d9fecfc5c408f9e2301bcb79170f75d6f5bf33c3d764f7f73ac59c8e9707012f

Sharing

Copy URL

Twitter E-mail

General

Target

d9fecfc5c408f9e2301bcb79170f75d6f5bf33c3d764f7f73ac59c8e9707012f
Size

3.2MB
MD5

35acff80b7b0ce62e7340fa15a909c49
SHA1

13efde4589651c009fa29cf77c2d17b5a03262e6
SHA256

d9fecfc5c408f9e2301bcb79170f75d6f5bf33c3d764f7f73ac59c8e9707012f
SHA512

e867ed74b6667c3bc506715353d72bae7d4d73dd2d4e98180db706855c42474f2326c534f7d2e04a74e5435365939722e87d3324bf41af7047ae792fe92a534a
SSDEEP

49152:13C3EKGJxWmTtcckaI5uJz9lNi8txHM+5YjCpVJJJJDX3BG3UF2AkO:1E+VqElo0xHM+5YjIXpkO

Score

N/A

Malware Config

Signatures

Files

d9fecfc5c408f9e2301bcb79170f75d6f5bf33c3d764f7f73ac59c8e9707012f
.exe windows x86

c58a690c8826c25e33ef057b51b49fc7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveOutClose
waveOutOpen
waveInAddBuffer
mixerGetNumDevs
waveInUnprepareHeader
waveInReset
waveInStart
waveOutUnprepareHeader
waveOutWrite
waveOutPrepareHeader
waveInOpen
waveInClose
sndPlaySoundA
PlaySoundA
waveInPrepareHeader

wininet

InternetQueryDataAvailable
InternetQueryOptionA
InternetGetLastResponseInfoA
HttpQueryInfoA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenUrlA
InternetCloseHandle
InternetOpenA
InternetCanonicalizeUrlA
InternetCrackUrlA

iphlpapi

GetAdaptersInfo
SendARP

shlwapi

PathFileExistsA

kernel32

SetErrorMode
WritePrivateProfileStringA
GetOEMCP
RtlUnwind
GetTimeZoneInformation
HeapFree
HeapAlloc
RaiseException
HeapReAlloc
TerminateProcess
SetStdHandle
GetFileType
HeapSize
GetACP
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
SetHandleCount
GetStdHandle
CompareStringA
CompareStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
IsBadCodePtr
SetEnvironmentVariableA
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
GlobalFlags
GetCurrentThread
GetDiskFreeSpaceA
LocalFileTimeToFileTime
GetFileTime
LocalAlloc
IsBadWritePtr
SuspendThread
SetThreadPriority
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
DuplicateHandle
GetThreadLocale
GetProfileIntA
SetLastError
lstrcpynA
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GetExitCodeThread
WideCharToMultiByte
UnmapViewOfFile
GetFileSize
CreateFileMappingA
MapViewOfFile
IsBadReadPtr
GetPrivateProfileStringA
TerminateThread
SetEvent
ResetEvent
MulDiv
CreateEventA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedIncrement
GetVolumeInformationA
LocalFlags
GetSystemTime
GetComputerNameA
lstrcmpA
GetCurrentThreadId
CopyFileA
GetCommandLineA
CreateMutexA
ExitProcess
InterlockedDecrement
GetWindowsDirectoryA
SizeofResource
lstrcatA
lstrlenA
GetDriveTypeA
FindNextFileA
CreatePipe
GetStartupInfoA
CreateProcessA
ReadFile
FormatMessageA
LocalFree
GetTempFileNameA
MultiByteToWideChar
GlobalUnlock
GetTempPathA
IsDBCSLeadByte
GetFullPathNameA
FindFirstFileA
FindClose
GetFileInformationByHandle
GetFileAttributesA
SystemTimeToFileTime
lstrcpyA
GlobalAlloc
GlobalReAlloc
GlobalFree
LoadResource
LockResource
LoadLibraryA
GetProcAddress
FreeLibrary
GlobalSize
GetSystemDirectoryA
WinExec
GetCurrentProcess
SetProcessWorkingSetSize
WaitForSingleObject
WriteFile
CreateDirectoryA
CreateFileA
SetFileAttributesA
SetFileTime
CloseHandle
DeleteFileA
ExitThread
GetTickCount
CreateThread
ResumeThread
GetLocalTime
GetVersionExA
Sleep
GetLastError
FindResourceA
WriteProfileStringA
GetProfileStringA
GetModuleFileNameA
GlobalLock
GetVersion
InterlockedExchange
GetCurrentDirectoryA

