33821d8f6a7861a2e17c760b47203754532021f3d1a68b91f56dd06777ea0643

Sharing

Copy URL Twitter E-mail

General

Target

33821d8f6a7861a2e17c760b47203754532021f3d1a68b91f56dd06777ea0643
Size

3.3MB
MD5

e0c3fd4897764501c652f64474730657
SHA1

b7f8638b2967bbc4285bdd9932b51c8dfd478910
SHA256

33821d8f6a7861a2e17c760b47203754532021f3d1a68b91f56dd06777ea0643
SHA512

1f7a184fe68bada4faacd8b1bd50a6469639a962b158375388f50166ecb01a65f07c32f996929e6c7a36d131687507185a0233025b5f3e31ccbbd648df0168ef
SSDEEP

49152:heKIEQ2rcAFUTxfmTUwdrY01YrKNyv04Ylw4xwgFHyA9BNSopWAWqXxTYU:ExEQ2ofcdrZBNIX4OKjBNVpNtYU

Score

N/A

Malware Config

Signatures

Files

33821d8f6a7861a2e17c760b47203754532021f3d1a68b91f56dd06777ea0643
.exe windows x86

60f41d1d2ebf28d9d06c01f2d535618f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SearchPathA
SizeofResource
LockResource
LoadResource
FindResourceA
GlobalFree
lstrlenA
MultiByteToWideChar
GlobalAlloc
GlobalLock
GlobalUnlock
GetLocalTime
GetUserDefaultLCID
EnumDateFormatsA
EnumTimeFormatsA
GetDateFormatA
GetTimeFormatA
lstrcmpiA
OpenFile
DeleteFileA
CreateFileA
GetLastError
CreateFileMappingA
CloseHandle
MapViewOfFile
UnmapViewOfFile
GetSystemInfo
FindFirstFileA
FindClose
FlushViewOfFile
lstrcmpA
MulDiv
GlobalGetAtomNameA
lstrcpyA
LoadLibraryA
ResetEvent
SetEnvironmentVariableA
GetProcessHeap
WriteConsoleW
GetConsoleOutputCP
SetLastError
FormatMessageA
lstrlenW
GetShortPathNameA
GetModuleFileNameA
GetModuleHandleA
GetLocaleInfoA
DeleteAtom
GlobalAddAtomA
GetVersion
SetFileTime
WriteFile
CreateDirectoryA
GetFileAttributesA
LocalFileTimeToFileTime
lstrcatA
GetCurrentDirectoryA
SystemTimeToFileTime
ReadFile
SetFilePointer
GlobalSize
CreateEventA
GetProcAddress
FreeLibrary
SetEvent
WriteConsoleA
SetStdHandle
GetLocaleInfoW
GetTimeZoneInformation
LocalFree
CopyFileA
GetCurrentProcessId
GetVersionExA
lstrcmpW
CompareStringA
GlobalDeleteAtom
GlobalFindAtomA
GetCurrentThreadId
FreeResource
GetModuleFileNameW
InterlockedDecrement
VirtualProtect
InterlockedIncrement
MoveFileA
GetStringTypeExA
GetThreadLocale
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
GetVolumeInformationA
GetFullPathNameA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileSizeEx
GetFileTime
GetTickCount
GetProfileIntA
SetThreadPriority
ResumeThread
WaitForSingleObject
SuspendThread
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
InterlockedExchange
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThread
WideCharToMultiByte
GetTempFileNameA
GetTempPathA
GetDiskFreeSpaceA
GetModuleHandleW
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GlobalFlags
GetCPInfo
GetOEMCP
FindResourceExA
SetErrorMode
HeapFree
HeapAlloc
Sleep
ExitProcess
GetCommandLineA
GetStartupInfoA
RtlUnwind
HeapReAlloc
RaiseException
VirtualAlloc
VirtualQuery
ExitThread
CreateThread
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStdHandle
GetACP
IsValidCodePage
CompareStringW
LCMapStringA
LCMapStringW
HeapCreate
VirtualFree
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetSystemTimeAsFileTime

