e09f557a7d96e868a998b366ea2694ae4339bec57d7bfda04bcb4be573469f9b

Sharing

Copy URL Twitter E-mail

General

Target

e09f557a7d96e868a998b366ea2694ae4339bec57d7bfda04bcb4be573469f9b
Size

3.5MB
MD5

f0e0c68b23d0ec12c49dc5c9ffc0a8fc
SHA1

d623629bd81911c9a5894da55b510fffc7067e7d
SHA256

e09f557a7d96e868a998b366ea2694ae4339bec57d7bfda04bcb4be573469f9b
SHA512

a9543ddc50b79e37112b66e35c6bc8e9dbcb4bf3822d16d66b9231eb56e9a45cf0777eb48a9a88c6a861954a461e9eb30647bd33e7b3a4992345df2ca94587ad
SSDEEP

49152:FL5C19jQmwIFf7cru9I4ZxXNS10sLml3UNRNIO78+hbw:FL5CMmUu9lpsLmsRiO787

Score

1^/10

Malware Config

Signatures

Files

e09f557a7d96e868a998b366ea2694ae4339bec57d7bfda04bcb4be573469f9b
.exe windows x86

2a7377e693133bf5724770f918f6d4e6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalReAlloc
TlsGetValue
GlobalFlags
lstrcatW
GetCurrentDirectoryW
GlobalFindAtomW
GlobalAddAtomW
LockResource
LoadResource
GetProcessVersion
GetFileSize
GetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
SetFileAttributesW
SetErrorMode
GetStartupInfoW
RtlUnwind
CreateThread
ExitThread
SetStdHandle
GetFileType
HeapAlloc
HeapFree
GetSystemTime
HeapReAlloc
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
SetHandleCount
GetStartupInfoA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
GetCPInfo
GetOEMCP
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
GetCurrentDirectoryA
GetDriveTypeA
CompareStringA
CompareStringW
SetEnvironmentVariableA
FreeLibrary
GetProcAddress
LoadLibraryW
InterlockedIncrement
LocalAlloc
lstrlenW
FormatMessageW
QueryPerformanceCounter
GlobalMemoryStatus
GetCurrencyFormatW
CreateEventW
WaitForMultipleObjects
GetCurrentThreadId
GetPrivateProfileSectionW
CreateSemaphoreW
InterlockedExchange
InterlockedCompareExchange
ReleaseSemaphore
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
WaitForSingleObject
GetCurrentThread
CloseHandle
SetEvent
ReadFile
CreateFileW
GetModuleFileNameW
LoadLibraryA
SetCurrentDirectoryW
SetEnvironmentVariableW
SetVolumeLabelW
CreateFileMappingW
GetThreadContext
GetExitCodeThread
TerminateThread
GetDiskFreeSpaceW
QueryDosDeviceW
GetComputerNameA
OpenSemaphoreW
OpenMutexW
DeviceIoControl
CreateFileA
GetComputerNameW
LoadLibraryExW
LoadLibraryExA
EnumResourceLanguagesW
SizeofResource
GetSystemDirectoryW
GetWindowsDirectoryW
FindResourceExW
FormatMessageA
GetTickCount
GetProcessTimes
GetCurrentProcess
GetSystemInfo
SetConsoleTextAttribute
GetConsoleScreenBufferInfo
GetStdHandle
GetTimeZoneInformation
GetLastError
CreateMutexW
FindClose
FindNextFileW
DeleteFileW
FindFirstFileW
GetDiskFreeSpaceExW
InterlockedExchangeAdd
ReleaseMutex
GetFileAttributesW
OutputDebugStringW
Sleep
ResetEvent
CreateDirectoryW
GetCurrentProcessId
SetThreadAffinityMask
ExitProcess
RaiseException
WriteProfileStringW
GetProfileStringW
SetLastError
SignalObjectAndWait
GetVersionExW
OpenProcess
GetModuleHandleW
FreeConsole
SetConsoleCursorPosition
FillConsoleOutputCharacterW
FillConsoleOutputAttribute
ReadConsoleA
SetConsoleWindowInfo
SetConsoleScreenBufferSize
SetConsoleCtrlHandler
SetConsoleMode
GetConsoleMode
InterlockedDecrement
AllocConsole
OpenEventW
HeapUnlock
HeapWalk
HeapLock
GetProcessHeaps
SetProcessWorkingSetSize
GetProcessWorkingSetSize
MoveFileW
IsBadReadPtr
SetPriorityClass
GetProcessHeap
SetUnhandledExceptionFilter
SetProcessShutdownParameters
UnmapViewOfFile
MapViewOfFile
OpenFileMappingW
LocalFree
GetModuleHandleA
GetLocalTime
GetVolumeInformationW
GetDriveTypeW
GetLogicalDrives
GetPrivateProfileStringW
GetPrivateProfileIntW
WritePrivateProfileStringW
FileTimeToSystemTime
GetThreadTimes
TerminateProcess
CreateProcessW
GetACP
CreateIoCompletionPort
PostQueuedCompletionStatus
GetQueuedCompletionStatus
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
GlobalFree
TlsAlloc
GetVersion
lstrcmpiW
GetFullPathNameW
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
DuplicateHandle
lstrcpyW
lstrcpynW
SuspendThread
SetThreadPriority
ResumeThread
lstrcmpW
GlobalAlloc
GlobalDeleteAtom
FileTimeToLocalFileTime
GlobalLock
GlobalUnlock
MultiByteToWideChar
WideCharToMultiByte
lstrlenA