user32

EndPaint
GetDCEx
CharNextA
CharUpperA
ValidateRect
LoadStringA
PostQuitMessage
SetWindowContextHelpId
MapDialogRect
WaitMessage
CopyAcceleratorTableA
GetNextDlgGroupItem
LockWindowUpdate
SetParent
MapWindowPoints
EqualRect
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
GetScrollInfo
SetScrollInfo
GetScrollPos
SetScrollPos
GetTopWindow
WinHelpA
RegisterClassA
GetWindowTextLengthA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetLastActivePopup
GetWindow
GetWindowPlacement
EndDialog
SetActiveWindow
CreateDialogIndirectParamA
GetDlgItem
IsWindowEnabled
GetAsyncKeyState
SetWindowPos
TrackMouseEvent
DeleteMenu
CreatePopupMenu
EnableMenuItem
CheckMenuItem
RegisterClipboardFormatA
SetMenu
PostThreadMessageA
SetWindowRgn
ClipCursor
HideCaret
GetSysColorBrush
GetClassInfoA
DestroyWindow
CreateWindowExA
DefWindowProcA
SetFocus
keybd_event
GetWindowDC
GetLastInputInfo
GetWindowTextA
GetClassNameA
FindWindowExA
EnumWindows
SetClassLongA
TrackPopupMenu
RegisterWindowMessageA
GetSystemMenu
UnregisterHotKey
RegisterHotKey
FindWindowA
CopyImage
CopyIcon
GetCursor
IsChild
AdjustWindowRectEx
BeginPaint
DrawEdge
ChildWindowFromPoint
GetMessagePos
GetMessageA
GetDlgCtrlID
DrawFrameControl
ScrollDC
GetDC
ReleaseDC
AppendMenuA
GetMenuState
GetTabbedTextExtentA
GetIconInfo
TrackPopupMenuEx
ClientToScreen
WindowFromPoint
GetNextDlgTabItem
DestroyMenu
IsWindow
mouse_event
MessageBeep
SetWindowLongA
GetKeyState
SetCursorPos
GetMenuItemCount
GetMenuItemID
ScreenToClient
PostMessageA
GetFocus
FlashWindow
IsZoomed
ShowWindow
GetForegroundWindow
SetForegroundWindow
GetWindowThreadProcessId
PeekMessageA
TranslateMessage
DispatchMessageA
IsClipboardFormatAvailable
GetClipboardData
LoadMenuA
GetSubMenu
ModifyMenuA
KillTimer
DrawIconEx
DestroyIcon
IsWindowVisible
UpdateWindow
GetDesktopWindow
SetRectEmpty
SetTimer
SystemParametersInfoA
wsprintfA
InvalidateRgn
GetCursorPos
IsRectEmpty
MessageBoxA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
IsIconic
DrawIcon
GetWindowRect
SetRect
LoadIconA
GrayStringA
DrawTextA
TabbedTextOutA
GetWindowLongA
CopyRect
FrameRect
InflateRect
FillRect
GetSysColor
OffsetRect
DrawStateA
DrawFocusRect
GetActiveWindow
GetCapture
SetCapture
wvsprintfA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
MoveWindow
SetWindowTextA
IsDialogMessageA
PtInRect
ReleaseCapture
LoadImageA
RedrawWindow
DestroyCursor
LoadBitmapA
SetCursor
GetMenu
ShowScrollBar
InvalidateRect
GetParent
GetSystemMetrics
GetClientRect
LoadCursorA
SendMessageA
EnableWindow
UnionRect
SendDlgItemMessageA
IsWindowUnicode
DefDlgProcA
ExcludeUpdateRgn
ShowCaret
UnregisterClassA
IntersectRect

