33e1391f4d8d42ca1f01c2e02f26d239bd9036b2f3ca357d14bcab86e1601de1

Sharing

Copy URL Twitter E-mail

General

Target

33e1391f4d8d42ca1f01c2e02f26d239bd9036b2f3ca357d14bcab86e1601de1
Size

2.6MB
MD5

3d66a4acea21cc348d8fc4b15e8504e0
SHA1

e6ae5fb3096ffbf006b9dd9a4e164cc1c471789f
SHA256

33e1391f4d8d42ca1f01c2e02f26d239bd9036b2f3ca357d14bcab86e1601de1
SHA512

01c0ec23ec69280d1aab2ebffe89b7d2dee05b3b3dd8f2ff3423ed4079545f483b142fb709783c3d3e4fd89d27c4f6f5442911989eeadea931c5f6d639092004
SSDEEP

49152:EMcxNb97A37LxhPEMPUlXf38od11VTKQ:8NlA3hhPtMPsor7T

Score

N/A

Malware Config

Signatures

Files

33e1391f4d8d42ca1f01c2e02f26d239bd9036b2f3ca357d14bcab86e1601de1
.exe windows x86

34304e0a2d94fc6fe6974c73da80ecbf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wxl_dll

deal_pkpm_ltype
WRITE_WMF_FILE
deal_pkpm_layer
deal_pkpm_style

jsgz

GetDehFromCYDEB
DatabaseIsOpen
GetQuotaStr
OpenDatabase
GetJsgzDetail
CloseDatabase
GetKjgxFromDb
SetDehToCYDEB
GetSingleQuota
GetSingleZF
JsgzSetup

kernel32

GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
LCMapStringA
VirtualAlloc
VirtualFree
SetPriorityClass
UnhandledExceptionFilter
GetLocalTime
GetSystemTime
WinExec
LCMapStringW
SetEnvironmentVariableA
HeapCreate
HeapDestroy
SetStdHandle
SetHandleCount
HeapFree
GetTimeZoneInformation
Sleep
GetCurrentProcessId
DebugBreak
FormatMessageA
CreateMutexA
GetCurrentThreadId
GetFileInformationByHandle
CloseHandle
GetStdHandle
GetFullPathNameA
GetTempPathA
GetTempFileNameA
CreateFileA
GetFileType
SetEndOfFile
ReadFile
SetFilePointer
GetLastError
WaitForSingleObject
InterlockedExchange
ReleaseMutex
GetFileAttributesA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
HeapSize
GetProfileStringA
GetDriveTypeA
SetCurrentDirectoryA
FindNextFileA
GetSystemTimeAsFileTime
GetLogicalDrives
HeapReAlloc
ExitProcess
HeapAlloc
TerminateProcess
GetTickCount
GetStartupInfoA
RtlUnwind
CopyFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileSize
FindFirstFileA
GetVolumeInformationA
UnlockFile
FindClose
MoveFileA
DuplicateHandle
LockFile
FlushFileBuffers
SizeofResource
GetCurrentDirectoryA
LocalReAlloc
GetOEMCP
GetCPInfo
LeaveCriticalSection
EnterCriticalSection
GlobalReAlloc
DeleteCriticalSection
TlsFree
GlobalHandle
GlobalFlags
InitializeCriticalSection
LocalAlloc
GetDiskFreeSpaceA
GetProcessVersion
MulDiv
GetFileTime
SetFileTime
LocalFree
GlobalAlloc
lstrcmpA
InterlockedIncrement
WideCharToMultiByte
InterlockedDecrement
GlobalFree
MultiByteToWideChar
GetThreadLocale
LockResource
FindResourceA
LoadResource
GlobalDeleteAtom
lstrcmpiA
GlobalFindAtomA
lstrcpynA
lstrcatA
GlobalLock
GlobalAddAtomA
GlobalUnlock
GlobalGetAtomNameA
lstrlenA
GetVersion
lstrcpyA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
SetErrorMode
GetCommandLineA
SetConsoleCtrlHandler
TlsGetValue
GetACP
TlsAlloc
CreateProcessA
TlsSetValue
WriteFile
DeleteFileA
SetThreadPriority
GetVersionExA
GetExitCodeProcess
GetModuleHandleA
CreateFileMappingA
MapViewOfFile
VirtualQuery
GetModuleFileNameA
LoadLibraryA
GetProcAddress
GetCurrentProcess
GetCurrentThread
SetLastError
FreeLibrary
RaiseException
GetEnvironmentVariableA
GetComputerNameA
GetThreadPriority
GetPriorityClass
DeviceIoControl

