f821983fa5c200323e7565477bb2587f113ef709df764be10d81c7c45b380f49

Sharing

Copy URL Twitter E-mail

General

Target

f821983fa5c200323e7565477bb2587f113ef709df764be10d81c7c45b380f49
Size

2.7MB
MD5

26d1be426d0de1ed02eaa94ca7dfaa63
SHA1

383b0ee96e82a6aae23887cdcccb7c69aeaeafa1
SHA256

f821983fa5c200323e7565477bb2587f113ef709df764be10d81c7c45b380f49
SHA512

7daa70e63896f2c54c78f6499f487cb059890d64bccc16f21e2697064e5236b0501a183323b559647196bfd7640d99fc2d9e5081d7d516299730cd7d107f6b0e
SSDEEP

49152:NeeUGtJcbQf0CnT2LZosEZ70WXNDj6+6TyvhwxqZcFq1CIkTa2TBqy:8eUGtObQf0DEZ71lxcw1CIV2T4

Score

N/A

Malware Config

Signatures

Files

f821983fa5c200323e7565477bb2587f113ef709df764be10d81c7c45b380f49
.exe windows x86

5abc972dec0d06d029003803a32a8126

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RemoveDirectoryW
GetPrivateProfileStringW
CreateDirectoryW
SetLastError
GlobalAlloc
GlobalFree
FindFirstFileW
GetFullPathNameW
FindNextFileW
FindClose
QueryPerformanceCounter
QueryPerformanceFrequency
GetVersionExW
GetCurrentDirectoryW
GetFullPathNameA
FindFirstFileExA
GetDriveTypeA
GetFileInformationByHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateThread
ExitThread
GetModuleFileNameW
GetTempFileNameW
GetTickCount
SetFilePointer
CopyFileW
GetTempPathW
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
WideCharToMultiByte
RaiseException
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
ReadFile
CreateFileW
lstrlenW
WaitForSingleObject
CreateProcessW
FreeLibrary
LoadLibraryW
WriteFile
DeleteFileW
CloseHandle
MultiByteToWideChar
ExpandEnvironmentStringsA
WaitForMultipleObjects
PeekNamedPipe
FormatMessageA
SleepEx
GetVersionExA
LoadLibraryA
LoadLibraryExW
MoveFileW
FreeResource
InterlockedPopEntrySList
VirtualAlloc
VirtualFree
InterlockedPushEntrySList
InterlockedCompareExchange
InitializeCriticalSection
SetEnvironmentVariableA
CompareStringW
FlushFileBuffers
WriteConsoleW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
RtlUnwind
GetStringTypeW
Sleep
DeleteCriticalSection
SetHandleCount
SetEndOfFile
GetConsoleMode
GetConsoleCP
InitializeCriticalSectionAndSpinCount
SetStdHandle
HeapSize
LCMapStringW
GetLocaleInfoW
IsProcessorFeaturePresent
HeapDestroy
HeapCreate
GetStdHandle
ExitProcess
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetTimeZoneInformation
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
HeapSetInformation
GetCommandLineW
CreateFileA
GetFileType
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
HeapReAlloc
GetProcAddress
GetLastError
GetProcessHeap
GetModuleHandleW
HeapFree
HeapAlloc
GetDriveTypeW

user32

TranslateMessage
SetForegroundWindow
GetParent
HideCaret
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
MessageBoxW
LoadIconW
SendMessageTimeoutW
DestroyCursor
MoveWindow
SetScrollRange
GetSystemMetrics
AdjustWindowRectEx
GetClassLongW
SetClassLongW
GetDesktopWindow
BeginDeferWindowPos
EndDeferWindowPos
DeferWindowPos
GetMessageExtraInfo
SetMessageExtraInfo
TrackMouseEvent
SetLayeredWindowAttributes
UpdateLayeredWindow
ReleaseDC
GetDC
EndPaint
BeginPaint
GetCursorPos
ReleaseCapture
SetRect
IsRectEmpty
CopyRect
SetWindowRgn
ScrollWindow
SetFocus
SetCapture
IsWindowVisible
ShowWindow
ValidateRect
InvalidateRect
GetUpdateRect
ScreenToClient
ClientToScreen
GetClientRect
GetWindowRect
DispatchMessageW
GetScrollInfo
SetScrollPos
GetScrollPos
DestroyIcon
UnregisterClassA
PostMessageW
SetWindowPos
IsWindow
CallWindowProcW
SendMessageW
KillTimer
SetTimer
DestroyWindow
SetWindowLongW
GetWindowLongW
DefWindowProcW
CreateWindowExW
LoadCursorW
GetClassInfoExW
RegisterClassExW
PostQuitMessage
PeekMessageW
OffsetRect
GetMessageW