gdi32

SetStretchBltMode
EnumFontFamiliesA
GetTextCharsetInfo
PatBlt
PolyBezier
ExtFloodFill
CreateRoundRectRgn
CreateEllipticRgn
MoveToEx
LineTo
FillRgn
GetDCOrgEx
SaveDC
RestoreDC
SetBkMode
SetROP2
SetMapMode
SetViewportOrgEx
DPtoLP
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
StretchDIBits
GetViewportExtEx
GetWindowExtEx
SetRectRgn
UnrealizeObject
SetPixel
GetTextColor
GetCurrentObject
CreateSolidBrush
GetClipBox
SelectPalette
GetDIBits
CreateHalftonePalette
GetDIBColorTable
CreatePalette
GetBkColor
RealizePalette
CreateBitmap
SetBkColor
SetTextColor
SetDIBitsToDevice
CreateDIBitmap
PtInRegion
CreatePolygonRgn
FrameRgn
CreatePatternBrush
Ellipse
Polygon
CreatePen
RoundRect
CreateFontA
CreateFontIndirectA
CreateRectRgnIndirect
CombineRgn
GetTextMetricsA
GetTextExtentPoint32A
GetDeviceCaps
GetStockObject
Rectangle
GetPixel
CreateDCA
DeleteDC
CreateRectRgn
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
SelectObject
GetObjectA
StretchBlt
DeleteObject
LPtoDP
GetTextExtentPointA
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
GetMapMode

comdlg32

GetSaveFileNameA
ChooseColorA
GetFileTitleA
ChooseFontA
GetOpenFileNameA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegSetValueExA
RegOpenKeyA
RegDeleteValueA
RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegRestoreKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegSaveKeyA
GetUserNameA
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegEnumValueA
SetFileSecurityA
GetFileSecurityA
RegCloseKey

shell32

ShellExecuteExA
SHChangeNotify
SHGetSpecialFolderLocation
Shell_NotifyIconA
ExtractIconA
ShellExecuteA
SHFileOperationA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetFileInfoA
DragQueryFileA
DragFinish

comctl32

ImageList_AddMasked
ImageList_GetIcon
ImageList_GetImageCount
ImageList_ReplaceIcon
ImageList_Remove
_TrackMouseEvent
ImageList_Draw
ImageList_GetImageInfo
ImageList_GetIconSize
ord17
ImageList_Destroy
ImageList_LoadImageA
ImageList_Create

oledlg

ord8

ole32

OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
StgOpenStorageOnILockBytes
CoGetClassObject
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromString
CLSIDFromProgID
CoUninitialize
CoInitialize
CoCreateInstance
OleCreateStaticFromData
OleDuplicateData
ReleaseStgMedium
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleSetContainedObject
CoCreateGuid
CreateStreamOnHGlobal

olepro32

ord251
ord253

oleaut32

SysAllocStringByteLen
SysAllocString
VariantCopy
SysAllocStringLen
SysFreeString
VariantClear
VariantChangeType
VariantTimeToSystemTime
SysStringLen

wsock32

setsockopt
WSASetLastError
getpeername
connect
accept
htonl
ioctlsocket
inet_addr
WSAGetLastError
send
select
recv
closesocket
ntohl
gethostbyname
gethostname
recvfrom
listen
htons
inet_ntoa
bind
socket
WSAStartup
WSACleanup
WSAAsyncSelect
sendto

msimg32

GradientFill

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 316KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c58a690c8826c25e33ef057b51b49fc7

Headers

File Characteristics

Imports

winmm

wininet

iphlpapi

shlwapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wsock32

msimg32

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 316KB - Virtual size: 314KB

.data Size: 100KB - Virtual size: 135KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 316KB - Virtual size: 314KB

.data
Size: 100KB - Virtual size: 135KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB