037a0930de50473bdd85078acbba15d5c4bd67e7cb1d404dfb52aac05e2f38c3

Sharing

Copy URL

Twitter E-mail

General

Target

037a0930de50473bdd85078acbba15d5c4bd67e7cb1d404dfb52aac05e2f38c3
Size

1.2MB
MD5

cb936d5640b7a4d50b040119b494513a
SHA1

24c9754efc83b866d0f14f98ea244cd339cbd2f9
SHA256

037a0930de50473bdd85078acbba15d5c4bd67e7cb1d404dfb52aac05e2f38c3
SHA512

09ecdb8f8f5c9ad7c94caf3e705b6332412a1be9101919ba27fba0546892a359f607b650f79af6e8535ef4f15d930c14a4ba4cfe5dacfecaa9f7b326612f6767
SSDEEP

24576:fpw6B8HH87Ya+5ng/OHepaKkhL3Us0oRiRaSEd:hwS8SqpHepaKkhL3Us0oRiRhEd

Score

N/A

Malware Config

Signatures

Files

037a0930de50473bdd85078acbba15d5c4bd67e7cb1d404dfb52aac05e2f38c3
.exe windows x86

7fde4d9c41da33709a17751ef2d6fb50

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
GlobalLock
GlobalAlloc
CreateFileA
GetThreadLocale
lstrcmpiW
WideCharToMultiByte
WriteConsoleW
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
SetFilePointerEx
FlushFileBuffers
GetConsoleCP
GetConsoleMode
CreateDirectoryW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetStdHandle
FreeLibraryAndExitThread
ExitThread
CreateThread
GetModuleHandleExW
InitializeSListHead
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
UnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
SetEvent
GetCPInfo
GetLocaleInfoW
LCMapStringW
GetSystemTimeAsFileTime
CreateEventW
GetStringTypeW
SetHandleInformation
CreatePipe
ReleaseMutex
CreateMutexW
lstrlenW
OutputDebugStringW
GetExitCodeProcess
CreateProcessW
WTSGetActiveConsoleSessionId
DosDateTimeToFileTime
SystemTimeToFileTime
DuplicateHandle
SetFileTime
SetFilePointer
WriteFile
GetFileType
GetCurrentProcess
CreateFileW
ReadFile
GetFileSize
FindResourceW
SizeofResource
LoadResource
ExitProcess
LockResource
FreeResource
GetCurrentDirectoryW
MultiByteToWideChar
GetACP
MulDiv
InterlockedIncrement
SetUnhandledExceptionFilter
CopyFileW
GetPrivateProfileStringA
GetCommandLineW
GetCurrentProcessId
GetCurrentThreadId
GetLocalTime
GetLastError
RemoveDirectoryW
GetPrivateProfileStringW
CloseHandle
lstrcmpW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetModuleFileNameW
DeleteFileW
InterlockedDecrement
InitializeCriticalSectionAndSpinCount
LoadLibraryW
GetTempPathW
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
SetDllDirectoryW
GetProcAddress
GetModuleHandleW
GetSystemDirectoryW
EncodePointer
RtlUnwind
DecodePointer
LocalFree
ResumeThread
WaitForSingleObject
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
LoadLibraryExW
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetLastError
RaiseException
GetTickCount

user32

GetDC
MessageBoxW
GetFocus
GetParent
DefWindowProcW
DestroyWindow
ShowWindow
MoveWindow
SetCapture
SetWindowLongW
SetTimer
CreateAcceleratorTableW
ReleaseDC
BeginPaint
EndPaint
InvalidateRect
GetWindowLongW
IsWindow
SetFocus
ReleaseCapture
SendMessageW
InvalidateRgn
GetClientRect
ClientToScreen
ScreenToClient
FillRect
PtInRect
CharNextW
SetCursor
IntersectRect
LoadCursorW
wvsprintfW
UnionRect
OffsetRect
GetMessageW
TranslateMessage
DispatchMessageW
PostMessageW
PostQuitMessage
CallWindowProcW
RegisterClassW
RegisterClassExW
GetClassInfoExW
CreateWindowExW
SetWindowPos
IsIconic
EnableWindow
GetSystemMetrics
SetPropW
GetPropW
GetWindowRect
GetWindow
LoadImageW
MonitorFromWindow
GetMonitorInfoW
IsWindowVisible
GetActiveWindow
GetKeyState
KillTimer
GetUpdateRect
IsRectEmpty
GetGUIThreadInfo
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
GetSysColor
GetCaretPos
SetCaretPos
ShowCaret
HideCaret
GetCaretBlinkTime
CreateCaret
GetWindowRgn
SetRect
DrawTextW
CharPrevW
SetWindowRgn
IsZoomed
MapWindowPoints
GetCursorPos

