50ef2f952130ee954df5e151a8421d99534c50799b81ea51ffe2491bcc1bfaeb

Sharing

Copy URL

Twitter E-mail

General

Target

50ef2f952130ee954df5e151a8421d99534c50799b81ea51ffe2491bcc1bfaeb
Size

2.5MB
MD5

1a12721271d7ce5fc297f10da9b3ce62
SHA1

88ab5939021343fe810eb959e2663661ecabe094
SHA256

50ef2f952130ee954df5e151a8421d99534c50799b81ea51ffe2491bcc1bfaeb
SHA512

6ea7d6a9e1744c13e4f67ad7a46276638b7c8253996b264d7dffc40d9098f5ad63e800e9392bb8558ab356ff04f54c7a4183d8c63e05f6d081ce30ed9f124cac
SSDEEP

49152:xpZ3zSSBV+D2ScAvWFJBhPPYctz9Ig0Ux+TmhQxb1wq1IwyP0YIuFmB0RHJo71wc:xzzf+D2S3vWFNPPYcF9Ig0Ux+Tm41IwC

Score

N/A

Malware Config

Signatures

Files

50ef2f952130ee954df5e151a8421d99534c50799b81ea51ffe2491bcc1bfaeb
.exe windows x86

8c6ececb91acb9be669f80aa9300ce35

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

parseifo

ord1

profilemgr

ord1

logfile

ord2

multilanguage

ord1
ord4
ord6
ord2

libeda

ord1

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

winmm

mciSendStringA
PlaySoundA

psapi

GetModuleBaseNameA
EnumProcessModules
EnumProcesses

kernel32

HeapReAlloc
ExitProcess
ExitThread
SetStdHandle
GetFileType
HeapSize
HeapQueryInformation
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStdHandle
HeapCreate
IsValidCodePage
LCMapStringW
IsProcessorFeaturePresent
GetStringTypeW
FreeEnvironmentStringsW
VirtualQuery
SetHandleCount
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
GetDriveTypeW
CompareStringW
WriteConsoleW
GetCurrentDirectoryW
CreateFileW
SetEnvironmentVariableA
GetSystemInfo
RaiseException
VirtualAlloc
GetEnvironmentStringsW
RtlUnwind
lstrlenA
MultiByteToWideChar
GlobalAlloc
GlobalLock
GlobalUnlock
FindResourceA
LoadResource
LockResource
SizeofResource
FreeResource
MulDiv
WideCharToMultiByte
FindResourceW
GlobalReAlloc
GlobalFree
Sleep
GetModuleFileNameA
LoadLibraryA
GetProcAddress
FreeLibrary
GetCommandLineW
GetLastError
CloseHandle
GetTempPathA
CreatePipe
GetStartupInfoA
CreateProcessA
ReadFile
SetLastError
DeactivateActCtx
GetModuleHandleA
ActivateActCtx
CreateDirectoryA
GetCurrentProcess
QueryPerformanceFrequency
QueryPerformanceCounter
WaitForSingleObject
DeleteFileA
TerminateProcess
MoveFileA
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GetSystemTimeAsFileTime
DecodePointer
EncodePointer
HeapFree
HeapAlloc
GetTickCount
SearchPathA
GetTempFileNameA
GetNumberFormatA
GetWindowsDirectoryA
FindResourceExW
GetFileTime
GetFileSizeEx
GetFileAttributesExA
SetErrorMode
GetFileAttributesA
InitializeCriticalSectionAndSpinCount
lstrcpyA
GetSystemDirectoryW
GetCurrentDirectoryA
GetACP
GetOEMCP
GetCPInfo
CreateThread
OpenProcess
WritePrivateProfileStringA
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
GlobalFlags
GetProfileIntA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
VirtualProtect
GetFullPathNameA
FindFirstFileA
FindClose
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
CreateFileA
lstrcmpiA
GetThreadLocale
SuspendThread
SetThreadPriority
GetPrivateProfileIntA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
LoadLibraryExA
InterlockedExchange
lstrcmpA
GetModuleHandleW
InterlockedDecrement
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetVersionExA
CompareStringA
LoadLibraryW
lstrcmpW
CopyFileA
GlobalSize
FormatMessageA
LocalFree
GetCurrentProcessId
ExpandEnvironmentStringsA
lstrlenW
GetVolumeInformationA
GetDriveTypeA
GetExitCodeThread
CreateEventA
WriteFile
GetExitCodeProcess
PeekNamedPipe
ResumeThread
SetEvent
DuplicateHandle
TerminateThread
GetPrivateProfileStringA

