5f8fae1641a616a9c49552fa4d861da761986bdfedff2ac4fe464b9c3dd1b77f

Sharing

Copy URL Twitter E-mail

General

Target

5f8fae1641a616a9c49552fa4d861da761986bdfedff2ac4fe464b9c3dd1b77f
Size

2.1MB
MD5

df2cef0eab4f6f23624fba67a2dd3191
SHA1

1e9381bbcea530fabd3c65796af8e24e54a7c446
SHA256

5f8fae1641a616a9c49552fa4d861da761986bdfedff2ac4fe464b9c3dd1b77f
SHA512

dd3eddb17d961357cf530a69e9f188c0d25e1a2a4ff644b44e620fc58ba0e1fec2f5826699122cc9f93fe1d0a02f8966c44b2ba2b2a8d0f59134e5be4792e8d5
SSDEEP

49152:AaHiRlhbve2Hb95b9v5at+OsTN8SWJKBLGO0ZcZPC1TJKMBgvkk:ANhbe2h99v5at+OsTOVJGLV1PClJhy

Score

N/A

Malware Config

Signatures

Files

5f8fae1641a616a9c49552fa4d861da761986bdfedff2ac4fe464b9c3dd1b77f
.exe windows x86

cead4abb26962109b1ea4df4dc5e46d9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExW
RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegCreateKeyExW
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteKeyW
RegOpenKeyExA
RegQueryValueExA
CryptAcquireContextW
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext
RegSetValueExA
RegDeleteValueW
RegOpenKeyW
RegEnumKeyW
RegQueryValueW

iphlpapi

GetExtendedUdpTable
GetExtendedTcpTable
GetIpForwardTable
GetAdaptersInfo
SendARP
GetAdaptersAddresses

setupapi

SetupCopyOEMInfW
CM_Reenumerate_DevNode_Ex
CM_Locate_DevNode_ExW
CM_Get_DevNode_Status
SetupDiGetDeviceInstallParamsW
SetupDiSetClassInstallParamsW
SetupDiClassGuidsFromNameW
SetupDiCallClassInstaller
SetupDiSetDeviceRegistryPropertyW
SetupDiCreateDeviceInfoW
SetupDiCreateDeviceInfoList
SetupDiGetINFClassW
SetupDiEnumDeviceInfo
SetupDiGetClassDevsW
SetupDiGetDeviceRegistryPropertyW
SetupDiOpenDevRegKey
SetupDiDestroyDeviceInfoList

uxtheme

DrawThemeBackground
CloseThemeData

psapi

EnumProcessModules
GetModuleBaseNameW
EnumProcesses

rasapi32

RasGetEntryPropertiesW
RasSetEntryPropertiesW
RasDeleteEntryW

kernel32

GetTempPathW
SearchPathW
GetProfileIntW
VirtualProtect
FindResourceExW
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
RtlUnwind
RaiseException
HeapReAlloc
ExitThread
ExitProcess
HeapSize
SetStdHandle
GetFileType
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStartupInfoA
HeapCreate
lstrcpyW
VirtualFree
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
SetErrorMode
GetFileSizeEx
GetTempFileNameW
GetFileTime
GetModuleHandleW
GetLastError
LocalFree
HeapAlloc
GetProcessHeap
HeapFree
Sleep
SizeofResource
LockResource
LoadResource
FindResourceW
GetCurrentProcessId
ResumeThread
WaitForSingleObject
DeviceIoControl
GlobalGetAtomNameW
InterlockedIncrement
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
CreateFileW
CloseHandle
OutputDebugStringW
GetFullPathNameW
GetLocaleInfoW
LoadLibraryExW
CompareStringA
InterlockedExchange
GetVolumeInformationW
FindFirstFileW
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetThreadLocale
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
WritePrivateProfileStringW
GetPrivateProfileIntW
SuspendThread
SetThreadPriority
GetModuleHandleA
GlobalFree
CopyFileW
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
MulDiv
FreeResource
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
lstrlenA
lstrcmpA
InterlockedDecrement
GetFileAttributesW
GetVersionExW
GetCurrentProcess
DeleteTimerQueueTimer
OpenEventW
GetCommandLineW
WaitForMultipleObjects
CreateThread
WideCharToMultiByte
OpenProcess
SetEvent
GetExitCodeProcess
CreateProcessW
GetCurrentThreadId
GetLocalTime
SetLastError
GetVersion
MultiByteToWideChar
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetTickCount
DeleteTimerQueueEx
CreateEventW
CreateTimerQueueTimer
CreateTimerQueue
RemoveDirectoryW
ReadFile
WriteFile
GetWindowsDirectoryW
GetSystemDirectoryW
GetCurrentDirectoryW
GetModuleFileNameW
DeleteFileW
FreeLibrary
GetProcAddress
LoadLibraryW
lstrlenW
SetHandleCount

