c9916fa50db6d95e169014283e5b034924e2fc7196e13b7c66ab144c845ea87c

Sharing

Copy URL Twitter E-mail

General

Target

c9916fa50db6d95e169014283e5b034924e2fc7196e13b7c66ab144c845ea87c
Size

841KB
MD5

fc8633387424f3b8b6d322778033d5d1
SHA1

5c32a06c5e5263337b7647f498754598da927a2c
SHA256

c9916fa50db6d95e169014283e5b034924e2fc7196e13b7c66ab144c845ea87c
SHA512

20b891c07d6788d7e9197147fd3cc0a962aaacd8ae2353eb57b975baaf3688fa8cba43bb082740e27afbec98a099a1eabfc18888ee45d3dbc4bcf52be15ff3d1
SSDEEP

12288:x4vfBBCnQJG5gt8Hu7qENpcmVOExTWewiiXXoRRYHNwVsYnHnFklGPZDOyF9hGvt:xCIHuRpc6OYilXXQYt23Hn6qZD/Fb

Score

N/A

Malware Config

Signatures

Files

c9916fa50db6d95e169014283e5b034924e2fc7196e13b7c66ab144c845ea87c
.exe windows x86

bbaa9210b4ee0f95cad7294e85484b1e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
lstrlenA
SetErrorMode
GetFileSizeEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
RtlUnwind
ExitThread
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapSize
GetStdHandle
GetModuleFileNameA
GlobalFlags
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
GetFullPathNameW
GetVolumeInformationW
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetThreadLocale
InterlockedIncrement
RaiseException
InterlockedDecrement
WritePrivateProfileStringW
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
CompareStringA
InterlockedExchange
SuspendThread
ResumeThread
SetThreadPriority
FreeResource
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
GetVersionExA
GlobalFree
GlobalAlloc
GetCurrentProcessId
GlobalLock
GlobalUnlock
GetModuleHandleA
SetLastError
GetTimeZoneInformation
DeleteFileW
FileTimeToLocalFileTime
GetFileTime
SetFilePointer
TerminateProcess
DuplicateHandle
WaitForMultipleObjects
PeekNamedPipe
ResetEvent
TerminateThread
SetEvent
GetCurrentThreadId
ReleaseMutex
CreateEventW
CreateMutexW
GetTempFileNameW
FileTimeToSystemTime
GetFileAttributesExW
GetFileAttributesW
FindClose
FindFirstFileW
GetCurrentProcess
WinExec
OutputDebugStringA
GetVersionExW
GetFileSize
WaitForSingleObject
HeapReAlloc
HeapAlloc
CreatePipe
GetStartupInfoW
ExitProcess
GetLastError
GetModuleHandleW
CreateProcessW
WideCharToMultiByte
AreFileApisANSI
MultiByteToWideChar
GetLocaleInfoW
GetTempPathW
OutputDebugStringW
lstrcmpW
MulDiv
GetLogicalDriveStringsW
GetDriveTypeW
LocalAlloc
FormatMessageW
LocalFree
DeviceIoControl
WriteFile
ReadFile
SetFilePointerEx
CreateFileW
GetTickCount
Sleep
CreateThread
lstrcatW
lstrcpyW
lstrlenW
GetProcAddress
LoadLibraryW
FreeLibrary
GetModuleFileNameW
CloseHandle
GetExitCodeProcess
GetProcessHeap
HeapFree
FindResourceW
LoadResource
LockResource
SizeofResource
FreeEnvironmentStringsW
CopyFileW
InterlockedCompareExchange