user32

UpdateLayeredWindow
EnableScrollBar
UnionRect
DrawFrameControl
InvalidateRgn
CharNextA
LoadImageW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
DrawStateA
RegisterClipboardFormatA
EnumChildWindows
LockWindowUpdate
IsMenu
MonitorFromPoint
UnpackDDElParam
ReuseDDElParam
LoadMenuA
InsertMenuItemA
BringWindowToTop
SetClassLongA
CreatePopupMenu
NotifyWinEvent
CreateAcceleratorTableA
LoadAcceleratorsW
DestroyAcceleratorTable
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
CopyAcceleratorTableA
WaitMessage
PostThreadMessageA
EnumDisplayMonitors
DeleteMenu
UnregisterClassA
LoadCursorA
RealChildWindowFromPoint
WindowFromPoint
GetDCEx
GetAsyncKeyState
DestroyMenu
GetMenuItemInfoA
GetIconInfo
DestroyIcon
GetNextDlgGroupItem
SetRectEmpty
CharUpperA
ShowOwnedPopups
GetMessageA
TranslateMessage
ValidateRect
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
SetWindowContextHelpId
MapDialogRect
SystemParametersInfoA
MessageBeep
IsZoomed
PostQuitMessage
MapVirtualKeyA
GetKeyNameTextA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
EnableMenuItem
CheckMenuItem
MoveWindow
IsDialogMessageA
CheckDlgButton
IntersectRect
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetMenuDefaultItem
GetClassNameA
SetPropA
GetPropA
RemovePropA
IsWindow
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
SetActiveWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
GetMenu
SetWindowPos
GetWindow
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
InvertRect
HideCaret
LoadImageA
GetDC
GetDesktopWindow
RemoveMenu
GetLastActivePopup
IsWindowEnabled
MessageBoxA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
FrameRect
CopyImage
CallWindowProcA
SetParent
SetLayeredWindowAttributes
SetWindowLongA
DrawIconEx
LoadIconA
SendMessageTimeoutA
GetWindowThreadProcessId
EnumWindows
SetWindowTextA
ShowWindow
SetCursorPos
SetMenuDefaultItem
IsCharLowerA
MapVirtualKeyExA
IsClipboardFormatAvailable
DestroyCursor
CreateMenu
GetDoubleClickTime
SubtractRect
FindWindowA
ExitWindowsEx
TranslateAcceleratorA
ScreenToClient
GetCursorPos
GetSubMenu
LoadMenuW
KillTimer
GetDlgItem
DrawIcon
IsIconic
CopyIcon
CharUpperBuffA
GetUpdateRect
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
GetClassLongA
ReleaseDC
SetRect
FillRect
GetSysColorBrush
GetSysColor
InflateRect
EnableWindow
DrawFocusRect
InvalidateRect
ReleaseCapture
LoadBitmapW
GetClientRect
SetCapture
PostMessageA
GetParent
GetKeyState
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
GetFocus
GetWindowLongA
SetWindowRgn
GetWindowRgn
OffsetRect
RedrawWindow
CopyRect
SendMessageA
UpdateWindow
PtInRect
SetCursor
LoadCursorW
GetSystemMetrics
IsRectEmpty
DrawEdge
GetScrollPos
wsprintfA
LoadIconW
LoadAcceleratorsA
GetSystemMenu
SetTimer
GetWindowRect