user32

CreateMenu
GetWindowRgn
SetCapture
UnpackDDElParam
ReuseDDElParam
LoadAcceleratorsW
InsertMenuItemW
GetSysColorBrush
ShowOwnedPopups
SetWindowContextHelpId
MapDialogRect
MessageBeep
IsZoomed
CharUpperW
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
WindowFromPoint
GetMessageW
ValidateRect
MapVirtualKeyW
GetKeyNameTextW
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
SetWindowTextW
IsDialogMessageW
CheckDlgButton
LoadMenuW
GetWindowThreadProcessId
IsWindowEnabled
EndPaint
BeginPaint
GetWindowDC
GetMenuState
GetMenuStringW
RemoveMenu
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetDoubleClickTime
SetScrollPos
GetScrollPos
ShowScrollBar
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExW
GetClassInfoExW
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
CallWindowProcW
GetMenu
SetWindowLongW
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
SetForegroundWindow
FindWindowW
MessageBoxW
DrawIcon
GetSystemMetrics
IsIconic
PostQuitMessage
AppendMenuW
GetSystemMenu
LoadIconW
SetWindowPos
SendInput
GrayStringW
DrawTextExW
TabbedTextOutW
SetRect
DrawEdge
OffsetRect
DrawTextW
SetFocus
ReleaseCapture
GetCapture
TrackMouseEvent
SetClassLongW
GetClassLongW
GetDlgCtrlID
IsRectEmpty
SetRectEmpty
InflateRect
CopyImage
DestroyIcon
GetIconInfo
IsWindowVisible
MoveWindow
EqualRect
MapWindowPoints
ShowWindow
GetRawInputData
RegisterRawInputDevices
LoadCursorW
IsWindow
SetCursorPos
ClientToScreen
GetActiveWindow
GetWindowLongW
ScreenToClient
SetCursor
PtInRect
GetCursorPos
SubtractRect
CopyIcon
CharUpperBuffW
GetUpdateRect
FrameRect
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
IsClipboardFormatAvailable
MapVirtualKeyExW
IsCharLowerW
GetMenuDefaultItem
SetMenuDefaultItem
InsertMenuW
CreatePopupMenu
DrawFocusRect
FillRect
ReleaseDC
GetDC
DestroyCursor
GetSysColor
CopyRect
RegisterClassW
GetClassInfoW
UnregisterClassW
DeleteMenu
UpdateLayeredWindow
EnableScrollBar
DrawFrameControl
DrawIconEx
UnionRect
GetNextDlgGroupItem
InvalidateRgn
CharNextW
EmptyClipboard
CloseClipboard
SetClipboardData
LoadImageW
OpenClipboard
DrawStateW
RegisterClipboardFormatW
EnumChildWindows
IsMenu
NotifyWinEvent
SetWindowRgn
CreateAcceleratorTableW
WaitMessage
GetAsyncKeyState
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
CopyAcceleratorTableW
PostThreadMessageW
GetScrollRange
DefWindowProcW
EnableWindow
GetWindowRect
RedrawWindow
GetParent
GetClientRect
InvalidateRect
GetDesktopWindow
UpdateWindow
SendMessageW
SetTimer
LockWindowUpdate
BringWindowToTop
KillTimer
MsgWaitForMultipleObjects
PeekMessageW
TranslateMessage
DispatchMessageW
PostMessageW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
SetParent
GetFocus
TranslateAcceleratorW
GetKeyState
DestroyAcceleratorTable

