3bce0d703df53a478e6892e1de4cc8c5406996b17405ec6e689185db3c792aa9

Sharing

Copy URL Twitter E-mail

General

Target

3bce0d703df53a478e6892e1de4cc8c5406996b17405ec6e689185db3c792aa9
Size

1.6MB
MD5

646df452faf31b417c71d05cc1b80e25
SHA1

dc98db2c0cf6294b48ffec8f8974f93714396eee
SHA256

3bce0d703df53a478e6892e1de4cc8c5406996b17405ec6e689185db3c792aa9
SHA512

8344189cb38337c0fbc7d84a4f67ca2c7052b5593ef1a3b32dba94f67b3d963c84409c9188e1b52ca34f9811c2a801bf3b89ccbb4c4c6bbd5fb28f9dbd02af04
SSDEEP

24576:8sO6UJiyjnauaWHa7Mf+O2LhBpoTEj09K3cd8eSVlCd:TO6UCEa7MW9NgVGfCd

Score

N/A

Malware Config

Signatures

Files

3bce0d703df53a478e6892e1de4cc8c5406996b17405ec6e689185db3c792aa9
.exe windows x86

88d60bc9c8b26f5f7cd21f99b09fb5c3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
HeapReAlloc
GetStartupInfoA
GetCommandLineA
TerminateProcess
ExitThread
CreateThread
HeapSize
SetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
FatalAppExitA
IsBadWritePtr
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetStdHandle
UnhandledExceptionFilter
RtlUnwind
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetTimeZoneInformation
GetDriveTypeA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetConsoleCtrlHandler
GetLocaleInfoW
SetEnvironmentVariableA
VirtualQuery
VirtualAlloc
VirtualProtect
HeapAlloc
HeapFree
GetDiskFreeSpaceA
GetTempFileNameA
LocalLock
LocalUnlock
GetFileTime
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
SetErrorMode
GetOEMCP
GetCPInfo
GlobalFlags
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
InterlockedIncrement
FindNextFileA
LeaveCriticalSection
EnterCriticalSection
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
GetTickCount
InterlockedDecrement
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
MoveFileA
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
SetThreadPriority
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcatA
lstrcmpW
FreeResource
GetCurrentThread
GetCurrentThreadId
FreeLibrary
GlobalDeleteAtom
lstrcmpA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
LoadLibraryA
SetLastError
GlobalFree
CopyFileA
MulDiv
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
lstrcpynA
LocalFree
SetCurrentDirectoryA
GetFileAttributesA
SetFileAttributesA
GetSystemInfo
WriteFile
SetFilePointer
CreateFileA
GetFileSize
ReadFile
CloseHandle
Sleep
GetCurrentDirectoryA
DeleteFileA
ResumeThread
FindResourceA
CreateProcessA
LoadResource
LockResource
SizeofResource
GetStringTypeExW
GetStringTypeExA
GetEnvironmentVariableW
GetEnvironmentVariableA
CompareStringW
CompareStringA
lstrlenA
lstrcmpiW
lstrlenW
lstrcmpiA
GetVersion
DeleteCriticalSection
InitializeCriticalSection
GetLastError
RaiseException
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
FreeEnvironmentStringsA
InterlockedExchange
CreateDirectoryA

user32

LoadMenuA
IsClipboardFormatAvailable
GetTabbedTextExtentA
UnionRect
GetDCEx
LockWindowUpdate
SetParent
GetMenuCheckMarkDimensions
ScrollWindowEx
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
SetFocus
IsChild
GetWindowTextLengthA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
ScrollWindow
MessageBoxA
TrackPopupMenuEx
TrackPopupMenu
GetKeyState
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
UpdateWindow
GetMenu
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
InvalidateRgn
GetScrollInfo
SetScrollInfo
GetClassInfoA
RegisterClassA
SetWindowPlacement
UnpackDDElParam
DefWindowProcA
CallWindowProcA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
CopyRect
PtInRect
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
PostQuitMessage
GetMenuState
GetMenuStringA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
EndPaint
BeginPaint
IsRectEmpty
CopyAcceleratorTableA
SetRect
CharNextA
DestroyIcon
GetDialogBaseUnits
DeleteMenu
WaitMessage
GetWindowThreadProcessId
ReleaseCapture
WindowFromPoint
GetWindowDC
SetCapture
LoadCursorA
GetSysColorBrush
LoadImageA
GetWindowRect
SetWindowRgn
PostMessageA
LoadBitmapA
GetClassNameA
GetWindowLongA
SetWindowLongA
GetSystemMetrics
LoadIconA
KillTimer
SetTimer
InvalidateRect
GetClientRect
IsIconic
ReuseDDElParam
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
GetSystemMenu
SendMessageA
AppendMenuA
DrawIcon
EnumWindows
GetWindowTextA
EnableWindow
UnregisterClassA
CharUpperW
CharUpperA
CharLowerW
CharLowerA
BringWindowToTop
SetMenu
TranslateAcceleratorA
PostThreadMessageA
MessageBeep
GetDlgCtrlID
GetNextDlgGroupItem
RegisterClipboardFormatA
DestroyMenu
GetMenuItemInfoA
InflateRect
CheckMenuItem
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
SetWindowContextHelpId
MapDialogRect
MapVirtualKeyA
GetKeyNameTextA
ReleaseDC
GetDC
wsprintfA
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
ShowOwnedPopups
SetCursor
SetMenuItemBitmaps
ModifyMenuA
DeferWindowPos
EnableMenuItem

