422fada9595d76f26d36c9db4a5bb70e57fd39001f0eeb964c8c56ea31e88cc6

Sharing

Copy URL Twitter E-mail

General

Target

422fada9595d76f26d36c9db4a5bb70e57fd39001f0eeb964c8c56ea31e88cc6
Size

2.4MB
MD5

685786c9eb81b5571020624b35f9d0e7
SHA1

f251bd3325070766ca2cdf24e1675709af4e5479
SHA256

422fada9595d76f26d36c9db4a5bb70e57fd39001f0eeb964c8c56ea31e88cc6
SHA512

730c341979f49a951b9e94e0f65861dc557aeb6528d68023fb00389e2381c9b0ac3762cdb63359676538e6a645f0a03361e97891db695cb256db9842ceb85ee7
SSDEEP

24576:xNaO8uSlu9II8DGktHL4Ib9pffrUFKIE9on0/JxoGNG6URkBBN6JdZK5EfDgfPsp:xNalbIyrbc2o0/ZNRfNoZKqsPya

Score

N/A

Malware Config

Signatures

Files

422fada9595d76f26d36c9db4a5bb70e57fd39001f0eeb964c8c56ea31e88cc6
.exe windows x86

996e8c11e7d82cb4a524b974386510b5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wxl_dll

deal_pkpm_style
deal_pkpm_ltype
deal_pkpm_layer3d
WRITE_WMF_FILE
WRITE_EMF_FILE
deal_pkpm_layer

nrclient

ord6
ord5
ord4
ord2
ord7
ord9
ord8
ord10

user32

GetKeyState
DrawIcon
GetClientRect
IsIconic
EnableWindow
GetClassLongA
OffsetRect
DefWindowProcA
PostQuitMessage
MessageBoxA
MoveWindow
EndPaint
BeginPaint
GetDialogBaseUnits
GetSysColor
SetFocus
GetFocus
PostMessageA
SetCursor
LoadCursorA
ShowScrollBar
SetScrollPos
SetScrollRange
ClientToScreen
GetWindowRect
DrawMenuBar
SetMenu
CreateMenu
SetActiveWindow
GetDC
ReleaseDC
AppendMenuA
DispatchMessageA
TranslateMessage
TranslateAcceleratorA
GetCursorPos
PeekMessageA
IsDialogMessageA
GetMessageA
ShowCursor
GetCursor
SendDlgItemMessageA
GetDlgItem
SetWindowLongA
GetParent
GetActiveWindow
CreatePopupMenu
DeleteMenu
GetMenuItemCount
GetMenu
EnableMenuItem
CheckMenuItem
GetSubMenu
SetParent
DestroyMenu
TrackPopupMenuEx
CreateDialogIndirectParamA
DialogBoxIndirectParamA
EndDialog
FillRect
IsWindowEnabled
GetLastActivePopup
SetCursorPos
SendMessageA
ValidateRect
CallNextHookEx
GetNextDlgTabItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
GetMenuCheckMarkDimensions
UnhookWindowsHookEx
SetWindowContextHelpId
GetWindow
SetWindowPos
MapDialogRect
IsWindow
GetWindowPlacement
SystemParametersInfoA
IntersectRect
ShowWindow
GetDlgCtrlID
GetForegroundWindow
GetMessagePos
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
PostThreadMessageA
RegisterClipboardFormatA
InflateRect
CharUpperA
InvalidateRect
MessageBeep
GetNextDlgGroupItem
SetRect
CopyAcceleratorTableA
CharNextA
GetSysColorBrush
CreateWindowExA
GetSystemMetrics
RegisterClassA
LoadIconA
GetWindowLongA
PtInRect
GetClassNameA
GetDesktopWindow
GrayStringA
DrawTextA
TabbedTextOutA
GetWindowDC
LoadStringA
DestroyWindow
LoadBitmapA
UpdateWindow
SetWindowsHookExA
IsWindowVisible
RegisterWindowMessageA
SetWindowTextA
MapWindowPoints
AdjustWindowRectEx
ScreenToClient
CopyRect
GetTopWindow
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
SetForegroundWindow
SetPropA
IsWindowUnicode
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA

