611419fcb45e7cba5176b96ce6960fa624eb56874a39fca79857fb9fbda5be34

Sharing

Copy URL Twitter E-mail

General

Target

611419fcb45e7cba5176b96ce6960fa624eb56874a39fca79857fb9fbda5be34
Size

3.6MB
MD5

e46a3757140bca25e57de16e729fb4e7
SHA1

9520eb4e38ae64e13145d25e0317fe91215180be
SHA256

611419fcb45e7cba5176b96ce6960fa624eb56874a39fca79857fb9fbda5be34
SHA512

41d06bc1e1c2cbd41d2f4c618a42c61229b315dc6928bbcbade9d6e0663facf38c16ce708ea3ac8b12137cf7c3eed27e09c337fb606bb156df772b2f8916560e
SSDEEP

98304:6uxISGHbXkUNbzI6BVwduiRlaRARa7WhM3m9FLOAkGkzdnEVomFHKnP:BU3Qa7WhMW9FLOyomFHKnP

Score

N/A

Malware Config

Signatures

Files

611419fcb45e7cba5176b96ce6960fa624eb56874a39fca79857fb9fbda5be34
.exe windows x86

13b7eff98bec87f3fca980b395244112

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
ReadConsoleW
GetTimeZoneInformation
GetDriveTypeW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
EnumSystemLocalesW
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetACP
ExitProcess
SetEnvironmentVariableA
VirtualQuery
VirtualAlloc
GetSystemInfo
QueryPerformanceFrequency
HeapQueryInformation
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
GetCommandLineW
GetCommandLineA
GetFullPathNameA
FindNextFileW
FindFirstFileExW
RtlUnwind
GetCPInfo
LCMapStringW
GetStringTypeW
OutputDebugStringW
GetFileType
SetEvent
GetProcAddress
FreeLibrary
GetCurrentDirectoryW
SetCurrentDirectoryW
GetModuleHandleW
WritePrivateProfileStringW
GetPrivateProfileIntW
Sleep
GetModuleFileNameW
SizeofResource
LockResource
LoadResource
FindResourceW
WideCharToMultiByte
MultiByteToWideChar
CreateThread
AttachConsole
GetLastError
AllocConsole
GetStdHandle
SetStdHandle
FreeConsole
WriteConsoleW
GetPrivateProfileStringW
HeapFree
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
HeapSize
HeapReAlloc
RaiseException
HeapAlloc
DecodePointer
DeleteCriticalSection
GetProcessHeap
GlobalAlloc
GlobalSize
GlobalLock
GlobalUnlock
GlobalFree
LocalFree
MulDiv
FormatMessageW
CopyFileW
SetLastError
OutputDebugStringA
GetVersionExW
GetModuleHandleA
LoadLibraryA
GetCurrentProcessId
EncodePointer
GetCurrentThreadId
GetSystemDirectoryW
FreeResource
LoadLibraryExW
GlobalDeleteAtom
lstrcmpW
GlobalAddAtomW
GlobalFindAtomW
GetCurrentThread
lstrcmpA
lstrcpyW
VerSetConditionMask
VerifyVersionInfoW
CloseHandle
LoadLibraryW
WaitForSingleObject
CreateEventW
SetThreadPriority
ResumeThread
GlobalGetAtomNameW
FileTimeToSystemTime
GetThreadLocale
InitializeCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
CompareStringW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GlobalFlags
VirtualProtect
DeleteFileW
CreateFileW
GetFileAttributesW
GetFileSize
GetTempFileNameW
SetFilePointer
GetTempPathW
FindClose
FindFirstFileW
FlushFileBuffers
GetFullPathNameW
GetVolumeInformationW
LockFile
ReadFile
SetEndOfFile
UnlockFile
WriteFile
DuplicateHandle
GetCurrentProcess
lstrcmpiW
FindResourceExW
GetWindowsDirectoryW
SearchPathW
GetTickCount
GetProfileIntW
SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesExW
GetFileSizeEx
GetFileTime
SystemTimeToTzSpecificLocalTime
GetUserDefaultLCID
ResetEvent
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW

