465f405c4e5ac97a1a7519621b30f367603dc7d3b66c7890fa7a3841cb99d798

Sharing

Copy URL Twitter E-mail

General

Target

465f405c4e5ac97a1a7519621b30f367603dc7d3b66c7890fa7a3841cb99d798
Size

6.0MB
MD5

1fa781236a6ede60de0da4f8f92a9314
SHA1

b3a94baee2ad73eb7e9b88036a971d1df2d5ad5d
SHA256

465f405c4e5ac97a1a7519621b30f367603dc7d3b66c7890fa7a3841cb99d798
SHA512

ce5827d521cc6c9d940d426c7ec6731e22747f57b3b23f7dfd744f81a9e0346ce51edf76edc7fa111aab19123288e45ba23dbda402dc6aef0ae421763afdd2a0
SSDEEP

98304:esSP1BjHoMr+X/wzPh7nfwGcuMRJ98nQ5UY:esKfjHj+4xfUr

Score

1^/10

Malware Config

Signatures

Files

465f405c4e5ac97a1a7519621b30f367603dc7d3b66c7890fa7a3841cb99d798
.exe windows x86

732c5244c663e2a923ed555415a95256

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

usasdhow

ord110
ord35
ord32
ord31
ord50
ord9
ord18
ord2
ord3
ord4
ord13
ord1
ord10
ord7
ord8
ord5
ord12
ord11
ord6

coeffect

ord300
ord301
ord101
ord100
ord200
ord1001
ord1000
ord201

media2

ord1
ord13
ord2
ord11
ord10
ord3
ord4
ord8
ord9

mfor

PFMGetFormatSubInfo
PFMInit
PFMGetFormatInfo
PFMGetFormat
PFMGetGroupForamtItemName
PFMGetGroupForamtCount
PFMGetGroupInfo
PFMGetGroupItem
PFMGetGroupCount
PFMGetDefaultFormatName
PFMUninit

usaclstr

ord34
ord15
ord8
ord11
ord16
ord17
ord33
ord37
ord18

mr

ord100
ord3
ord1
ord2
ord4

usaedec

ord12
ord3
ord4
ord2
ord153
ord15
ord13
ord8
ord1
ord6
ord5
ord152
ord7

usaconfig

ord104
ord102
ord103
ord108
ord101
ord109
ord107
ord112

usaadapter

ord17
ord15
ord19
ord16

usaprev2

ord60
ord1
ord16
ord10
ord9
ord110
ord8
ord62
ord61
ord15
ord100
ord7
ord12
ord6
ord11
ord2
ord17
ord5
ord18
ord4
ord13
ord3

ssplay

ord11
ord3
ord13
ord2
ord1
ord12

gdi32

EnumFontFamiliesExW
EnumFontFamiliesExA
GetTextFaceW
GetTextFaceA
GetTextCharsetInfo
GetFontData
GetCharABCWidthsW
GetCharABCWidthsA
GetCharABCWidthsFloatW
GetTextExtentPoint32W
CreateFontIndirectW
CreateFontIndirectA
GetTextMetricsW
GetTextMetricsA
GetGlyphOutlineW
GetGlyphOutlineA
GetOutlineTextMetricsA
CreatePalette
GetPaletteEntries
SelectPalette
RealizePalette
CreateSolidBrush
CreatePen
Rectangle
SetTextAlign
SetBkMode
TextOutA
TextOutW
SetGraphicsMode
SetWorldTransform
ExtTextOutW
GdiFlush
GetStockObject
SetTextColor
GetRgnBox
RectInRegion
PtInRegion
CreatePolygonRgn
EqualRgn
ExtCreateRegion
CreateEllipticRgn
GetRegionData
GetObjectW
GetObjectA
GetDIBits
CreateDIBSection
GetDeviceCaps
CreateBitmap
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
DeleteDC
OffsetRgn
CreateRectRgn
CombineRgn
DeleteObject
SelectClipRgn

comdlg32

GetOpenFileNameW
GetOpenFileNameA

oleaut32

SysAllocString
SysStringLen
SysFreeString
SysAllocStringByteLen
VariantInit

imm32

ImmReleaseContext
ImmSetCompositionFontW
ImmSetCompositionFontA
ImmSetCompositionWindow
ImmSetCandidateWindow
ImmAssociateContext
ImmGetCompositionStringW
ImmGetCompositionStringA
ImmNotifyIME
ImmGetContext
ImmGetDefaultIMEWnd