user32

SystemParametersInfoW
IsIconic
GetWindowPlacement
ShowWindow
SetWindowPos
SetWindowLongW
GetDlgItem
SetFocus
SetWindowTextW
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetClassNameW
RegisterWindowMessageW
SetForegroundWindow
GetMenuItemCount
GetSubMenu
GetWindowTextW
MessageBoxA
GetProcessWindowStation
PostQuitMessage
GetMenuCheckMarkDimensions
GetForegroundWindow
GetDesktopWindow
CharUpperW
GetSystemMetrics
GetMessageTime
ClientToScreen
DefWindowProcW
RemovePropW
CallWindowProcW
GetPropW
SetPropW
SendMessageW
SetCursor
PostMessageW
PostThreadMessageW
GetSystemMenu
CreateWindowExW
DeleteMenu
wsprintfW
DestroyWindow
GetMenu
RegisterClassW
GetClassInfoW
WinHelpW
GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
GetSysColor
UnhookWindowsHookEx
GetMessagePos
MapWindowPoints
GetDC
ReleaseDC
TabbedTextOutW
DrawTextW
GrayStringW
LoadStringW
GetMenuItemID
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetUserObjectInformationW
OemToCharBuffA
CharToOemBuffA
UnregisterClassW
GetNextDlgTabItem
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
GetKeyState
EnableWindow
MessageBoxW
GetWindowLongW
IsWindowEnabled
GetLastActivePopup
LoadIconW
LoadCursorW
GetSysColorBrush
DestroyMenu
GetParent
SetWindowsHookExW
GetCursorPos
PeekMessageW
IsWindowVisible
ValidateRect
CallNextHookEx
LoadBitmapW

gdi32

GetObjectW
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetDeviceCaps
DeleteObject
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
SetBkColor
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
CreateBitmap

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegisterEventSourceA
ReportEventA
RegCloseKey
RegDeleteValueW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
CloseServiceHandle
RegQueryInfoKeyW
RegEnumKeyW
GetAce
LookupAccountNameW
RegisterServiceCtrlHandlerW
StartServiceCtrlDispatcherW
ControlService
StartServiceW
QueryServiceStatus
DeleteService
LockServiceDatabase
CreateServiceW
RegCreateKeyW
UnlockServiceDatabase
SetServiceStatus
GetUserNameW
ChangeServiceConfigW
QueryServiceConfigW
RegDeleteKeyW
SetFileSecurityW
AdjustTokenPrivileges
LookupPrivilegeValueW
GetFileSecurityW
MapGenericMask
InitializeAcl
AddAccessAllowedAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
DuplicateToken
AccessCheck
AllocateAndInitializeSid
EqualSid
FreeSid
OpenProcessToken
GetTokenInformation
LookupAccountSidW
GetLengthSid
CopySid
RegisterEventSourceW
ReportEventW
DeregisterEventSource
OpenSCManagerW
OpenServiceW
RegCreateKeyExW

comctl32

ord17

ole32

CoInitialize
CoInitializeEx
CoUninitialize
CoCreateGuid
CoCreateInstance
OleRun

oleaut32

GetErrorInfo
SysFreeString
VariantChangeType
SafeArrayAccessData
SafeArrayUnaccessData
SysStringByteLen
VariantCopy
SysStringLen
VariantClear
VariantInit
SysAllocString

wininet

InternetCanonicalizeUrlW
InternetCrackUrlW
HttpQueryInfoW
InternetOpenW
InternetConnectW
HttpOpenRequestW
HttpAddRequestHeadersW
HttpSendRequestW
InternetReadFile
InternetCloseHandle

winmm

timeEndPeriod
timeGetTime
timeBeginPeriod
timeGetDevCaps

rpcrt4

RpcStringFreeA
UuidToStringA
UuidCreate

ws2_32

closesocket
connect
socket
WSAIoctl
htons
bind
accept
setsockopt
listen
ntohl
inet_addr
shutdown
recv
WSASend
ioctlsocket
WSARecv
WSACleanup
WSAStartup
WSAEnumNetworkEvents
WSAEventSelect
WSAGetLastError
ntohs
getpeername
getsockname
getsockopt
send
sendto
recvfrom
htonl

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 416KB - Virtual size: 414KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 588KB - Virtual size: 622KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2a7377e693133bf5724770f918f6d4e6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

ole32

oleaut32

wininet

winmm

rpcrt4

ws2_32

version

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.rdata Size: 416KB - Virtual size: 414KB

.data Size: 588KB - Virtual size: 622KB

.rsrc Size: 32KB - Virtual size: 28KB

.text
Size: 2.5MB - Virtual size: 2.5MB

.rdata
Size: 416KB - Virtual size: 414KB

.data
Size: 588KB - Virtual size: 622KB

.rsrc
Size: 32KB - Virtual size: 28KB