b311f1d436593131ea6bb5784257fcf241064e0f5769618e2e9f6bae5beeadf2

Sharing

Copy URL Twitter E-mail

General

Target

b311f1d436593131ea6bb5784257fcf241064e0f5769618e2e9f6bae5beeadf2
Size

3.7MB
MD5

011a9c409fc0309313c9f0531dfd7407
SHA1

d928034626db6c4426b4339354d5c9eb28c92f23
SHA256

b311f1d436593131ea6bb5784257fcf241064e0f5769618e2e9f6bae5beeadf2
SHA512

4c84185eac471f4ae026044d8e6bd3121c5994295d591a8bff09d7aff5b3c8df2a39f1c9b941cafaf7b4324b353e832078b43ac6f3a832cef11ef612c11f32f7
SSDEEP

98304:KvthRB80FWToWQnQFDh5DimtH03RwS+Ug47R6nKCeYMjqLlnG9lyKw:uLR6n6YMjqLlnGbq

Score

N/A

Malware Config

Signatures

Files

b311f1d436593131ea6bb5784257fcf241064e0f5769618e2e9f6bae5beeadf2
.exe windows x86

9f4fb3c5bbeccfeadb3ff78309fe0452

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wxl_dll

deal_pkpm_layer
deal_pkpm_layer3d
deal_pkpm_ltype
deal_pkpm_color
WRITE_EMF_FILE
WRITE_WMF_FILE
deal_pkpm_style

nrclient

ord10
ord6
ord7
ord8
ord9
ord5
ord2
ord4

user32

ShowCursor
GetCursor
CreateDialogIndirectParamA
ReleaseDC
GetParent
WinHelpA
DialogBoxIndirectParamA
EndDialog
SendDlgItemMessageA
GetDlgItem
GetActiveWindow
SetWindowLongA
wvsprintfA
wsprintfA
IsWindowEnabled
GetLastActivePopup
SetWindowsHookExA
IsWindowVisible
ValidateRect
CallNextHookEx
GetNextDlgTabItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
GetMenuCheckMarkDimensions
UnhookWindowsHookEx
SetWindowContextHelpId
SetWindowPos
MapDialogRect
IsWindow
GetWindowPlacement
SystemParametersInfoA
IntersectRect
RegisterWindowMessageA
SetForegroundWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
GetDlgCtrlID
GetWindowTextLengthA
PostThreadMessageA
RegisterClipboardFormatA
InvalidateRect
IsDialogMessageA
GetMessageA
GetMenuItemID
CheckMenuItem
DefWindowProcA
MessageBeep
GetNextDlgGroupItem
SetRect
CopyAcceleratorTableA
CharNextA
LoadStringA
GetSysColorBrush
PtInRect
GetClassNameA
EnableMenuItem
GetDesktopWindow
CharUpperA
InflateRect
GrayStringA
DrawTextA
TabbedTextOutA
GetWindowDC
SetWindowTextA
IsIconic
GetClientRect
DrawIcon
SendMessageA
LoadBitmapA
UpdateWindow
ShowWindow
CreateWindowExA
GetSystemMetrics
RegisterClassA
LoadIconA
GetWindowLongA
MapWindowPoints
AdjustWindowRectEx
ScreenToClient
CopyRect
TranslateMessage
DispatchMessageA
PeekMessageA
TranslateAcceleratorA
GetKeyState
SetCursorPos
GetCursorPos
TrackPopupMenuEx
DestroyMenu
SetParent
GetSubMenu
GetTopWindow
GetMenu
GetMenuItemCount
DeleteMenu
CreatePopupMenu
SetActiveWindow
CreateMenu
AppendMenuA
SetMenu
DrawMenuBar
GetWindowRect
ClientToScreen
SetScrollRange
SetScrollPos
ShowScrollBar
LoadCursorA
SetCursor
SetFocus
GetSysColor
GetDialogBaseUnits
BeginPaint
EndPaint
MoveWindow
MessageBoxA
DestroyWindow
PostQuitMessage
FillRect
GetDC
GetWindow
GetWindowTextA
OffsetRect
PostMessageA
GetFocus
EnableWindow
IsChild
GetCapture
GetClassInfoA
IsWindowUnicode
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA

gdi32

GetTextExtentPointA
LPtoDP
GetTextColor
DPtoLP
GetMapMode
Escape
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject
IntersectClipRect
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetObjectA
GetClipBox
CreateBitmap
GetTextExtentPoint32A
SetTextAlign
SetBkMode
TextOutA
Polygon
Rectangle
MoveToEx
LineTo
SetPixelV
GetDIBits
SetDIBits
CreatePen
CreateSolidBrush
CreateRectRgnIndirect
SetROP2
SetMapMode
SelectClipRgn
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBitmap
SelectObject
SetAbortProc
StartDocA
StartPage
EndPage
EndDoc
DeleteDC
GetBkColor
GetDeviceCaps
GetTextMetricsA
ExtTextOutA
SetTextColor
SetBkColor
SaveDC
RestoreDC
BitBlt
CreateFontA
PatBlt
Arc
GetStockObject