winmm

PlaySoundA
PlaySoundW

ws2_32

WSAAsyncSelect

ole32

CoCreateGuid
CoUninitialize
CoInitialize
CoTaskMemFree
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
StringFromGUID2
CoGetMalloc
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
OleGetClipboard
DoDragDrop
ReleaseStgMedium
CoCreateInstance
OleUninitialize
OleInitialize

user32

SetParent
CreateWindowExA
CreateWindowExW
DestroyCursor
SetCursorPos
GetCursorPos
CreateCursor
LoadCursorW
LoadCursorA
DrawIconEx
LoadImageW
SetRect
PeekMessageW
MessageBeep
GetCaretBlinkTime
PeekMessageA
SetCaretBlinkTime
SetDoubleClickTime
GetDoubleClickTime
GetSysColor
GetParent
WindowFromPoint
RegisterWindowMessageA
RegisterWindowMessageW
EndPaint
BeginPaint
GetUpdateRect
GetWindowRgn
DefWindowProcA
DefWindowProcW
RegisterClassA
LoadIconA
RegisterClassW
LoadIconW
GetSysColorBrush
GetClassInfoA
GetClassInfoW
UnregisterClassW
UnregisterClassA
TranslateMessage
HideCaret
CreateCaret
SetCaretPos
DestroyCaret
RegisterClipboardFormatW
ValidateRgn
SetClipboardViewer
GetKeyboardLayout
ToUnicode
ToAscii
MapVirtualKeyW
TrackPopupMenuEx
SetMenuItemInfoW
SendMessageA
MapVirtualKeyA
GetMenu
RegisterClipboardFormatA
GetClipboardFormatNameA
GetClipboardFormatNameW
CharNextExA
SetTimer
KillTimer
DispatchMessageA
DispatchMessageW
MsgWaitForMultipleObjectsEx
UpdateWindow
InvalidateRgn
SetForegroundWindow
UnhookWindowsHookEx
CreateIconIndirect
GetActiveWindow
IsChild
GetFocus
SetFocus
SystemParametersInfoW
SystemParametersInfoA
GetSystemMenu
EnableMenuItem
GetKeyState
GetSystemMetrics
GetIconInfo
GetDesktopWindow
GetDC
PostMessageW
InvalidateRect
MessageBoxW
PostMessageA
GetWindowPlacement
IsWindowVisible
SetWindowPlacement
MoveWindow
IsIconic
IsZoomed
ShowWindow
ChangeClipboardChain
SetWindowLongA
ClientToScreen
SetCapture
ReleaseCapture
SendMessageW
SetWindowLongW
GetWindowDC
ReleaseDC
PtInRect
SetWindowPos
OffsetRect
GetWindowRect
GetClientRect
BringWindowToTop
ExitWindowsEx
GetWindowLongW
SetWindowTextW
SetWindowTextA
DestroyWindow
SetCursor
ScreenToClient
GetWindowLongA
AdjustWindowRectEx
SetWindowRgn
DestroyIcon
GetKeyboardState
ScrollWindowEx

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCreateKeyExW
RegFlushKey
RegSetValueExA
RegSetValueExW
RegEnumKeyExA
RegEnumValueA
RegEnumKeyExW
RegEnumValueW
RegQueryInfoKeyA
RegQueryInfoKeyW
RegDeleteKeyA
RegDeleteKeyW
RegDeleteValueA
RegDeleteValueW

shell32

ShellExecuteA
SHGetMalloc
SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetFileInfoW

