cecb13c5dbf4984a64812e6f8cba4660cbdfbf1a072a3cd36aa86c64f047ba12

Sharing

Copy URL Twitter E-mail

General

Target

cecb13c5dbf4984a64812e6f8cba4660cbdfbf1a072a3cd36aa86c64f047ba12
Size

2.5MB
MD5

ea31dbf140e1f7f2702dee180c73c0cf
SHA1

6dcf746042ab232cfe72fa27532bfe078f8c27bb
SHA256

cecb13c5dbf4984a64812e6f8cba4660cbdfbf1a072a3cd36aa86c64f047ba12
SHA512

9d0c84035d18b648b0525b9ff67029acd0155f10353095e53117321566c5b6e099ee6197cba1ff44385db0ed736d6be218295453980cf7bcb819e351f74900b0
SSDEEP

24576:McX/4AA1kspGtr6H0GzBxJYNLWTwUh48HjR5SF4HRFN:rQAAIKFBxKNL4h4KjTSF4HB

Score

N/A

Malware Config

Signatures

Files

cecb13c5dbf4984a64812e6f8cba4660cbdfbf1a072a3cd36aa86c64f047ba12
.exe windows x86

0404005811fd20ecbbfcb75e6d152617

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

setsockopt
WSAGetLastError
inet_addr
htonl
ntohl
htons
inet_ntoa
WSASocketA
sendto
recvfrom
closesocket
WSACleanup
WSAStartup
gethostbyname
gethostbyaddr

netapi32

Netbios

kernel32

GetSystemTime
GetStartupInfoA
GetCommandLineA
SetStdHandle
GetFileType
GetACP
HeapReAlloc
HeapSize
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
FatalAppExitA
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetStringTypeA
GetStringTypeW
GetDriveTypeA
SetConsoleCtrlHandler
IsBadReadPtr
IsBadCodePtr
IsValidLocale
GetTimeZoneInformation
EnumSystemLocalesA
GetUserDefaultLCID
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetLocaleInfoW
GetProfileStringA
GetModuleFileNameA
GetLocaleInfoA
GetVersionExA
GetVersion
lstrlenA
lstrlenW
GetCPInfo
LockResource
LoadResource
FindResourceA
lstrcmpiA
FreeLibrary
LoadLibraryA
GetWindowsDirectoryA
WinExec
lstrcatA
DeleteCriticalSection
RaiseException
RtlUnwind
CopyFileA
GlobalSize
SetErrorMode
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetOEMCP
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
SizeofResource
LocalAlloc
GlobalFlags
GetCurrentThread
GetCurrentDirectoryA
FileTimeToLocalFileTime
FileTimeToSystemTime
SetFileAttributesA
CreateFileA
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileTime
GetFileSize
GetFileAttributesA
SuspendThread
SetThreadPriority
ResumeThread
lstrcpynA
WritePrivateProfileStringA
EnterCriticalSection
LeaveCriticalSection
IsValidCodePage
GetSystemDirectoryA
Sleep
GetLocalTime
GetVolumeInformationA
CloseHandle
GetPrivateProfileIntA
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GlobalGetAtomNameA
GetModuleHandleA
GlobalLock
GlobalUnlock
GetTempPathA
WriteFile
WaitForMultipleObjects
ReadFile
CreateProcessA
TerminateThread
TerminateProcess
GetExitCodeProcess
CreatePipe
DuplicateHandle
SetEvent
CreateEventA
ResetEvent
WaitForSingleObject
InitializeCriticalSection
GetProcAddress
GetExitCodeThread
ExitThread
GetCurrentProcessId
GetProcessHeap
HeapAlloc
GetTickCount
ReleaseMutex
HeapFree
ExitProcess
GlobalFree
GlobalAlloc
FindFirstFileA
GetPrivateProfileStringA
FindNextFileA
FindClose
lstrcmpA
ExpandEnvironmentStringsA
CreateThread
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetCurrentThreadId
SetLastError
MulDiv
GetLastError
FormatMessageA
LocalFree
GetCurrentProcess
lstrcpyA
GetUserDefaultLangID
GetSystemDefaultLangID
OpenMutexA
CreateMutexA