kernel32

GetLocalTime
GlobalGetAtomNameA
lstrcatA
GetCommandLineA
WritePrivateProfileStringA
DeleteCriticalSection
GetFullPathNameA
TlsAlloc
GetTempFileNameA
CreateFileA
GetTempPathA
CloseHandle
LoadLibraryA
GetProfileStringA
GetLogicalDrives
GetComputerNameA
InterlockedExchange
GetExitCodeProcess
CompareStringW
CompareStringA
IsBadCodePtr
IsBadReadPtr
SetStdHandle
SetUnhandledExceptionFilter
GetCurrentProcessId
GetStringTypeW
GetStringTypeA
IsBadWritePtr
LCMapStringW
LCMapStringA
HeapCreate
HeapDestroy
GetEnvironmentVariableA
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetSystemTime
GetTimeZoneInformation
HeapSize
FindNextFileA
SetCurrentDirectoryA
SetEnvironmentVariableA
GetDriveTypeA
TerminateProcess
HeapFree
HeapReAlloc
HeapAlloc
ExitProcess
GetStartupInfoA
RtlUnwind
GetTickCount
FileTimeToLocalFileTime
FileTimeToSystemTime
SystemTimeToFileTime
GetFileTime
GetOEMCP
GetCPInfo
SizeofResource
GetProcessVersion
GetCurrentDirectoryA
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
GlobalLock
ReadFile
InitializeCriticalSection
GlobalUnlock
MultiByteToWideChar
GetThreadLocale
GetVolumeInformationA
FindFirstFileA
FindClose
MoveFileA
UnlockFile
LockFile
DuplicateHandle
lstrcpynA
WideCharToMultiByte
InterlockedIncrement
MulDiv
GetVersion
GlobalAddAtomA
GlobalFindAtomA
lstrcpyA
FindResourceA
LoadResource
LockResource
InterlockedDecrement
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThreadId
LocalAlloc
LocalFree
UnmapViewOfFile
GetFileSize
CopyFileA
GlobalAlloc
GlobalFree
SetLastError
GetCurrentProcess
GetProcAddress
lstrlenA
GetPrivateProfileStringA
GetPrivateProfileIntA
SetConsoleCtrlHandler
GetACP
FlushFileBuffers
WriteFile
CreateProcessA
SetThreadPriority
WaitForSingleObject
DeleteFileA
GetModuleHandleA
CreateFileMappingA
MapViewOfFile
VirtualQuery
GetModuleFileNameA
GetCurrentThread
SetEndOfFile
FreeLibrary
RaiseException
DebugBreak
FormatMessageA
GetFileInformationByHandle
GetStdHandle
GetLastError
SetFilePointer
GetFileAttributesA
Sleep
VirtualAlloc
VirtualFree
GetFileType
SetErrorMode
GetVersionExA
GetSystemTimeAsFileTime

advapi32

RegQueryValueExA
RegEnumValueA
RegOpenKeyA
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegCloseKey

comdlg32

ChooseFontA
GetOpenFileNameA
ChooseColorA
GetFileTitleA
GetSaveFileNameA
PrintDlgA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

oledlg

ord8

ole32

CoTaskMemFree
CoTaskMemAlloc
CLSIDFromString
CreateILockBytesOnHGlobal
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CLSIDFromProgID
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject

olepro32

ord253

oleaut32

SysAllocString
VariantChangeType
VariantCopy
VariantTimeToSystemTime
VariantClear
SysAllocStringLen
SysFreeString
SysAllocStringByteLen
SysStringLen

comctl32

PropertySheetA
ImageList_Destroy
CreateToolbarEx
InitCommonControlsEx
ord17

openview

OpenGLKey
OpenGLEnd
OpenGLBegin
OpenGLCameraOut
OpenGLCameraIn
OpenGLReSize
OpenGLAllDraw
OpenGLState

Sections

.text
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 232KB - Virtual size: 25.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f4fb3c5bbeccfeadb3ff78309fe0452

Headers

File Characteristics

Imports

wxl_dll

nrclient

user32

gdi32

kernel32

advapi32

comdlg32

winspool.drv

oledlg

ole32

olepro32

oleaut32

comctl32

openview

Sections

.text Size: 3.1MB - Virtual size: 3.1MB

.rdata Size: 252KB - Virtual size: 251KB

.data Size: 232KB - Virtual size: 25.7MB

.rsrc Size: 32KB - Virtual size: 30KB

.text
Size: 3.1MB - Virtual size: 3.1MB

.rdata
Size: 252KB - Virtual size: 251KB

.data
Size: 232KB - Virtual size: 25.7MB

.rsrc
Size: 32KB - Virtual size: 30KB