetDeviceCaps
RealizePalette
GetBkColor
GetMapMode
DPtoLP
LPtoDP
PatBlt
BitBlt
CreateDIBSection
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
CreateRectRgn
PtInRegion
GetTextMetricsW
GetStockObject
Rectangle
RoundRect
BeginPath
EndPath
PathToRegion
CreateFontIndirectW
GetPath
GetDCOrgEx
GetClipBox
SetTextColor
SetBkColor
CreateRectRgnIndirect
SaveDC
RestoreDC
SetBkMode
SetROP2
SetStretchBltMode
CreateCompatibleBitmap
SetMapMode
LineTo
MoveToEx
GetViewportExtEx
GetWindowExtEx
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
PolyDraw
ExtSelectClipRgn
SelectPalette
GetTextColor
GetRgnBox
SelectObject
DeleteDC
CreateICW
CreatePalette
GetTextCharsetInfo
GetDIBits
SetDIBitsToDevice
SetWinMetaFileBits
DeleteEnhMetaFile
GetEnhMetaFileHeader
SetEnhMetaFileBits
PlayEnhMetaFile
GetEnhMetaFilePaletteEntries

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegQueryValueW
RegEnumKeyW
RegOpenKeyW
RegSetValueW
RegEnumKeyExW
RegQueryInfoKeyW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shell32

SHAppBarMessage
Shell_NotifyIconW
ShellExecuteW
CommandLineToArgvW
SHGetSpecialFolderPathW

shlwapi

PathIsUNCW
PathFindFileNameW
PathFindExtensionW
UrlUnescapeW
PathStripToRootW

oledlg

OleUIBusyW

ole32

CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleFlushClipboard
CoGetClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString
CLSIDFromProgID
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
CoCreateInstance
StringFromGUID2
CoRegisterClassObject
CoRevokeClassObject
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoRegisterMessageFilter
StgOpenStorageOnILockBytes
OleIsCurrentClipboard

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
SysAllocStringLen
VariantChangeType
VariantClear
VariantInit
RegisterTypeLi
UnRegisterTypeLi
SysAllocString
LoadTypeLi
LoadRegTypeLi
SysStringLen
VarUI4FromStr
SysFreeString
OleCreateFontIndirect

gdiplus

GdipFillPath
GdipFillEllipseI
GdipFillRectangleI
GdipDrawPath
GdipSetPageUnit
GdipSetSmoothingMode
GdipSetInterpolationMode
GdipCreateFromHDC
GdipAddPathArcI
GdipClosePathFigure
GdipResetPath
GdipSetPenMode
GdipCreateSolidFill
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipLoadImageFromFile
GdipDeleteGraphics
GdipDeletePath
GdipCreatePath
GdipDeletePen
GdipCreatePen1
GdipAlloc
GdipFree
GdipDeleteBrush
GdipCloneImage
GdipCloneBrush
GdiplusStartup
GdiplusShutdown
GdipDrawImageI

ws2_32

ntohl
htons
ntohs
htonl

dinput8

DirectInput8Create

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

wininet

InternetGetLastResponseInfoW
InternetReadFile
InternetOpenUrlW
InternetSetOptionW
HttpQueryInfoW
HttpSendRequestW
HttpOpenRequestW
InternetConnectW
InternetOpenW
InternetCrackUrlW
InternetCanonicalizeUrlW
InternetCloseHandle

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 392KB - Virtual size: 390KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ShareDa
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

495920dca1a731b3ec9116ff7e8a6996

Headers

File Characteristics

Imports

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

gdiplus

ws2_32

dinput8

version

wininet

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 392KB - Virtual size: 390KB

.data Size: 36KB - Virtual size: 112KB

.ShareDa Size: 4KB - Virtual size: 4B

.rsrc Size: 64KB - Virtual size: 63KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 392KB - Virtual size: 390KB

.data
Size: 36KB - Virtual size: 112KB

.ShareDa
Size: 4KB - Virtual size: 4B

.rsrc
Size: 64KB - Virtual size: 63KB