user32

LoadCursorA
DestroyCursor
MapDialogRect
SetWindowContextHelpId
GetMessageA
TranslateMessage
ValidateRect
GetCursorPos
ShowOwnedPopups
PostQuitMessage
CharNextA
GetDC
ReleaseDC
EndDialog
CreateDialogIndirectParamA
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
MoveWindow
SetWindowTextA
FillRect
SetRect
SetDlgItemTextA
SendDlgItemMessageA
MapWindowPoints
GetSysColor
DispatchMessageA
ScreenToClient
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
MessageBoxA
IsChild
IsDialogMessageA
PtInRect
GetWindowTextLengthA
GetWindowTextA
DefWindowProcA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
AppendMenuA
GetSystemMenu
PostThreadMessageA
GetForegroundWindow
SetForegroundWindow
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetLastActivePopup
IsWindowVisible
IsIconic
ClientToScreen
GetSysColorBrush
CopyRect
GetDlgItem
InvalidateRect
GetKeyState
GetDlgCtrlID
UnpackDDElParam
ReuseDDElParam
SetActiveWindow
WinHelpA
SetMenu
GetClassInfoA
LoadMenuA
DestroyMenu
SetFocus
GetDesktopWindow
GetWindow
IsWindowEnabled
SetCursor
PeekMessageA
PostMessageA
GetCapture
ReleaseCapture
LoadAcceleratorsA
SetRectEmpty
RegisterWindowMessageA
GetActiveWindow
wsprintfA
GetParent
GetMenuItemID
AdjustWindowRectEx
RedrawWindow
SetWindowPos
GetClientRect
IsZoomed
SetParent
IsRectEmpty
SetTimer
SetWindowLongA
IsWindow
DefMDIChildProcA
DrawMenuBar
TranslateAcceleratorA
TranslateMDISysAccel
DefFrameProcA
BringWindowToTop
GetMenu
GetMenuItemCount
GetSubMenu
OffsetRect
CreateWindowExA
GetSystemMetrics
LoadBitmapA
UpdateWindow
ShowWindow
RegisterClassA
LoadIconA
GetWindowLongA
DestroyWindow
GetWindowRect
EnableWindow
SendMessageA
KillTimer
WindowFromPoint
RemovePropA
GetFocus
GetClassNameA
LoadStringA
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
GetDialogBaseUnits
InflateRect
CopyAcceleratorTableA
TrackPopupMenuEx
CreatePopupMenu
DialogBoxIndirectParamA
GetCursor
ShowCursor
SetCursorPos
CreateMenu
EqualRect
RegisterClipboardFormatA
LockWindowUpdate
GetDCEx
InvertRect
SetCapture
GetTabbedTextExtentA
FindWindowA
CharUpperA
MessageBeep
GetNextDlgGroupItem
GetMessageTime
GetMessagePos
GetNextDlgTabItem
EnableMenuItem
DeleteMenu
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode
UnregisterClassA

gdi32

GetTextExtentPointA
SetTextColor
GetObjectA
CreateBitmap
PatBlt
CreateRectRgnIndirect
GetTextColor
GetBkColor
GetDeviceCaps
Rectangle
DPtoLP
CreatePen
GetViewportOrgEx
AbortDoc
EndPage
StartPage
EndDoc
SetAbortProc
CreateDCA
StartDocA
GetTextExtentPoint32A
SelectObject
DeleteDC
StretchDIBits
CreateCompatibleDC
GetTextMetricsA
GetCharWidthA
CreateFontA
CreateCompatibleBitmap
RestoreDC
SaveDC
SetPolyFillMode
SetROP2
SetBkMode
SetMapMode
SetViewportOrgEx
SetStretchBltMode
SetViewportExtEx
ScaleViewportExtEx
OffsetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
DeleteObject
ScaleWindowExtEx
ExcludeClipRect
IntersectClipRect
SelectClipRgn
MoveToEx
LineTo
SetTextAlign
GetCurrentPositionEx
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
PtVisible
CreatePatternBrush
TextOutA
ExtTextOutA
RectVisible
CreateFontIndirectA
GetMapMode
Escape
CombineRgn
LPtoDP
SetRectRgn
GetStretchBltMode
GetPolyFillMode
GetNearestColor
GetBkMode
GetROP2
GetTextAlign
GetWindowOrgEx
BitBlt
GetTextFaceA
CreateDIBitmap
SetDIBits
SetPixelV
Polygon
GetDIBits
GetStockObject
GetClipBox
SetBkColor

comdlg32

CommDlgExtendedError
PrintDlgA
GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA
ChooseColorA
ChooseFontA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

SetFileSecurityA
GetFileSecurityA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegOpenKeyA
RegEnumValueA

shell32

DragFinish
DragQueryFileA

comctl32

ImageList_Destroy
ord17
CreateToolbarEx
PropertySheetA

oledlg

ord8

ole32

StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoGetClassObject
CoTaskMemFree
CoUninitialize
CoInitialize
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoTaskMemAlloc
CLSIDFromProgID
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CLSIDFromString

olepro32

ord253

oleaut32

SysAllocStringByteLen
SysStringLen
VariantCopy
VariantTimeToSystemTime
SysAllocString
VariantClear
VariantChangeType
SysAllocStringLen
SysFreeString

qm

QMOpenCnn
QMReadQuotaRst
QMSelAQuotaDlg
QMCloseCnn

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 116KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 192KB - Virtual size: 7.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_TEXT_HA
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

34304e0a2d94fc6fe6974c73da80ecbf

Headers

File Characteristics

Imports

wxl_dll

jsgz

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

qm

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.rdata Size: 116KB - Virtual size: 113KB

.data Size: 192KB - Virtual size: 7.8MB

.tls Size: 4KB - Virtual size: 56B

_TEXT_HA Size: 64KB - Virtual size: 63KB

.rsrc Size: 32KB - Virtual size: 28KB

.text
Size: 2.1MB - Virtual size: 2.1MB

.rdata
Size: 116KB - Virtual size: 113KB

.data
Size: 192KB - Virtual size: 7.8MB

.tls
Size: 4KB - Virtual size: 56B

_TEXT_HA
Size: 64KB - Virtual size: 63KB

.rsrc
Size: 32KB - Virtual size: 28KB