user32

IsWindow
RemovePropA
GetPropA
SetPropA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
SendDlgItemMessageA
SetDlgItemTextA
IsDialogMessageA
MoveWindow
ShowWindow
CheckMenuItem
EnableMenuItem
ModifyMenuA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EndDialog
CreateDialogIndirectParamA
GetActiveWindow
GetDesktopWindow
GetAsyncKeyState
MapDialogRect
IsClipboardFormatAvailable
CountClipboardFormats
InSendMessage
IsRectEmpty
SendNotifyMessageA
CopyAcceleratorTableA
InflateRect
GetMenuItemInfoA
DestroyMenu
CharUpperA
WindowFromPoint
GetCursorPos
TranslateAcceleratorA
InsertMenuItemA
LoadAcceleratorsA
SetCursor
ReuseDDElParam
UnpackDDElParam
CreateMenu
PostThreadMessageA
ClipCursor
GetSystemMenu
SetParent
IsZoomed
ShowOwnedPopups
ValidateRect
TranslateMessage
GetMessageA
SetFocus
PostQuitMessage
DestroyCursor
GetSysColorBrush
UnregisterClassA
GetTabbedTextExtentA
GetDCEx
LockWindowUpdate
DestroyIcon
DrawIcon
SetWindowRgn
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
IsWindowVisible
PostMessageA
GetTopWindow
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
MessageBoxA
EndPaint
BeginPaint
GetWindowDC
GetMenuState
GetMenuStringA
GetMenuItemID
InsertMenuA
EnableWindow
SendMessageA
LoadIconA
GetDlgItem
GetSystemMetrics
SetRect
DrawTextA
GrayStringA
DrawTextExA
TabbedTextOutA
WinHelpA
GetWindowTextLengthA
GetForegroundWindow
SetActiveWindow
DispatchMessageA
BeginDeferWindowPos
WindowFromDC
EndDeferWindowPos
CreatePopupMenu
AppendMenuA
GetSysColor
CopyRect
DrawFocusRect
FillRect
GetWindowTextA
SetWindowTextA
IsWindowEnabled
GetFocus
IsChild
GetParent
GetWindowRect
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
RedrawWindow
LoadImageA
GetWindow
MessageBeep
SetTimer
KillTimer
GetMenuItemCount
DeleteMenu
RemoveMenu
GetSubMenu
LoadMenuA
IntersectRect
RegisterClipboardFormatA
SetForegroundWindow
SendMessageTimeoutA
GetClassNameA
EnumWindows
FindWindowA
LoadBitmapA
wsprintfA
GetNextDlgTabItem
GetKeyState
BringWindowToTop
ReleaseDC
GetDC
RegisterWindowMessageA
ReleaseCapture
GetCapture
SetCapture
EqualRect
LoadCursorA
SetRectEmpty
ScreenToClient
CreateWindowExA
InvalidateRect
PtInRect
GetClassInfoA
UpdateWindow
OemToCharBuffA
CharToOemBuffA
MsgWaitForMultipleObjects
PeekMessageA
CharToOemA
OemToCharA
OffsetRect
GetClientRect
ClientToScreen

gdi32

LineTo
MoveToEx
SetTextAlign
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
StartDocA
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
DeleteDC
CreatePatternBrush
CreateBitmap
DPtoLP
GetWindowOrgEx
GetCharWidthA
CreateFontA
StretchDIBits
CreateCompatibleBitmap
CreateRectRgnIndirect
PatBlt
SetBrushOrgEx
CreateMetaFileA
CloseMetaFile
DeleteMetaFile
GetViewportOrgEx
StartPage
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
CreatePen
SelectObject
DeleteObject
GetObjectA
BitBlt
CreateCompatibleDC
CreateSolidBrush
EnumFontFamiliesA
EnumFontFamiliesExA
Rectangle
GetTextColor
GetBkColor
GetPaletteEntries
GetStockObject
GetTextMetricsA
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateICA
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateDCA
CopyMetaFileA
GetTextExtentPointA
GetTextFaceA
GetStretchBltMode
GetROP2
GetPolyFillMode
GetBkMode
GetNearestColor
Ellipse
LPtoDP
CreateEllipticRgn
GetTextAlign
UnrealizeObject
GetMapMode
CombineRgn
SetRectRgn
EndDoc
AbortDoc
SetAbortProc
EndPage
CreateFontIndirectA
GetTextExtentPoint32A
GetDeviceCaps

comdlg32

CommDlgExtendedError
GetFileTitleA

advapi32

RegSetValueA
RegOpenKeyExA
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
SetFileSecurityA
GetFileSecurityA
RegQueryValueExA
RegSetValueExA
RegCloseKey
RegCreateKeyA
RegOpenKeyA

shell32

SHGetFileInfoA
DragQueryFileA
DragFinish
ShellExecuteA
DragAcceptFiles
ShellAboutA
ExtractIconA

ole32

OleLoad
StgOpenStorageOnILockBytes
GetHGlobalFromILockBytes
OleSetContainedObject
OleCreateFromFile
OleCreateLinkToFile
OleGetIconOfClass
CreateItemMoniker
CreateGenericComposite
StgCreateDocfile
CreateFileMoniker
StgIsStorageFile
OleRun
OleIsRunning
OleSetMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleRegEnumVerbs
CreateOleAdviseHolder
OleRegGetMiscStatus
CreateDataAdviseHolder
CoDisconnectObject
OleCreate
CoRevokeClassObject
CoInitializeEx
GetRunningObjectTable
OleGetClipboard
CreateStreamOnHGlobal
OleSaveToStream
WriteClassStm
OleSave
OleDuplicateData
CoTaskMemAlloc
CreateBindCtx
CoTreatAsClass
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
CoRegisterClassObject
OleLockRunning
StgOpenStorage
CoCreateInstance
CoUninitialize
OleUninitialize
ReleaseStgMedium
StringFromCLSID
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
ReadClassStg
OleInitialize

shlwapi

PathStripToRootA
PathFindExtensionA
PathFindFileNameA
PathRemoveFileSpecW
PathIsUNCA

oledlg

ord11
ord3
ord5
ord4
ord1

oleacc

LresultFromObject
CreateStdAccessibleObject

winspool.drv

ClosePrinter
OpenPrinterA
GetJobA
DocumentPropertiesA

oleaut32

SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
SysStringByteLen
SysFreeString
SysStringLen

Sections

.text
Size: 486KB - Virtual size: 486KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

60f41d1d2ebf28d9d06c01f2d535618f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

shlwapi

oledlg

oleacc

winspool.drv

oleaut32

Sections

.text Size: 486KB - Virtual size: 486KB

.rdata Size: 135KB - Virtual size: 135KB

.data Size: 2.6MB - Virtual size: 2.6MB

.rsrc Size: 91KB - Virtual size: 90KB

.text
Size: 486KB - Virtual size: 486KB

.rdata
Size: 135KB - Virtual size: 135KB

.data
Size: 2.6MB - Virtual size: 2.6MB

.rsrc
Size: 91KB - Virtual size: 90KB