gdi32

SetStretchBltMode
SetMapMode
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
LineTo
MoveToEx
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
SetArcDirection
SetColorAdjustment
DeleteObject
SelectClipRgn
GetClipRgn
SelectClipPath
GetViewportExtEx
GetWindowExtEx
StartDocA
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SetROP2
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
DeleteDC
CreateDIBPatternBrushPt
CreatePatternBrush
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
CreateFontIndirectA
GetTextExtentPoint32A
GetTextMetricsA
SetRectRgn
GetMapMode
DPtoLP
GetBkColor
GetTextColor
GetRgnBox
GetCharWidthA
StretchDIBits
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
PatBlt
CreateRectRgnIndirect
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
CreateDCA
CopyMetaFileA
GetDIBColorTable
RealizePalette
GetDeviceCaps
CreateHalftonePalette
CreatePalette
GetStockObject
GetPixel
BitBlt
CreateCompatibleDC
CombineRgn
CreateRectRgn
GetObjectA
GetCurrentPositionEx
CreateFontA
CreateCompatibleBitmap

comdlg32

PrintDlgA
PageSetupDlgA
FindTextA
GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError
ReplaceTextA

winspool.drv

GetJobA
OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

SetFileSecurityA
RegSetValueA
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
GetFileSecurityA
RegCloseKey
RegCreateKeyA

shell32

SHGetFileInfoA
DragFinish
DragQueryFileA
ExtractIconA

comctl32

ord17
ord13
ImageList_Read
ImageList_Write
ord14
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA
ImageList_Merge
ImageList_Draw
ImageList_GetImageInfo

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathRemoveExtensionA
UrlUnescapeA

oledlg

ord8

ole32

ReadClassStg
StringFromCLSID
CoTreatAsClass
CreateBindCtx
CoTaskMemAlloc
ReleaseStgMedium
OleDuplicateData
CLSIDFromProgID
ReadFmtUserTypeStg
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoDisconnectObject
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoCreateInstance
StringFromGUID2
CoRegisterClassObject
CreateStreamOnHGlobal
OleRun
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
CLSIDFromString
CoRevokeClassObject

oleaut32

SysFreeString
VariantChangeType
VariantInit
SysAllocStringLen
SysStringLen
SysAllocStringByteLen
SysStringByteLen
OleCreateFontIndirect
SystemTimeToVariantTime
SafeArrayDestroy
SysAllocString
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
VariantCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VariantTimeToSystemTime
SysReAllocStringLen
VarDateFromStr
VarBstrFromDec
VarDecFromStr
VarCyFromStr
VarBstrFromCy
VarBstrFromDate
LoadTypeLi
VariantClear

wininet

InternetCrackUrlA
HttpOpenRequestA
InternetOpenUrlA
GopherOpenFileA
InternetConnectA
FtpFindFirstFileA
GopherCreateLocatorA
FtpCommandA
FtpOpenFileA
GopherGetAttributeA
HttpSendRequestExA
HttpEndRequestA
HttpSendRequestA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
GopherFindFirstFileA
InternetGetLastResponseInfoA
InternetCloseHandle
InternetFindNextFileA
HttpQueryInfoA
HttpAddRequestHeadersA
InternetErrorDlg
FtpGetFileA
FtpPutFileA
FtpGetCurrentDirectoryA
FtpSetCurrentDirectoryA
FtpRemoveDirectoryA
FtpCreateDirectoryA
FtpRenameFileA
FtpDeleteFileA
InternetQueryDataAvailable
InternetGetCookieA
InternetQueryOptionA
InternetSetOptionExA
InternetSetCookieA
InternetCanonicalizeUrlA

ws2_32

inet_addr
setsockopt
socket
recvfrom
sendto
htons
closesocket

Sections

.text
Size: 392KB - Virtual size: 390KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

88d60bc9c8b26f5f7cd21f99b09fb5c3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

wininet

ws2_32

Sections

.text Size: 392KB - Virtual size: 390KB

.rdata Size: 108KB - Virtual size: 107KB

.data Size: 12KB - Virtual size: 25KB

.rsrc Size: 1.1MB - Virtual size: 1.1MB

.text
Size: 392KB - Virtual size: 390KB

.rdata
Size: 108KB - Virtual size: 107KB

.data
Size: 12KB - Virtual size: 25KB

.rsrc
Size: 1.1MB - Virtual size: 1.1MB