gdi32

CreateCompatibleBitmap
DeleteDC
SelectObject
CreateRectRgn
CombineRgn
CreateFontW
CreateCompatibleDC
DeleteObject
CreateSolidBrush
SetBkMode

advapi32

RegOpenKeyExW
CryptDestroyHash
CryptReleaseContext
CryptHashData
CryptAcquireContextA
CryptCreateHash
RegQueryValueExW
RegEnumValueW
RegEnumKeyExW
RegSetValueExW
CryptGetHashParam
RegCloseKey
SetSecurityDescriptorSacl
GetLengthSid
FreeSid
AddAccessAllowedAce
AllocateAndInitializeSid
InitializeAcl
SetSecurityDescriptorDacl
InitializeSecurityDescriptor

shell32

SHCreateShellItem
Shell_NotifyIconW
SHGetSpecialFolderPathW
ShellExecuteW

ole32

CoGetClassObject
OleSetContainedObject
OleCreateStaticFromData
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CoCreateInstance
CoTaskMemFree
CoUninitialize
CreateStreamOnHGlobal
CoInitialize

oleaut32

SysAllocString
SysAllocStringByteLen
SysStringByteLen
VariantClear
SysFreeString

shlwapi

PathIsDirectoryW
PathRemoveFileSpecW
PathRemoveExtensionW
PathFindFileNameW
PathFindExtensionW
PathAppendW
PathFileExistsW
PathIsRootW

ws2_32

send
recv
select
WSAGetLastError
__WSAFDIsSet
WSAIoctl
WSAStartup
WSACleanup
WSAAsyncGetHostByName
setsockopt
getsockname
ntohs
bind
htons
getsockopt
getpeername
closesocket
socket
connect
freeaddrinfo
getaddrinfo
sendto
recvfrom
accept
listen
gethostname
WSASetLastError
ioctlsocket

wldap32

ord46
ord22
ord211
ord143
ord60
ord50
ord26
ord30
ord32
ord35
ord79
ord200
ord33
ord301
ord27
ord41

normaliz

IdnToAscii

gdiplus

GdipCreateTexture2
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipFree
GdipAlloc
GdipCloneImage
GdipGetFontSize
GdipGetFontStyle
GdipGetFamily
GdipAddPathString
GdipSetPenLineJoin
GdipMeasureString
GdipDrawString
GdipDrawLineI
GdipSetInterpolationMode
GdipGetInterpolationMode
GdipFillPath
GdipDrawPath
GdipSetSmoothingMode
GdipGetSmoothingMode
GdipAddPathArcI
GdipAddPathLineI
GdipCreateLineBrushI
GdipDeletePath
GdipCreatePath
GdipSetImageAttributesColorMatrix
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipCreateHBITMAPFromBitmap
GdipSetCompositingMode
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetPenColor
GdipSetPenWidth
GdipLoadImageFromFile
GdipCreateFont
GdipDeleteFontFamily
GdipGetGenericFontFamilySansSerif
GdipCreateFontFamilyFromName
GdipCreateStringFormat
GdipCreatePen1
GdipDrawImageRectRect
GdipDeleteStringFormat
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipGetImagePixelFormat
GdipEndContainer
GdipBeginContainer2
GdipSetClipRect
GdipDrawRectangle
GdipDeleteFont
GdipDeletePen
GdipTranslateTextureTransform
GdipCloneBrush
GdipDrawImageRectRectI
GdipDrawCachedBitmap
GdipFillRectangleI
GdipFillRectangle
GdipTranslateWorldTransform
GdipGetImageGraphicsContext
GdipCreateFromHDC
GdipCreateTexture
GdipCreateSolidFill
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipDisposeImage
GdiplusShutdown
GdiplusStartup
GdipDeleteBrush
GdipDeleteGraphics
GdipGetImageHeight
GdipGetImageWidth
GdipDeleteCachedBitmap
GdipCreateCachedBitmap

comctl32

ImageList_Create
InitCommonControlsEx
ImageList_Add

Sections

.text
Size: 635KB - Virtual size: 635KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 708KB - Virtual size: 707KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5abc972dec0d06d029003803a32a8126

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

ws2_32

wldap32

normaliz

gdiplus

comctl32

Sections

.text Size: 635KB - Virtual size: 635KB

.rdata Size: 126KB - Virtual size: 126KB

.data Size: 14KB - Virtual size: 25KB

.rsrc Size: 708KB - Virtual size: 707KB

.reloc Size: 42KB - Virtual size: 42KB

.text
Size: 635KB - Virtual size: 635KB

.rdata
Size: 126KB - Virtual size: 126KB

.data
Size: 14KB - Virtual size: 25KB

.rsrc
Size: 708KB - Virtual size: 707KB

.reloc
Size: 42KB - Virtual size: 42KB