user32

NotifyWinEvent
WindowFromPoint
MessageBeep
DeleteMenu
ReleaseCapture
SetCapture
CharUpperW
IsZoomed
TrackMouseEvent
GetAsyncKeyState
CopyImage
RealChildWindowFromPoint
IntersectRect
GetMenuItemInfoW
DestroyMenu
LoadMenuW
SetCursor
ShowOwnedPopups
TranslateMessage
GetMessageW
EnumDisplayMonitors
SystemParametersInfoW
LoadCursorW
SetLayeredWindowAttributes
DrawIconEx
IsRectEmpty
InflateRect
DrawFocusRect
GetSysColorBrush
SetWindowRgn
DrawFrameControl
DrawEdge
MapDialogRect
SetWindowContextHelpId
PostQuitMessage
OffsetRect
SetRectEmpty
SendDlgItemMessageA
GetCursorPos
ClientToScreen
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageW
SetWindowTextW
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetTopWindow
GetClassLongW
SetWindowLongW
PtInRect
EqualRect
GetSysColor
CreatePopupMenu
ScreenToClient
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
GetMenuDefaultItem
SetMenuDefaultItem
UpdateLayeredWindow
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
RemoveMenu
SetActiveWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
GetDlgCtrlID
GetDlgItem
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
EnableScrollBar
UnionRect
MonitorFromPoint
DestroyIcon
LoadImageW
WaitMessage
CharNextW
CopyAcceleratorTableW
InvalidateRgn
SetRect
GetNextDlgGroupItem
SetParent
OpenClipboard
CloseClipboard
SetWindowPos
DestroyWindow
SetClipboardData
EmptyClipboard
SetCursorPos
BringWindowToTop
LockWindowUpdate
GetDoubleClickTime
SetClassLongW
GetIconInfo
CopyIcon
InsertMenuW
GetMenuItemCount
DrawMenuBar
UnregisterClassW
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
IsWindow
SetFocus
GetFocus
IsWindowEnabled
GetParent
MessageBoxW
GetWindowLongW
GetWindowThreadProcessId
GetLastActivePopup
DrawStateW
UpdateWindow
InvalidateRect
FillRect
GetClassNameW
LoadBitmapW
GetKeyNameTextW
MapVirtualKeyW
GetDC
ReleaseDC
CopyRect
RegisterWindowMessageW
DispatchMessageW
PeekMessageW
GetMessagePos
GetMessageTime
PostMessageW
DefWindowProcW
CallWindowProcW
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
IsMenu
IsChild
ModifyMenuW
DestroyAcceleratorTable
EnableWindow
SendMessageW
SetTimer
KillTimer
LoadIconW
UnregisterHotKey
GetSystemMenu
AppendMenuW
GetWindowRect
GetWindowRgn
DestroyCursor
CreateMenu
GetComboBoxInfo
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
MapVirtualKeyExW
IsCharLowerW
IsClipboardFormatAvailable
SubtractRect
InvertRect
HideCaret
PostThreadMessageW
FrameRect
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
CharUpperBuffW
RegisterClipboardFormatW
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
GetUpdateRect
MapWindowPoints
RegisterHotKey

gdi32

GetTextFaceW
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
SetPaletteEntries
ExtFloodFill
LPtoDP
GetSystemPaletteEntries
GetNearestPaletteIndex
EnumFontFamiliesExW
GetPaletteEntries
CreatePalette
RoundRect
OffsetRgn
Rectangle
SetDIBColorTable
StretchBlt
SetPixel
RealizePalette
GetRgnBox
CreateDIBSection
CreateRoundRectRgn
DPtoLP
SetRectRgn
GetMapMode
GetTextCharsetInfo
EnumFontFamiliesW
CreateFontIndirectW
CreateDIBitmap
CreateCompatibleBitmap
GetTextMetricsW
Polyline
Polygon
CreatePolygonRgn
GetTextExtentPoint32W
GetTextColor
GetBkColor
Ellipse
CreateEllipticRgn
CombineRgn
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutW
TextOutW
MoveToEx
SetTextAlign
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
BitBlt
CreateBitmap
SetTextColor
SetBkColor
PatBlt
CreateRectRgnIndirect
GetObjectW
GetStockObject
DeleteObject
CreateSolidBrush
GetDeviceCaps
CreateDCW
CopyMetaFileW
DeleteDC

msimg32

AlphaBlend
TransparentBlt

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

SystemFunction036
RegOpenKeyExW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegCloseKey

shell32

SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetDesktopFolder
DragFinish
DragQueryFileW
ShellExecuteW
SHGetFileInfoW
SHAppBarMessage

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionW
PathFindFileNameW
PathRemoveFileSpecW
StrFormatKBSizeW
PathIsUNCW
PathFileExistsW
PathStripToRootW

uxtheme

GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
GetWindowTheme
IsAppThemed
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
DrawThemeParentBackground
DrawThemeText

ole32

OleInitialize
OleUninitialize
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoRevokeClassObject
CoRegisterMessageFilter
CoFreeUnusedLibraries
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CoInitialize
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoCreateInstance
CoInitializeEx
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc

oleaut32

SysAllocString
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantChangeType
VariantCopy
VarBstrFromDate
LoadTypeLi
OleCreateFontIndirect
VariantClear
VariantInit
SysAllocStringLen
SysFreeString

oledlg

OleUIBusyW

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 429KB - Virtual size: 428KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

13b7eff98bec87f3fca980b395244112

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

version

oleacc

imm32

winmm

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 429KB - Virtual size: 428KB

.data Size: 28KB - Virtual size: 56KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 136KB - Virtual size: 136KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 429KB - Virtual size: 428KB

.data
Size: 28KB - Virtual size: 56KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 136KB - Virtual size: 136KB