b6aea8e3f51607e23d656f93f91a96f6cd5876ef5fb6733366236e2413361716

Sharing

Copy URL Twitter E-mail

General

Target

b6aea8e3f51607e23d656f93f91a96f6cd5876ef5fb6733366236e2413361716
Size

680KB
MD5

1c39412197d1632f3a3f0a8fc40f7828
SHA1

0619e2e4d74976e94d7248412c46c42c54406a68
SHA256

b6aea8e3f51607e23d656f93f91a96f6cd5876ef5fb6733366236e2413361716
SHA512

6b580456f71753a2abf2bb11d251317ca73bd174b8e4283cb0fa7ba17e82aec38973c1ad867e14d832d5ed01518ea106f45cfd9b34d25f00319ddac935f52cad
SSDEEP

12288:S1BD5QFnpSCJuh8P4+/NzlqjkIah5Pn4aWvumojxPu:SdcSCJui/tPhKaWOjtu

Score

1^/10

Malware Config

Signatures

Files

b6aea8e3f51607e23d656f93f91a96f6cd5876ef5fb6733366236e2413361716
.exe windows x86

cc752d0707414c457a85dd5e7f737678

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
GetTickCount
ExitProcess
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
GetCommandLineA
GetStartupInfoA
RtlUnwind
RaiseException
ExitThread
CreateThread
HeapSize
SetStdHandle
GetFileType
GetStdHandle
GetACP
GetConsoleCP
GetConsoleMode
GetCPInfo
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
HeapDestroy
HeapCreate
VirtualFree
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
LCMapStringA
LCMapStringW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
GlobalFlags
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
SetErrorMode
LocalAlloc
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetFileTime
GetFileAttributesA
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetVersionExA
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
GlobalDeleteAtom
GlobalFree
FormatMessageA
LocalFree
MulDiv
InterlockedDecrement
GetModuleFileNameW
GetModuleHandleA
GetCurrentProcessId
GetFullPathNameA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetThreadLocale
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
SetLastError
GetVersion
CompareStringA
GetLastError
InterlockedExchange
CompareStringW
lstrlenA
WritePrivateProfileStringA
GlobalAlloc
GlobalUnlock
GlobalLock
GetVolumeInformationA
WriteFile
CreateFileA
CloseHandle
GetLocalTime
HeapAlloc
GetProcessHeap
HeapFree
Sleep
lstrcpyA
GlobalAddAtomA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
FreeLibrary
GetModuleFileNameA
IsDebuggerPresent
FreeResource
SizeofResource
LockResource
LoadResource
FindResourceA
SetHandleCount
WideCharToMultiByte

user32

RegisterClipboardFormatA
PostThreadMessageA
IsRectEmpty
CopyAcceleratorTableA
CharNextA
ReleaseCapture
SetCapture
GetSysColorBrush
UnregisterClassA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
GetMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
PtInRect
GetDlgCtrlID
CallWindowProcA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
IsWindowVisible
GetKeyState
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindow
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
UnhookWindowsHookEx
GetWindowThreadProcessId
GetParent
DestroyMenu
GetLastActivePopup
IsWindowEnabled
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
InvalidateRect
CharUpperA
EnableWindow
PostMessageA
SetDlgItemTextA
KillTimer
SetRect
CopyRect
EnumDisplaySettingsA
DrawIcon
GetIconInfo
GetCursorInfo
MessageBoxA
LoadBitmapA
GetClientRect
GetSystemMetrics
SendMessageA
IsIconic
SetForegroundWindow
ShowWindow
FindWindowA
GetClassNameA
GetWindowTextA
RegisterHotKey
UnregisterHotKey
LoadIconA
SetTimer
SetWindowLongA
GetWindowLongA
UpdateWindow
LoadCursorA
DefWindowProcA
DestroyWindow
SetCursor
SetWindowPos
GetCursorPos
SetWindowRgn
GetWindowRect
PeekMessageA
GetSysColor

gdi32

GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
GetMapMode
GetStockObject
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
RectVisible
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
PtVisible
GetWindowExtEx
SetViewportOrgEx
Escape
CreateRectRgn
GetViewportExtEx
SetMapMode
RestoreDC
SaveDC
GetObjectA
SetBkColor
GetClipBox
CreateBitmap
GetDeviceCaps
TextOutA
SetTextColor
SelectObject
CreateFontA
Rectangle
CreateSolidBrush
DeleteObject
CombineRgn
ExtTextOutA

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyExA
RegQueryValueExA
RegQueryValueA
RegEnumKeyA
RegCreateKeyExA
RegCloseKey
RegOpenKeyA
RegDeleteKeyA
RegCreateKeyA
RegSetValueExA

shell32

SHGetSpecialFolderPathA
ShellExecuteA
Shell_NotifyIconA

comctl32

InitCommonControlsEx

shlwapi

PathIsUNCA
PathFindExtensionA
PathFindFileNameA
PathStripToRootA

oledlg

ord8

ole32

CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CLSIDFromProgID
CoTaskMemFree
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
CoTaskMemAlloc
OleIsCurrentClipboard
OleFlushClipboard

oleaut32

SysAllocString
OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
VariantClear
SysStringLen
SysFreeString
SysAllocStringByteLen
SysAllocStringLen
VariantChangeType
VariantInit

wininet

InternetSetStatusCallback
HttpSendRequestA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetOpenA
InternetGetLastResponseInfoA
InternetCloseHandle
HttpQueryInfoA
HttpOpenRequestA
InternetConnectA
InternetQueryDataAvailable

winmm

waveInPrepareHeader
waveInAddBuffer
waveInStop
waveInReset
waveInClose
waveInGetNumDevs
waveInOpen
waveInGetID
waveInStart
timeGetTime
waveInUnprepareHeader

msvfw32

ICRemove
ICClose
ICOpen
ICInstall
ICSendMessage

avifil32

AVIStreamWrite
AVIFileCreateStreamA
AVIStreamRelease
AVIMakeCompressedStream
AVIFileInit
AVIFileOpenA
AVIFileRelease
AVIFileExit
AVIStreamSetFormat

imagehlp

MapFileAndCheckSumA

Sections

.text
Size: 400KB - Virtual size: 397KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 148KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cc752d0707414c457a85dd5e7f737678

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

wininet

winmm

msvfw32

avifil32

imagehlp

Sections

.text Size: 400KB - Virtual size: 397KB

.rdata Size: 112KB - Virtual size: 108KB

.data Size: 16KB - Virtual size: 3.6MB

.rsrc Size: 148KB - Virtual size: 144KB

.text
Size: 400KB - Virtual size: 397KB

.rdata
Size: 112KB - Virtual size: 108KB

.data
Size: 16KB - Virtual size: 3.6MB

.rsrc
Size: 148KB - Virtual size: 144KB