93013fc3545858deef0a67944e528cbbc1e2dc56ffdbfe24720c3aa0c6158f0d

Sharing

Copy URL

Twitter E-mail

General

Target

93013fc3545858deef0a67944e528cbbc1e2dc56ffdbfe24720c3aa0c6158f0d
Size

627KB
MD5

339a6e2be93482f7f7fb2919e62ec077
SHA1

e5039890110733cac5eee2170ad38e946a07ebfa
SHA256

93013fc3545858deef0a67944e528cbbc1e2dc56ffdbfe24720c3aa0c6158f0d
SHA512

4a2c8f78ad41e8b412b2b5327b24351f1f0d46259f152cfe51d69108b75c54feacace1aa056476f4b64db60be67e41022765ad86a791ae68ab6f86a908ce0b2e
SSDEEP

12288:t6TRd8nXdnbMCAyoA7/ycSgwx/dqrlotL6Gfmf:MQnXdn9+WwxlolCL6Gfmf

Score

N/A

Malware Config

Signatures

Files

93013fc3545858deef0a67944e528cbbc1e2dc56ffdbfe24720c3aa0c6158f0d
.exe windows x64

deef17c3d29586e179b72bfcbd1e063c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
HeapReAlloc
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
lstrlenA
GetModuleFileNameW
MulDiv
GlobalFree
lstrcmpW
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetThreadLocale
lstrcmpA
EnumResourceLanguagesA
ConvertDefaultLocale
FileTimeToSystemTime
GetEnvironmentStrings
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
LockFile
UnlockFile
GetFileSize
DuplicateHandle
GetVolumeInformationA
GetFullPathNameA
SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesA
GetFileSizeEx
GetFileTime
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
GetStringTypeW
FreeEnvironmentStringsA
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
ReadFile
GetFileType
SetHandleCount
LCMapStringW
LCMapStringA
GetConsoleMode
GetConsoleCP
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapSize
FlsAlloc
GetCurrentThread
FlsFree
FlsSetValue
FlsGetValue
TlsAlloc
DecodePointer
EncodePointer
GetStdHandle
HeapCreate
HeapSetInformation
RtlUnwindEx
RtlPcToFileHeader
RaiseException
GetStartupInfoA
GetCommandLineA
GetModuleHandleW
GetSystemTimeAsFileTime
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
ExitThread
CreateToolhelp32Snapshot
Process32Next
FindClose
FindFirstFileA
MultiByteToWideChar
GetProcessHeap
Process32First
HeapFree
HeapAlloc
FreeLibrary
ReleaseMutex
IsWow64Process
OpenMutexA
FormatMessageA
ExitProcess
WritePrivateProfileStringA
LocalFree
GetModuleHandleA
LoadLibraryA
GetProcAddress
SetLastError
CreateDirectoryA
GetSystemDirectoryA
Sleep
CreateThread
GetVersionExA
OutputDebugStringA
CreateMutexA
GetPrivateProfileStringA
FlushFileBuffers
CreateProcessA
WriteFile
GetTickCount
SetFilePointer
GetCurrentProcessId
GetCurrentThreadId
GetModuleFileNameA
GetLocalTime
GetCurrentProcess
SetUnhandledExceptionFilter
CreateFileA
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
FreeResource
ResumeThread
CloseHandle
LockResource
GetLastError
GlobalUnlock
CreateEventA
SizeofResource
WideCharToMultiByte
GlobalAlloc
SetEvent
WaitForSingleObject
GlobalLock
LoadResource
FindResourceA
HeapQueryInformation