gdi32

Polygon
SetPixelV
SelectObject
DeleteDC
GetStockObject
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
GetDCOrgEx
GetClipBox
SetTextColor
SetBkColor
CopyMetaFileW
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetMapMode
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
SelectClipRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
CreatePolygonRgn
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
CreateBitmap
SelectPalette
CombineRgn
GetObjectType
CreateHatchBrush
CreateRectRgnIndirect
SetRectRgn
GetMapMode
DPtoLP
GetTextMetricsW
OffsetRgn
GetRgnBox
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
CreateRoundRectRgn
GetTextColor
SetDIBColorTable
GetDIBits
RealizePalette
StretchBlt
SetPixel
CreateDIBSection
GetBkColor
CreateEllipticRgn
Polyline
Ellipse
Rectangle
RoundRect
CreatePalette
GetPaletteEntries
GetWindowOrgEx
FillRgn
FrameRgn
GetBoundsRect
GetViewportOrgEx
LPtoDP
ExtFloodFill
SetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
GetTextFaceW
PtInRegion
DeleteObject
PatBlt
CreateRectRgn
CreateFontIndirectW
GetObjectW
CreateSolidBrush
GetDeviceCaps
CreatePen
GetTextExtentPoint32W
BitBlt
CreateCompatibleBitmap
OffsetWindowOrgEx
CreateCompatibleDC

msimg32

AlphaBlend
TransparentBlt
GradientFill

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

shell32

SHGetFileInfoW
SHAppBarMessage
SHBrowseForFolderW
SHGetPathFromIDListW
DragFinish
DragQueryFileW
ShellExecuteW

comctl32

InitCommonControlsEx
ImageList_GetIconSize
_TrackMouseEvent

shlwapi

PathStripToRootW
PathIsUNCW
PathFindFileNameW
PathFindExtensionW
PathRemoveFileSpecW

oledlg

OleUIBusyW

ole32

ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CLSIDFromProgID
CLSIDFromString
CreateStreamOnHGlobal
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleLockRunning
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
OleGetClipboard
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
CoRegisterMessageFilter
CoRevokeClassObject
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleRun
CoInitialize
CoCreateInstance
CoTaskMemFree
CoUninitialize
CoInitializeSecurity
CoInitializeEx
IsAccelerator

oleaut32

VariantClear
SysAllocString
SysFreeString
VariantInit
VariantCopy
VariantChangeType
SysAllocStringLen
SysStringLen
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
VarDateFromStr
OleCreateFontIndirect
GetErrorInfo

gdiplus

GdipCloneImage
GdipDrawImageI
GdipFree
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdiplusStartup
GdiplusShutdown
GdipGetImageGraphicsContext

ws2_32

WSAEventSelect
bind
WSACreateEvent
WSACloseEvent
inet_ntoa
WSAWaitForMultipleEvents
closesocket
ntohs
recvfrom
select
sendto
inet_addr
htons
WSAEnumNetworkEvents
WSAStartup
WSACleanup
setsockopt
socket

wininet

HttpOpenRequestW
InternetConnectW
HttpSendRequestW
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetOpenW
InternetGetLastResponseInfoW
InternetCloseHandle
HttpQueryInfoW
HttpAddRequestHeadersW
InternetQueryDataAvailable

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 355KB - Virtual size: 354KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 169KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cead4abb26962109b1ea4df4dc5e46d9

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

iphlpapi

setupapi

uxtheme

psapi

rasapi32

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

ws2_32

wininet

imm32

winmm

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 355KB - Virtual size: 354KB

.data Size: 28KB - Virtual size: 77KB

.rsrc Size: 137KB - Virtual size: 137KB

.reloc Size: 169KB - Virtual size: 168KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 355KB - Virtual size: 354KB

.data
Size: 28KB - Virtual size: 77KB

.rsrc
Size: 137KB - Virtual size: 137KB

.reloc
Size: 169KB - Virtual size: 168KB