user32

ShowOwnedPopups
SetWindowContextHelpId
MapDialogRect
LoadAcceleratorsA
BringWindowToTop
DefFrameProcA
TranslateMDISysAccel
TranslateAcceleratorA
DefMDIChildProcA
SetMenu
ReuseDDElParam
UnpackDDElParam
GetDialogBaseUnits
LockWindowUpdate
CharUpperA
WaitMessage
GetWindowThreadProcessId
CharNextA
CopyAcceleratorTableA
GetNextDlgGroupItem
UnregisterClassA
RegisterClipboardFormatA
PostThreadMessageA
MoveWindow
SetWindowTextA
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
GetFocus
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
WinHelpA
RegisterClassA
TrackPopupMenu
SetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
GetClassLongA
GetMessageTime
GetLastActivePopup
GetForegroundWindow
GetWindow
SetWindowPos
GetWindowPlacement
EndDialog
CreateDialogIndirectParamA
IsWindowEnabled
ExitWindowsEx
SetActiveWindow
EnumChildWindows
GetMessageA
LoadMenuA
SetMenuDefaultItem
LoadStringA
DestroyWindow
CreateWindowExA
RegisterClassExA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
OemToCharA
RegisterWindowMessageA
wsprintfA
DestroyMenu
GetClassNameA
SetPropA
GetDCEx
CallWindowProcA
GetPropA
RemovePropA
UnhookWindowsHookEx
SetWindowsHookExA
GetWindowDC
IntersectRect
IsRectEmpty
DrawMenuBar
GetMessagePos
GetMenu
WindowFromDC
IsWindowVisible
SetParent
DrawIcon
GetSystemMenu
LoadIconA
FindWindowA
IsIconic
ShowWindow
SetForegroundWindow
UpdateWindow
GetDlgItem
GetCapture
GetClipCursor
ClipCursor
ScreenToClient
InvertRect
SetRectEmpty
SetWindowRgn
GetClassInfoA
DefWindowProcA
PostQuitMessage
MessageBoxA
LoadCursorA
CopyIcon
IsWindow
SetWindowLongA
ReleaseCapture
RedrawWindow
SetCapture
MessageBeep
GetCursorPos
KillTimer
PtInRect
SetTimer
LoadImageA
GetIconInfo
CreateIconIndirect
DrawStateA
GetClientRect
FrameRect
InflateRect
OffsetRect
DrawFocusRect
GetWindowRect
PostMessageA
ClientToScreen
WindowFromPoint
GetActiveWindow
InvalidateRect
TranslateMessage
ValidateRect
CharToOemA
wvsprintfA
EndPaint
BeginPaint
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
SetCursor
GetNextDlgTabItem
IsMenu
GetWindowLongA
DestroyCursor
GetSubMenu
GrayStringA
TabbedTextOutA
DeleteMenu
RemoveMenu
LoadBitmapA
GetSysColorBrush
GetMenuStringA
CreateMenu
CreatePopupMenu
GetMenuItemID
GetMenuState
ModifyMenuA
GetMenuItemCount
InsertMenuA
AppendMenuA
GetSystemMetrics
GetDesktopWindow
GetDC
DrawTextA
ReleaseDC
DrawIconEx
DestroyIcon
SystemParametersInfoA
GetSysColor
CopyRect
FillRect
DrawEdge
SetRect
GetMenuItemInfoA
EnableWindow
GetParent
SendMessageA
IsWindowUnicode
DefDlgProcA
ExcludeUpdateRgn
ShowCaret
HideCaret
CallNextHookEx

gdi32

SelectPalette
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
MoveToEx
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetCurrentPositionEx
ArcTo
SetArcDirection
PolyDraw
RestoreDC
SetColorAdjustment
PolyBezierTo
GetClipRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
GetViewportExtEx
GetWindowExtEx
ExtCreatePen
CreatePatternBrush
CreateDIBPatternBrushPt
CreateRectRgnIndirect
GetMapMode
SetRectRgn
DPtoLP
StretchDIBits
GetCharWidthA
GetTextMetricsA
CopyMetaFileA
CreateDCA
GetTextColor
GetBkColor
LPtoDP
SaveDC
StartDocA
GetClipBox
GetDCOrgEx
StretchBlt
CreateFontA
RoundRect
GetViewportOrgEx
SetViewportOrgEx
CreatePolygonRgn
CreateRectRgn
CombineRgn
GetCurrentObject
CreateBitmap
SetBkColor
SetTextColor
GetStockObject
CreateHatchBrush
Rectangle
Escape
ExtTextOutA
TextOutA
RectVisible
PatBlt
PtVisible
GetObjectA
GetPixel
SetPixel
CreateDIBSection
SelectObject
DeleteObject
DeleteDC
Ellipse
GetTextExtentPoint32A
GetTextExtentPoint32W
CreateCompatibleBitmap
BitBlt
CreateCompatibleDC
CreateFontIndirectA
CreatePen
GetBkMode
GetDeviceCaps
GetTextExtentPointA
PolylineTo
CreateDIBitmap
CreateSolidBrush

comdlg32

GetSaveFileNameA
GetOpenFileNameA
GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