gdi32

RoundRect
LineTo
GetTextExtentPoint32W
GetClipBox
GetCharABCWidthsW
CreateSolidBrush
CreateRectRgnIndirect
CreatePenIndirect
CombineRgn
CreateRoundRectRgn
GetObjectA
SetWindowOrgEx
GetObjectW
SelectClipRgn
SelectObject
SaveDC
RestoreDC
Rectangle
GetStockObject
DeleteObject
DeleteDC
CreatePen
CreateFontIndirectW
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
GetDeviceCaps
ExtSelectClipRgn
SetBkColor
SetBkMode
StretchBlt
SetStretchBltMode
SetTextColor
CreateDIBSection
MoveToEx
TextOutW
ExtTextOutW
GdiFlush
CreateRectRgn
PtInRegion
CreatePatternBrush
GetTextMetricsW

shell32

ShellExecuteW
CommandLineToArgvW

ole32

CreateStreamOnHGlobal
OleLockRunning
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

VariantClear
VariantInit
SysAllocString
SysFreeString

gdiplus

GdipSetSmoothingMode
GdipSetPixelOffsetMode
GdipSetTextRenderingHint
GdipSetInterpolationMode
GdipGraphicsClear
GdipDrawImage
GdipDrawImageRectI
GdipDeleteFontFamily
GdipSetCompositingQuality
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipDeleteFont
GdipGetFamily
GdipSetStringFormatLineAlign
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatAlign
GdipCreateBitmapFromScan0
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdipCreateLineBrushI
GdipDeleteBrush
GdipCloneBrush
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipGetImageHeight
GdipGetImageWidth
GdipLoadImageFromStream
GdipDrawString
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame

shlwapi

PathRemoveFileSpecW
StrCmpW
PathFileExistsW
PathFileExistsA

comctl32

_TrackMouseEvent
ord17

imm32

ImmReleaseContext
ImmSetCompositionFontW
ImmSetCompositionWindow
ImmGetContext

wtsapi32

WTSQuerySessionInformationW
WTSFreeMemory

netapi32

NetApiBufferFree
NetUserGetInfo

advapi32

RegCloseKey
RegOpenKeyExW
RegDeleteKeyW
RegEnumKeyExW
CheckTokenMembership
AllocateAndInitializeSid
FreeSid

Sections

.text
Size: 627KB - Virtual size: 626KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 428KB - Virtual size: 428KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7fde4d9c41da33709a17751ef2d6fb50

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

oleaut32

gdiplus

shlwapi

comctl32

imm32

wtsapi32

netapi32

advapi32

Sections

.text Size: 627KB - Virtual size: 626KB

.rdata Size: 158KB - Virtual size: 158KB

.data Size: 8KB - Virtual size: 23KB

.gfids Size: 512B - Virtual size: 496B

.tls Size: 512B - Virtual size: 9B

_RDATA Size: 512B - Virtual size: 32B

.rsrc Size: 428KB - Virtual size: 428KB

.reloc Size: 33KB - Virtual size: 32KB

.text
Size: 627KB - Virtual size: 626KB

.rdata
Size: 158KB - Virtual size: 158KB

.data
Size: 8KB - Virtual size: 23KB

.gfids
Size: 512B - Virtual size: 496B

.tls
Size: 512B - Virtual size: 9B

_RDATA
Size: 512B - Virtual size: 32B

.rsrc
Size: 428KB - Virtual size: 428KB

.reloc
Size: 33KB - Virtual size: 32KB