9fd78c0bab7d2856f39480172c95efc9729a05eba7da6c972e19bc339c05c550

Sharing

Copy URL Twitter E-mail

General

Target

9fd78c0bab7d2856f39480172c95efc9729a05eba7da6c972e19bc339c05c550
Size

2.9MB
MD5

65b8d829f14cf3a9a3481cb537dde53a
SHA1

61610f395c0c8cfa8d78263e0855c9ee4b0b3921
SHA256

9fd78c0bab7d2856f39480172c95efc9729a05eba7da6c972e19bc339c05c550
SHA512

0f44265b0931de5c1c2016c9780057058a1e5447ea19f5e0e6e098b43e1b8973b46f91ff162a8bb1eeb67c9c6c1d6b58443572182900230a07f307e33b6bf229
SSDEEP

49152:BxVz+xw38rwJ+iDxG9/Ku82SVaciRIkEhTb8K8DP2z:BxMC31+yQ/Q/sFW

Score

N/A

Malware Config

Signatures

Files

9fd78c0bab7d2856f39480172c95efc9729a05eba7da6c972e19bc339c05c550
.exe windows x86

001dc496b118a72e4479ad2a52cc5348

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DuplicateHandle
GetVolumeInformationW
GetShortPathNameW
InterlockedIncrement
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalGetAtomNameW
GetAtomNameW
lstrlenA
FileTimeToSystemTime
SystemTimeToFileTime
GlobalFlags
SetErrorMode
FileTimeToLocalFileTime
LocalFileTimeToFileTime
SetFileTime
SetFileAttributesW
GetVersionExW
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoW
RtlUnwind
SetEnvironmentVariableW
ExitThread
GetDriveTypeW
RaiseException
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
HeapReAlloc
HeapSize
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
SetEndOfFile
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
FatalAppExitA
VirtualAlloc
GetCurrentDirectoryA
SetCurrentDirectoryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
SetConsoleCtrlHandler
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetDriveTypeA
SetEnvironmentVariableA
UnlockFile
LockFile
FlushFileBuffers
lstrcmpiW
GetThreadLocale
GetStringTypeExW
GetModuleHandleA
InterlockedDecrement
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
WaitForSingleObject
SetThreadPriority
FreeResource
GlobalAddAtomW
GlobalFindAtomW
CompareStringW
LoadLibraryA
GetVersionExA
GlobalDeleteAtom
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
lstrcmpW
SetLastError
GlobalFree
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
LocalFree
lstrlenW
MulDiv
GetVersion
GetTempFileNameW
GetTempPathW
FindFirstFileW
FindFirstFileA
FindNextFileW
CreateDirectoryA
FindNextFileA
CreateDirectoryW
FindClose
GetFullPathNameA
GetFullPathNameW
TerminateThread
InterlockedCompareExchange
CreateThread
ResumeThread
SuspendThread
GetFileSize
CopyFileA
GetFileAttributesA
CreateFileA
GetFileTime
SetFilePointer
DeleteFileA
WriteFile
MoveFileA
CreateFileW
GetTimeZoneInformation
ReadFile
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
OutputDebugStringW
GetCurrentThread
IsBadWritePtr
GetCurrentProcess
VirtualQuery
GetModuleHandleW
FormatMessageW
SetUnhandledExceptionFilter
GetCurrentProcessId
CreateFileMappingW
CloseHandle
MoveFileW
ExitProcess
Sleep
CreateEventW
SetEvent
MultiByteToWideChar
CopyFileW
GetFileAttributesW
DeleteFileW
GetCurrentDirectoryW
SetCurrentDirectoryW
WideCharToMultiByte
GetModuleFileNameW
FindResourceW
LoadResource
LockResource
SizeofResource
LoadLibraryW
GetProcAddress
FreeLibrary
GetEnvironmentStrings
GetLastError