gdi32

CreateFontA
GetTextExtentPoint32A
GetStockObject
CreateFontIndirectA
CreateRoundRectRgn
SetMapMode
SetBkColor
GetCurrentObject
CreatePen
CreatePolygonRgn
FrameRgn
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetTextColor
GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
GetLayout
SetLayout
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
SelectPalette
SelectClipRgn
CreateHatchBrush
CopyMetaFileA
CreateDCA
CreateRectRgnIndirect
SetRectRgn
PatBlt
Rectangle
CreateDIBitmap
GetTextMetricsA
EnumFontFamiliesA
GetTextCharsetInfo
OffsetRgn
GetRgnBox
GetTextColor
SetDIBColorTable
SetPixel
CreateEllipticRgn
Polyline
Ellipse
Polygon
EnumFontFamiliesExA
GetNearestPaletteIndex
GetSystemPaletteEntries
GetWindowOrgEx
PtInRegion
FillRgn
GetBoundsRect
GetViewportOrgEx
ExtFloodFill
SetPaletteEntries
GetTextFaceA
SetPixelV
ExtTextOutA
Escape
TextOutA
RectVisible
BitBlt
PtVisible
GetPixel
CreateBitmap
GetBkColor
DPtoLP
SelectObject
CreateDIBSection
CreateCompatibleBitmap
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
GetMapMode
LPtoDP
StretchBlt
CreateRectRgn
GetPaletteEntries
CreateSolidBrush
RealizePalette
CreatePalette
GetDIBits
DeleteDC
DeleteObject
CombineRgn
CreateCompatibleDC
GetObjectType
GetObjectA
ExtCreateRegion

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegQueryValueExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCreateKeyExA
RegFlushKey
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyExA
RegQueryValueA
RegEnumKeyA
RegSetValueExA

shell32

DragQueryFileA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
ShellExecuteA
ShellExecuteExA
SHGetMalloc
SHAppBarMessage
DragFinish
SHGetFileInfoA
SHBrowseForFolderA
SHGetDesktopFolder
CommandLineToArgvW

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW
PathFindExtensionA
PathFileExistsA

ole32

DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleLockRunning
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoInitializeEx
CLSIDFromString
CoCreateGuid
OleDuplicateData
OleGetClipboard
ReleaseStgMedium
CoTaskMemFree
CoUninitialize
CoInitialize
CoCreateInstance
CreateStreamOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRegisterMessageFilter
CoRevokeClassObject
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
CoTaskMemAlloc
CLSIDFromProgID
OleCreateMenuDescriptor

oleaut32

VariantCopy
SysStringLen
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocStringLen
VariantInit
VariantChangeType
VarBstrFromDate
SysAllocStringByteLen
VariantClear
SysAllocString
SysFreeString
OleLoadPicturePath
OleCreateFontIndirect

oledlg

ord8

gdiplus

GdipCreateBitmapFromHBITMAP
GdipCloneImage
GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateFromHDC
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCreateBitmapFromStream

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 318KB - Virtual size: 317KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 613KB - Virtual size: 612KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 183KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c6ececb91acb9be669f80aa9300ce35

Headers

DLL Characteristics

File Characteristics

Imports

parseifo

profilemgr

logfile

multilanguage

libeda

version

winmm

psapi

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

oleacc

imm32

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 318KB - Virtual size: 317KB

.data Size: 25KB - Virtual size: 55KB

.rsrc Size: 613KB - Virtual size: 612KB

.reloc Size: 183KB - Virtual size: 182KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 318KB - Virtual size: 317KB

.data
Size: 25KB - Virtual size: 55KB

.rsrc
Size: 613KB - Virtual size: 612KB

.reloc
Size: 183KB - Virtual size: 182KB