user32

RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassLongPtrA
SetPropA
GetPropA
RemovePropA
IsWindow
SetFocus
GetWindowTextA
GetLastActivePopup
DispatchMessageA
GetDlgItem
GetTopWindow
DestroyWindow
GetWindowLongPtrA
SetWindowLongPtrA
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
TrackPopupMenu
SetMenu
IsWindowVisible
UpdateWindow
CreateWindowExA
GetClassInfoExA
RegisterClassA
GetSysColor
AdjustWindowRectEx
EqualRect
CopyRect
PostThreadMessageA
PtInRect
DefWindowProcA
GetMenu
GetWindowLongA
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
GetWindowPlacement
GetWindowRect
GetWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
GetParent
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuState
GetMenuItemID
GetMenuItemCount
UnhookWindowsHookEx
GetKeyState
GetDlgItemTextA
GetClassInfoA
GetActiveWindow
SetDlgItemTextA
ScreenToClient
GetSubMenu
LoadMenuA
GetCursorPos
ReleaseDC
GetDC
DrawTextA
EnableWindow
CreatePopupMenu
GetClassNameA
GetSystemMenu
SetActiveWindow
IsIconic
SetForegroundWindow
wsprintfA
DrawIcon
FindWindowExA
EnumWindows
GetForegroundWindow
MessageBoxA
AppendMenuA
PostMessageA
SystemParametersInfoA
GetSystemMetrics
RegisterClipboardFormatA
MessageBeep
GetNextDlgGroupItem
CharUpperA
GetDlgCtrlID
SendMessageA
GetClientRect
LoadIconA
ReleaseCapture
GetWindowThreadProcessId
SetClipboardViewer
FindWindowA
SetCapture
InvalidateRgn
InvalidateRect
SetRect
IsRectEmpty
CopyAcceleratorTableA
LoadCursorA
GetSysColorBrush
UnregisterClassA
GetMessageA
TranslateMessage
ValidateRect
SetWindowContextHelpId
MapDialogRect
SetCursor
PostQuitMessage
DestroyMenu
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
TabbedTextOutA
GetDesktopWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
CharNextA
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
CallWindowProcA

gdi32

DeleteObject
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ExtSelectClipRgn
DeleteDC
CreateRectRgnIndirect
GetRgnBox
GetMapMode
SetMapMode
RestoreDC
SaveDC
GetTextColor
GetBkColor
GetStockObject
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
ScaleWindowExtEx
GetDeviceCaps

comdlg32

GetFileTitleA
GetOpenFileNameA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
GetUserNameA
RegCreateKeyA
RegCloseKey
RegSetValueExA

shell32

ord165
SHGetSpecialFolderPathA
Shell_NotifyIconA
ShellExecuteA

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameA
PathFindExtensionA
PathStripToRootA
PathIsUNCA
PathFileExistsA

oledlg

ord8

ole32

CoRegisterMessageFilter
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoTaskMemFree
CreateStreamOnHGlobal
OleFlushClipboard
CoRevokeClassObject
OleIsCurrentClipboard

oleaut32

SysAllocString
OleCreateFontIndirect
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
SysAllocStringByteLen
SysFreeString
SysStringLen
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime

gdiplus

GdiplusStartup
GdiplusShutdown
GdipImageGetFrameCount
GdipGetImageWidth
GdipCloneImage
GdipImageGetFrameDimensionsCount
GdipCreateFromHDC
GdipGetPropertyItemSize
GdipDisposeImage
GdipAlloc
GdipLoadImageFromStreamICM
GdipGetPropertyItem
GdipImageSelectActiveFrame
GdipFree
GdipGetImageHeight
GdipDeleteGraphics
GdipDrawImageRectI
GdipImageGetFrameDimensionsList

dbghelp

MiniDumpWriteDump

crypt32

CryptProtectData

ws2_32

inet_ntoa
WSAStartup
gethostname
gethostbyname

Sections

.text
Size: 354KB - Virtual size: 354KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Shared
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

deef17c3d29586e179b72bfcbd1e063c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

dbghelp

crypt32

ws2_32

Sections

.text Size: 354KB - Virtual size: 354KB

.rdata Size: 126KB - Virtual size: 126KB

.data Size: 14KB - Virtual size: 41KB

.pdata Size: 24KB - Virtual size: 23KB

Shared Size: 3KB - Virtual size: 3KB

.rsrc Size: 90KB - Virtual size: 89KB

.reloc Size: 14KB - Virtual size: 13KB

.text
Size: 354KB - Virtual size: 354KB

.rdata
Size: 126KB - Virtual size: 126KB

.data
Size: 14KB - Virtual size: 41KB

.pdata
Size: 24KB - Virtual size: 23KB

Shared
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 90KB - Virtual size: 89KB

.reloc
Size: 14KB - Virtual size: 13KB