user32

CreatePopupMenu
InsertMenuItemW
InvalidateRect
LoadAcceleratorsW
LoadMenuW
ReuseDDElParam
UnpackDDElParam
GetKeyNameTextW
MapVirtualKeyW
IsRectEmpty
SetParent
UnionRect
SetRect
GetDCEx
LockWindowUpdate
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
InflateRect
ScrollWindowEx
ShowWindow
MoveWindow
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
GetDlgItemTextW
GetDlgItemInt
CheckRadioButton
CheckDlgButton
GetDesktopWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
IsWindowEnabled
ShowOwnedPopups
SetCursor
GetMessageW
GetActiveWindow
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
SetRectEmpty
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
GetKeyState
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
UpdateWindow
GetMenu
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
GetParent
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
PtInRect
SetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetWindowLongW
SetWindowLongW
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
BringWindowToTop
SetMenu
TranslateAcceleratorW
UnregisterClassW
GetDialogBaseUnits
DestroyIcon
WaitMessage
ReleaseCapture
WindowFromPoint
SetCapture
DeleteMenu
LoadCursorW
GetSysColorBrush
CharUpperW
EndPaint
IsChild
BeginPaint
GetWindowRect
GetWindow
PostQuitMessage
GetMenuState
GetMenuStringW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
RemoveMenu
SetWindowTextA
SendMessageA
SetWindowTextW
wvsprintfW
GetSystemMetrics
LoadIconW
EnableWindow
FindWindowW
KillTimer
SetTimer
GetClientRect
IsIconic
GetSystemMenu
PostMessageW
SendMessageW
AppendMenuW
DrawIcon
GetWindowThreadProcessId
PeekMessageW
DispatchMessageW
TranslateMessage
IsWindow
GetMessageTime
UnregisterClassA

gdi32

ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
DeleteDC
CreateDIBPatternBrushPt
CreatePatternBrush
GetStockObject
CreateRectRgn
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
SetViewportExtEx
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
GetTextMetricsW
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
PatBlt
DPtoLP
CreateCompatibleBitmap
GetCharWidthW
CreateFontW
StretchDIBits
GetBkColor
GetClipRgn
SelectClipRgn
DeleteObject
SetColorAdjustment
SetArcDirection
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
TextOutW
RectVisible
PtVisible
StartDocW
GetPixel
GetWindowExtEx
GetViewportExtEx
CreatePen
GetDeviceCaps
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
GetTextExtentPoint32W
ExtTextOutW
BitBlt
CreateCompatibleDC
CreateFontIndirectW
CreateBitmap
GetObjectW
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
CreateDCW
CopyMetaFileW
SelectClipPath

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegOpenKeyW
RegSetValueW
RegCloseKey
RegCreateKeyW

shell32

ExtractIconW
ShellExecuteA
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetDesktopFolder
DragQueryFileW
DragFinish
ShellExecuteW
SHGetFileInfoW
SHGetMalloc

shlwapi

PathRemoveExtensionW
PathFindFileNameW
PathStripToRootW
PathFindExtensionW
PathIsUNCW

ole32

StringFromGUID2
OleDuplicateData
CoCreateInstance
CoDisconnectObject
OleUninitialize
OleInitialize
CoTaskMemFree
SetConvertStg
WriteFmtUserTypeStg
WriteClassStg
OleRegGetUserType
ReadFmtUserTypeStg
ReadClassStg
CreateBindCtx
ReleaseStgMedium
CoTaskMemAlloc
CoTreatAsClass
StringFromCLSID
CLSIDFromString

oleaut32

VarBstrFromDate
VarDecFromStr
VarBstrFromDec
VarBstrFromCy
VarCyFromStr
SysReAllocStringLen
VarDateFromStr
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayCopy
SafeArrayAllocDescriptor
SafeArrayAllocData
VariantCopy
SafeArrayRedim
SafeArrayCreate
SafeArrayGetDim
SysAllocStringLen
SysStringLen
SysFreeString
SysAllocStringByteLen
SysStringByteLen
VariantClear
VariantChangeType
VariantInit
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize

gdiplus

GdiplusStartup
GdipCloneImage
GdipDrawImageI
GdipGetImageGraphicsContext
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipSaveImageToFile
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdiplusShutdown

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 596KB - Virtual size: 592KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

001dc496b118a72e4479ad2a52cc5348

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

gdiplus

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 596KB - Virtual size: 592KB

.data Size: 24KB - Virtual size: 44KB

.rsrc Size: 36KB - Virtual size: 33KB

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 596KB - Virtual size: 592KB

.data
Size: 24KB - Virtual size: 44KB

.rsrc
Size: 36KB - Virtual size: 33KB