687656ceb1c01c4663edeb80fe64cfb3d01b1fa4a284deb98aa356348b9926a4

Sharing

Copy URL Twitter E-mail

General

Target

687656ceb1c01c4663edeb80fe64cfb3d01b1fa4a284deb98aa356348b9926a4
Size

424KB
MD5

6e801d30846a848318ac40da76ec016d
SHA1

78e0929d5266e5d403060f99c5ff52cf8270ee25
SHA256

687656ceb1c01c4663edeb80fe64cfb3d01b1fa4a284deb98aa356348b9926a4
SHA512

beda911bef4ac11c20bd9ba4c968a1923afdd5a0cefbd78900a79d253ebb570fa40f666eb10f6de6b41f68d4e2e95628dbb8b20797b06f80f7dcee60f8aa042e
SSDEEP

12288:Kp6p33YbdiQjqsNekIAxbDQLxDqXcTTyb1AO1URz2O2dJFl0/mR1HSO8TiAz:Kp6p39Qj9JxoLx+XcTObaPRzNgL1HSOa

Score

N/A

Malware Config

Signatures

Files

687656ceb1c01c4663edeb80fe64cfb3d01b1fa4a284deb98aa356348b9926a4
.exe windows x86

4bc89a03347281cadfa011ced333058d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathIsURLA

wininet

InternetQueryOptionA
InternetGetLastResponseInfoA
HttpQueryInfoA
InternetOpenUrlA
DeleteUrlCacheEntry
InternetReadFile
InternetCloseHandle
InternetOpenA

winmm

timeGetTime

kernel32

DuplicateHandle
GetCurrentProcess
GetVolumeInformationA
GetFullPathNameA
WritePrivateProfileStringA
InterlockedIncrement
GlobalFlags
RaiseException
LocalAlloc
GlobalReAlloc
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetOEMCP
SetErrorMode
HeapAlloc
HeapFree
VirtualProtect
UnlockFile
VirtualQuery
RtlUnwind
ExitProcess
TerminateProcess
GetSystemTimeAsFileTime
CreateDirectoryA
ExitThread
GetStartupInfoA
IsBadReadPtr
HeapReAlloc
SetHandleCount
GetStdHandle
SetStdHandle
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetTimeZoneInformation
IsBadCodePtr
GetExitCodeProcess
CreateProcessA
SetEnvironmentVariableA
LockFile
FlushFileBuffers
InterlockedDecrement
GetFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalGetAtomNameA
GlobalFindAtomA
lstrcatA
lstrcmpW
FreeResource
SetLastError
GlobalFree
MulDiv
GlobalUnlock
FormatMessageA
lstrcpynA
LocalFree
GlobalAddAtomA
GetCurrentThread
GetCurrentThreadId
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
GetStringTypeA
LCMapStringA
GetCPInfo
LCMapStringW
GetStringTypeW
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
ReadFile
SetEndOfFile
SetFilePointer
GetFileSize
GetFileType
Sleep
GetTickCount
GetModuleHandleA
CreateFileA
WriteFile
GetSystemInfo
GetExitCodeThread
GetCommandLineA
CopyFileA
GetDiskFreeSpaceA
FindFirstFileA
FindNextFileA
FindClose
GetCurrentDirectoryA
RemoveDirectoryA
GetFileAttributesA
LoadLibraryA
DeleteFileA
FindResourceA
LoadResource
LockResource
SizeofResource
GetProcAddress
FreeLibrary
CreateThread
SetThreadPriority
InitializeCriticalSection
CloseHandle
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
WaitForSingleObject
CreateMutexA
ReleaseMutex
GetModuleFileNameA
SetCurrentDirectoryA
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetDriveTypeA
GetFileInformationByHandle
VirtualAlloc
PeekNamedPipe
VirtualProtect
GetModuleFileNameA
ExitProcess

user32

RegisterClipboardFormatA
PostThreadMessageA
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
IsRectEmpty
CharNextA
GetSysColorBrush
LoadCursorA
DestroyMenu
GetWindowDC
ReleaseDC
GetDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
SetFocus
IsChild
GetWindowTextA
GetForegroundWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
UpdateWindow
GetMenu
GetSysColor
AdjustWindowRectEx
EqualRect
GetClassInfoA
RegisterClassA
UnregisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
CopyRect
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
GetDesktopWindow
CharUpperA
wsprintfA
EnableWindow
GetClientRect
BeginPaint
EndPaint
GetTopWindow
SendMessageA
LoadImageA
MessageBoxA
InvalidateRect
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetMenuItemID
GetMenuItemCount
GetSubMenu
SetMenuItemBitmaps
GetFocus
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
GetParent
PostQuitMessage
PtInRect
SetRectEmpty
UnionRect
DrawIcon
AppendMenuA
GetSystemMenu
IsIconic
SetTimer
KillTimer
SetCapture
LoadIconA
GetSystemMetrics
ReleaseCapture
SetRect
PostMessageA
ClientToScreen
GetWindowRect
SetCursor
IsWindowEnabled
GetLastActivePopup
GetWindowLongA
MessageBoxA

gdi32

CreateSolidBrush
CreateRectRgnIndirect
GetBkColor
GetTextColor
GetRgnBox
GetMapMode
GetStockObject
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetViewportOrgEx
SelectObject
GetDIBColorTable
BitBlt
SetViewportOrgEx
Escape
ExtTextOutA
RectVisible
PtVisible
Rectangle
CreateCompatibleDC
CreateRectRgn
CreateHalftonePalette
CreatePalette
CreateCompatibleBitmap
CreateFontIndirectA
ScaleViewportExtEx
CreatePen
GetObjectA
GetWindowExtEx
GetViewportExtEx
SelectClipRgn
SetMapMode
RestoreDC
SaveDC
GetClipBox
GetDeviceCaps
CreateBitmap
DeleteObject
SetTextColor
SetBkMode
SetBkColor
TextOutA
DeleteDC
SetViewportExtEx

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegOpenKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

shell32

ShellExecuteA

comctl32

ord17

oledlg

ord8

ole32

StgOpenStorageOnILockBytes
CoTaskMemFree
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoRegisterMessageFilter
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize

oleaut32

SysAllocStringLen
SysFreeString
VariantClear
VariantChangeType
VariantInit
SysStringLen
SysAllocStringByteLen
OleCreateFontIndirect
SystemTimeToVariantTime
SafeArrayDestroy
SysAllocString
VariantCopy

Sections

.text
Size: - Virtual size: 546KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

STLPORT_
Size: - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 931KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp1
Size: 396KB - Virtual size: 394KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4bc89a03347281cadfa011ced333058d

Headers

File Characteristics

Imports

shlwapi

wininet

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

oleaut32

Sections

.text Size: - Virtual size: 546KB

.rdata Size: - Virtual size: 117KB

.data Size: - Virtual size: 78KB

STLPORT_ Size: - Virtual size: 32B

.rsrc Size: 20KB - Virtual size: 931KB

.vmp0 Size: - Virtual size: 16KB

.vmp1 Size: 396KB - Virtual size: 394KB

.reloc Size: 4KB - Virtual size: 80B

.text
Size: - Virtual size: 546KB

.rdata
Size: - Virtual size: 117KB

.data
Size: - Virtual size: 78KB

STLPORT_
Size: - Virtual size: 32B

.rsrc
Size: 20KB - Virtual size: 931KB

.vmp0
Size: - Virtual size: 16KB

.vmp1
Size: 396KB - Virtual size: 394KB

.reloc
Size: 4KB - Virtual size: 80B