kernel32

CreateSemaphoreW
CreateSemaphoreA
WaitForSingleObject
ReleaseSemaphore
GetTimeFormatW
SetFilePointer
ReadFile
WriteFile
SetCurrentDirectoryW
SetCurrentDirectoryA
GetCurrentDirectoryA
GetCurrentDirectoryW
GetTempPathA
SetEndOfFile
GetFullPathNameA
GetFullPathNameW
CreateFileA
CreateFileW
DeleteFileA
DeleteFileW
CopyFileA
CopyFileW
MoveFileA
MoveFileW
CreateDirectoryA
CreateDirectoryW
RemoveDirectoryA
RemoveDirectoryW
GetFileAttributesA
GetFileAttributesW
GetFileTime
GetLogicalDrives
MapViewOfFile
GetSystemInfo
CreateFileMappingA
CreateFileMappingW
UnmapViewOfFile
GetThreadPriority
GetCurrentThread
ResetEvent
Sleep
TlsAlloc
TerminateThread
SetThreadPriority
TlsSetValue
ResumeThread
WaitForMultipleObjects
DuplicateHandle
TlsGetValue
FindCloseChangeNotification
FindNextChangeNotification
SetEvent
FindFirstChangeNotificationW
FindNextFileA
FindNextFileW
GlobalUnlock
GlobalLock
GlobalAlloc
FindClose
FindFirstFileA
RtlUnwind
ExitProcess
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStartupInfoA
HeapAlloc
HeapFree
HeapReAlloc
GetTimeZoneInformation
FileTimeToLocalFileTime
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFileAttributesW
SetFileAttributesA
ExitThread
CreateThread
WriteConsoleW
GetStdHandle
TlsFree
InterlockedIncrement
SetLastError
InitializeCriticalSectionAndSpinCount
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
IsValidLocale
GetLocaleInfoA
SetErrorMode
GetModuleHandleW
InterlockedDecrement
GetVolumeInformationW
CreateEventA
CreateEventW
GetCurrentThreadId
GetFileType
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetFileInformationByHandle
GetFileAttributesExA
FindFirstChangeNotificationA
GetTimeFormatA
GetDateFormatW
GetDateFormatA
FormatMessageW
FormatMessageA
LocalFree
GetVersionExA
OutputDebugStringW
OutputDebugStringA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetLocalTime
GetCommandLineW
GetCommandLineA
GetModuleFileNameA
GetCurrentProcessId
GetThreadLocale
CompareStringA
CompareStringW
GetLastError
GetDriveTypeW
GetDriveTypeA
GlobalSize
lstrcmpW
GetLocaleInfoW
CreateProcessW
CreateProcessA
CloseHandle
GetVolumeInformationA
GetModuleHandleA
MultiByteToWideChar
GetVersionExW
LoadLibraryA
GetUserDefaultLangID
GetModuleFileNameW
WideCharToMultiByte
GetProcAddress
GetCurrentProcess
QueryPerformanceCounter
QueryPerformanceFrequency
FreeLibrary
GetTempPathW
LoadLibraryW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
VirtualFree
GetTickCount
GetSystemTimeAsFileTime
VirtualAlloc
FlushFileBuffers
LCMapStringA
LCMapStringW
SetEnvironmentVariableA
WriteConsoleA
GetConsoleOutputCP
GetProcessHeap
GetStringTypeA
GetStringTypeW
GetFileAttributesExW
FindFirstFileW

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Exports

Exports

?qt_plugin_instance_QJpegPlugin@@YAPAVQObject@@XZ
?qt_plugin_instance_qjpeg@@YAPAVQObject@@XZ

Sections

.text
Size: 4.4MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Share
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 242KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

732c5244c663e2a923ed555415a95256

Headers

DLL Characteristics

File Characteristics

Imports

usasdhow

coeffect

media2

mfor

usaclstr

mr

usaedec

usaconfig

usaadapter

usaprev2

ssplay

gdi32

comdlg32

oleaut32

imm32

winmm

ws2_32

ole32

user32

advapi32

shell32

kernel32

version

Exports

Exports

Sections

.text Size: 4.4MB - Virtual size: 4.4MB

.rdata Size: 1.3MB - Virtual size: 1.3MB

.data Size: 28KB - Virtual size: 46KB

Share Size: 512B - Virtual size: 4B

.rsrc Size: 68KB - Virtual size: 68KB

.reloc Size: 242KB - Virtual size: 241KB

.text
Size: 4.4MB - Virtual size: 4.4MB

.rdata
Size: 1.3MB - Virtual size: 1.3MB

.data
Size: 28KB - Virtual size: 46KB

Share
Size: 512B - Virtual size: 4B

.rsrc
Size: 68KB - Virtual size: 68KB

.reloc
Size: 242KB - Virtual size: 241KB