gdi32

GetTextExtentPointA
GetMapMode
LPtoDP
DPtoLP
GetTextColor
Escape
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
GetStockObject
IntersectClipRect
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetObjectA
GetClipBox
CreateBitmap
SetAbortProc
StartDocA
StartPage
EndPage
EndDoc
GetTextExtentPoint32A
SetTextAlign
SetBkMode
TextOutA
Polygon
Rectangle
MoveToEx
LineTo
SetPixelV
GetDIBits
SetDIBits
DeleteDC
CreatePen
CreateSolidBrush
CreateRectRgnIndirect
SetROP2
SetMapMode
SelectClipRgn
CreateCompatibleBitmap
PatBlt
CreateCompatibleDC
CreateDIBitmap
SelectObject
CreateFontA
GetBkColor
GetDeviceCaps
GetTextMetricsA
ExtTextOutA
SetTextColor
SetBkColor
SaveDC
RestoreDC
BitBlt
DeleteObject

kernel32

SetErrorMode
CreateFileMappingA
GetFileSize
GlobalFree
GetFileAttributesA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrlenA
GetCommandLineA
SetConsoleCtrlHandler
WritePrivateProfileStringA
FlushFileBuffers
CreateProcessA
GetACP
WaitForSingleObject
DeleteFileA
SetThreadPriority
VirtualFree
VirtualAlloc
WriteFile
GlobalUnlock
MapViewOfFile
GetModuleHandleA
GetModuleFileNameA
GetCurrentThread
VirtualQuery
FreeLibrary
RaiseException
SetLastError
FormatMessageA
GetFileInformationByHandle
DebugBreak
GetFullPathNameA
GetTempPathA
GetStdHandle
CreateFileA
SetFilePointer
GetTempFileNameA
ReadFile
GetProfileStringA
GetSystemTimeAsFileTime
GetLogicalDrives
FileTimeToLocalFileTime
GetTickCount
LoadLibraryA
GetProcAddress
GetCurrentProcess
GetLocalTime
GetVersionExA
GetCurrentProcessId
GetComputerNameA
InterlockedExchange
SetStdHandle
GetExitCodeProcess
CompareStringW
CompareStringA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
IsBadWritePtr
LCMapStringW
LCMapStringA
HeapCreate
HeapDestroy
GetEnvironmentVariableA
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetSystemTime
GetTimeZoneInformation
HeapSize
FindNextFileA
SetCurrentDirectoryA
SetEnvironmentVariableA
GetDriveTypeA
HeapReAlloc
TerminateProcess
HeapAlloc
HeapFree
ExitProcess
GetStartupInfoA
RtlUnwind
SystemTimeToFileTime
GetFileTime
CloseHandle
SetEndOfFile
Sleep
InitializeCriticalSection
FileTimeToSystemTime
GetVolumeInformationA
FindFirstFileA
FindClose
MoveFileA
UnlockFile
LockFile
DuplicateHandle
GetOEMCP
GetCPInfo
SizeofResource
GetThreadLocale
GetProcessVersion
GetCurrentDirectoryA
GlobalFlags
lstrcpynA
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InterlockedDecrement
LocalAlloc
LocalFree
MulDiv
WideCharToMultiByte
InterlockedIncrement
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcpyA
FindResourceA
LoadResource
LockResource
GetCurrentThreadId
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
CopyFileA
MultiByteToWideChar
GlobalAlloc
GlobalLock
GetFileType
GetLastError

advapi32

RegCloseKey
RegEnumValueA
RegOpenKeyA
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA

comdlg32

ChooseFontA
GetFileTitleA
PrintDlgA
GetOpenFileNameA
GetSaveFileNameA
ChooseColorA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

oledlg

ord8

ole32

CoTaskMemFree
CreateILockBytesOnHGlobal
CoTaskMemAlloc
OleInitialize
CLSIDFromString
CLSIDFromProgID
OleUninitialize
OleIsCurrentClipboard
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
CoFreeUnusedLibraries
StgCreateDocfileOnILockBytes
CoGetClassObject

olepro32

ord253

oleaut32

SysStringLen
SysAllocStringByteLen
SysAllocString
VariantTimeToSystemTime
VariantChangeType
VariantCopy
SysFreeString
VariantClear
SysAllocStringLen

comctl32

ord17
InitCommonControlsEx
PropertySheetA
CreateToolbarEx

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 196KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

996e8c11e7d82cb4a524b974386510b5

Headers

File Characteristics

Imports

wxl_dll

nrclient

user32

gdi32

kernel32

advapi32

comdlg32

winspool.drv

oledlg

ole32

olepro32

oleaut32

comctl32

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.rdata Size: 104KB - Virtual size: 102KB

.data Size: 196KB - Virtual size: 4.0MB

.rsrc Size: 16KB - Virtual size: 13KB

.text
Size: 2.1MB - Virtual size: 2.1MB

.rdata
Size: 104KB - Virtual size: 102KB

.data
Size: 196KB - Virtual size: 4.0MB

.rsrc
Size: 16KB - Virtual size: 13KB