AdjustTokenPrivileges
RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegSetValueExA
RegCreateKeyExA
RegEnumKeyA
RegDeleteValueA
RegEnumValueA
RegDeleteKeyA
RegCreateKeyA
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
RegOpenKeyA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegSetValueA
LookupPrivilegeValueA
RegCloseKey
RegQueryInfoKeyA
RegEnumKeyExA

shell32

SHGetFileInfoA
DragQueryFileA
DragFinish
DragAcceptFiles
SHAppBarMessage
Shell_NotifyIconA
ShellExecuteExA
ShellExecuteA
ExtractIconA

comctl32

ImageList_Draw
ImageList_GetImageCount
ImageList_GetIcon
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_GetIconSize
_TrackMouseEvent
ImageList_GetImageInfo
ord17
ord13
ord14
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA
ImageList_Merge
ImageList_Read
ImageList_Write
ImageList_DrawIndirect
ImageList_Duplicate

oledlg

ord8

ole32

CreateILockBytesOnHGlobal
CoDisconnectObject
CoUninitialize
CoCreateInstance
CoInitialize
StringFromGUID2
CoCreateGuid
CLSIDFromProgID
CLSIDFromString
OleDuplicateData
CoTaskMemAlloc
CreateBindCtx
CoTaskMemFree
SetConvertStg
WriteFmtUserTypeStg
WriteClassStg
OleRegGetUserType
ReadFmtUserTypeStg
ReadClassStg
StringFromCLSID
CoTreatAsClass
ReleaseStgMedium
CoGetClassObject
StgOpenStorageOnILockBytes
CreateStreamOnHGlobal
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
CoRevokeClassObject
CoRegisterClassObject
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
OleRun
StgCreateDocfileOnILockBytes

olepro32

ord253

oleaut32

SafeArrayDestroy
SafeArrayUnlock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCopy
VarBstrFromDate
VarDateFromStr
SafeArrayDestroyData
VarCyFromStr
SysStringByteLen
SysFreeString
SysAllocStringByteLen
SysAllocString
VariantCopy
SafeArrayLock
VariantClear
SafeArrayCreate
SafeArrayGetDim
VarBstrFromCy
SafeArrayDestroyDescriptor
SysAllocStringLen
VariantTimeToSystemTime
SysStringLen
SysReAllocStringLen
LoadTypeLi
VariantChangeType
SafeArrayRedim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData

wininet

InternetQueryDataAvailable
HttpQueryInfoA
InternetCloseHandle
InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetGetConnectedState
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetGetLastResponseInfoA
GopherFindFirstFileA
InternetFindNextFileA
FtpFindFirstFileA
HttpSendRequestExA
HttpEndRequestA
HttpAddRequestHeadersA
GopherOpenFileA
GopherGetAttributeA
GopherCreateLocatorA
FtpGetFileA
FtpPutFileA
FtpOpenFileA
FtpGetCurrentDirectoryA
FtpSetCurrentDirectoryA
FtpRemoveDirectoryA
FtpCreateDirectoryA
FtpRenameFileA
FtpDeleteFileA
InternetErrorDlg
InternetWriteFile
InternetSetFilePointer
InternetGetCookieA
InternetSetCookieA
InternetSetStatusCallback
InternetSetOptionExA
InternetQueryOptionA
InternetCanonicalizeUrlA
InternetCrackUrlA

msimg32

GradientFill

Sections

.text
Size: 920KB - Virtual size: 919KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 152KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0404005811fd20ecbbfcb75e6d152617

Headers

File Characteristics

Imports

ws2_32

netapi32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wininet

msimg32

Sections

.text Size: 920KB - Virtual size: 919KB

.rdata Size: 152KB - Virtual size: 150KB

.data Size: 48KB - Virtual size: 65KB

.idata Size: 20KB - Virtual size: 19KB

.rsrc Size: 1.3MB - Virtual size: 1.3MB

.reloc Size: 68KB - Virtual size: 66KB

.text
Size: 920KB - Virtual size: 919KB

.rdata
Size: 152KB - Virtual size: 150KB

.data
Size: 48KB - Virtual size: 65KB

.idata
Size: 20KB - Virtual size: 19KB

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

.reloc
Size: 68KB - Virtual size: 66KB