user32

PostThreadMessageW
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetForegroundWindow
SetActiveWindow
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
GetKeyState
SetMenu
SetForegroundWindow
IsWindowVisible
UpdateWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
GetScrollInfo
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
GetMenuState
CopyAcceleratorTableW
GetSubMenu
GetLastActivePopup
IsWindowEnabled
GetSysColor
EndPaint
BeginPaint
GetWindowDC
PostMessageW
SetLayeredWindowAttributes
ExitWindowsEx
KillTimer
SetWindowLongW
SetTimer
DispatchMessageW
TranslateMessage
PeekMessageW
SetWindowTextW
PostQuitMessage
ClientToScreen
CreatePopupMenu
AppendMenuW
LoadIconW
GetSystemMenu
SetWindowRgn
SetCursor
LoadCursorW
GetWindowLongW
RedrawWindow
GetMenuItemCount
GetWindowRect
SetRect
GetSystemMetrics
InflateRect
GetWindowTextW
CopyRect
GrayStringW
IsRectEmpty
DrawTextExW
TabbedTextOutW
ReleaseCapture
SetCapture
GetSysColorBrush
DrawTextW
GetParent
PtInRect
InvalidateRect
ScreenToClient
GetCursorPos
GetClientRect
LoadImageW
SendMessageW
IsWindow
GetDlgItem
EnableWindow
MessageBoxW
FillRect
wsprintfW
RegisterClipboardFormatW
ReleaseDC
GetDC
GetDesktopWindow
UnregisterClassW
MessageBeep
GetNextDlgGroupItem
GetWindowThreadProcessId
InvalidateRgn
CharUpperW
WindowFromPoint
CharNextW
DestroyMenu
SetWindowContextHelpId
MapDialogRect
ShowWindow
MoveWindow
IsDialogMessageW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
GetMessageW
GetActiveWindow
ValidateRect
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
GetCapture
GetMenuItemID
IsChild
WinHelpW

gdi32

GetTextExtentPoint32W
GetStockObject
CreateRoundRectRgn
SaveDC
RestoreDC
SetBkColor
SetBkMode
SetTextColor
SetMapMode
GetClipBox
LineTo
MoveToEx
GetViewportExtEx
GetWindowExtEx
SetViewportOrgEx
OffsetViewportOrgEx
RoundRect
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreateBitmap
GetDeviceCaps
CreateRectRgnIndirect
GetBkColor
GetTextColor
GetMapMode
GetRgnBox
ExtTextOutW
Escape
TextOutW
RectVisible
PtVisible
CreateFontIndirectW
StretchBlt
CreatePen
CreateCompatibleBitmap
GetCurrentObject
CreateDIBSection
CreateSolidBrush
BitBlt
GetObjectW
SelectObject
SetViewportExtEx
DeleteObject
CreateCompatibleDC

msimg32

AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegSetValueExW
RegOpenKeyExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegCloseKey
RegCreateKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegQueryValueExW

shell32

ShellExecuteW
SHGetSpecialFolderPathW

comctl32

InitCommonControlsEx
_TrackMouseEvent

shlwapi

PathFindExtensionW
PathFindFileNameW
PathRemoveFileSpecW
PathStripToRootW
PathAppendW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CoTaskMemAlloc
OleIsCurrentClipboard
CoTaskMemFree
OleFlushClipboard
CoRegisterMessageFilter
CLSIDFromProgID
CLSIDFromString
CoUninitialize
CoCreateInstance
CoInitializeEx
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject

oleaut32

SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
VariantCopy
SysAllocString
DispCallFunc
LoadRegTypeLi
OleCreateFontIndirect
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetElemsize
SafeArrayCreate
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysFreeString
SysStringLen

gdiplus

GdipLoadImageFromFile
GdipDrawImageRectRect
GdipDeleteGraphics
GdipCloneImage
GdipDisposeImage
GdipAlloc
GdipFree
GdiplusShutdown
GdiplusStartup
GdipGetImageWidth
GdipGetImageHeight
GdipCreateFromHDC
GdipDrawImageRect

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

Sections

.text
Size: 566KB - Virtual size: 566KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bbaa9210b4ee0f95cad7294e85484b1e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

version

Sections

.text Size: 566KB - Virtual size: 566KB

.rdata Size: 147KB - Virtual size: 146KB

.data Size: 20KB - Virtual size: 41KB

.rsrc Size: 52KB - Virtual size: 52KB

.reloc Size: 54KB - Virtual size: 53KB

.text
Size: 566KB - Virtual size: 566KB

.rdata
Size: 147KB - Virtual size: 146KB

.data
Size: 20KB - Virtual size: 41KB

.rsrc
Size: 52KB - Virtual size: 52KB

.reloc
Size: 54KB - Virtual size: 53KB