f8edb606e1adbf131d096d771a554088b115af1b5e7732140dda8bd2c626cb4d

Sharing

Copy URL Twitter E-mail

General

Target

f8edb606e1adbf131d096d771a554088b115af1b5e7732140dda8bd2c626cb4d
Size

16.5MB
MD5

619d4bb5266f15a4e818a83dc54ef47a
SHA1

29404a59932e243195630ebbf2c66cb637e6cc73
SHA256

f8edb606e1adbf131d096d771a554088b115af1b5e7732140dda8bd2c626cb4d
SHA512

d5018fc3e31ce7b225cf9d4285bad42488c1b837a7b5ae9eec45b807e2d92d61b480c0ef35e657f4bcb1785942151c121b4d6db515a63523d520709c5644071f
SSDEEP

393216:hnIVN2lfDYqg0fc+J3ZVoCXkDqzQ2ARvJfA/c14Ql32wJOK:eKfsKfcO3L2qsjA/czl3POK

Score

1^/10

Malware Config

Signatures

Files

f8edb606e1adbf131d096d771a554088b115af1b5e7732140dda8bd2c626cb4d
.exe windows x86

7a18fbb943a57c11fe26875999612762

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
TerminateProcess
HeapFree
ExitThread
HeapAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetACP
HeapReAlloc
SetStdHandle
GetFileType
HeapSize
CompareStringA
CompareStringW
FatalAppExitA
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetStartupInfoA
GetStringTypeW
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
SetConsoleCtrlHandler
SetEnvironmentVariableA
GetLocaleInfoW
RaiseException
RtlUnwind
GlobalSize
SetErrorMode
GetOEMCP
GetCPInfo
GlobalMemoryStatus
GetComputerNameW
GetSystemDirectoryW
GetWindowsDirectoryW
GetCurrentDirectoryW
QueryPerformanceCounter
QueryPerformanceFrequency
GetProcessVersion
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
SetCurrentDirectoryA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
SetVolumeLabelA
GetDiskFreeSpaceA
GetProfileStringA
FormatMessageW
OutputDebugStringW
GetExitCodeThread
TerminateThread
ResetEvent
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileTime
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
GetVolumeInformationA
UnlockFile
LockFile
FlushFileBuffers
ReadFile
DuplicateHandle
lstrcpynA
WaitForMultipleObjects
ReleaseMutex
CreateMutexA
ReleaseSemaphore
CreateSemaphoreA
FileTimeToLocalFileTime
FileTimeToSystemTime
MulDiv
SetLastError
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcpyA
FormatMessageA
InterlockedDecrement
InterlockedIncrement
GlobalUnlock
GlobalFree
FindResourceA
SuspendThread
SetThreadPriority
ResumeThread
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpiA
AllocConsole
FreeConsole
OutputDebugStringA
WriteFile
GetFileSize
SetFilePointer
SetEndOfFile
GetWindowsDirectoryA
GetCurrentDirectoryA
CreateDirectoryA
SetEvent
GetTempPathA
lstrlenW
lstrlenA
CreateProcessA
GetModuleFileNameA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LoadLibraryExW
LoadLibraryExA
EnumResourceLanguagesA
FindResourceExA
FreeLibrary
SizeofResource
LoadResource
LockResource
GetTickCount
Sleep
MoveFileA
CopyFileA
SetFileAttributesA
lstrcmpA
RemoveDirectoryA
DeleteFileA
FindFirstFileW
FindNextFileW
FindFirstFileA
FindNextFileA
FindClose
LocalFree
CreateThread
GetSystemDirectoryA
CreateFileA
GetFileInformationByHandle
GetCurrentProcessId
GetCurrentThreadId
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetModuleHandleA
GetSystemInfo
SetThreadLocale
OpenProcess
GetModuleFileNameW
LoadLibraryA
GetProcAddress
CreateProcessW
WaitForSingleObject
CreateEventA
GetCommandLineA
GetVersion
GetCurrentThread
GetLastError
GetCurrentProcess
CloseHandle
GetFileAttributesA
GetSystemDefaultLangID
GetStringTypeA

user32

GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
SetFocus
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
TrackPopupMenu
SetWindowPlacement
GetWindowTextLengthA
GetDlgCtrlID
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
SetWindowLongA
RegisterWindowMessageA
OffsetRect
IntersectRect
LoadIconA
GetWindowRect
SendMessageA
DrawIcon
GetClientRect
GetSystemMetrics
GetProcessWindowStation
GetUserObjectInformationW
SystemParametersInfoA
GetWindowPlacement
SetDlgItemInt
MapDialogRect
SetWindowPos
GetWindow
SetWindowContextHelpId
OemToCharA
CharToOemA
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
SetDlgItemTextA
IsDlgButtonChecked
ScrollWindowEx
IsDialogMessageA
SetWindowTextA
GetClassNameA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetLastActivePopup
IsIconic
SetTimer
ExitWindowsEx
KillTimer
EnableWindow
CloseDesktop
SetThreadDesktop
MoveWindow
ShowWindow
wvsprintfA
ClientToScreen
ReleaseDC
GetWindowDC
BeginPaint
EndPaint
GetThreadDesktop
OpenDesktopA
OpenInputDesktop
GetUserObjectInformationA
CloseWindowStation
SetProcessWindowStation
OpenWindowStationA
MessageBoxA
EnumDesktopWindows
UnregisterClassA
CharToOemBuffA
OemToCharBuffA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode
GetWindowThreadProcessId
GetWindowTextA
TabbedTextOutA
DrawTextA
GrayStringA
MsgWaitForMultipleObjects
CharUpperA
InflateRect
LoadCursorA
SetCapture
ReleaseCapture
WaitMessage
GetDesktopWindow
WindowFromPoint
DestroyIcon
PostThreadMessageA
RegisterClipboardFormatA
BringWindowToTop
InvalidateRect
UnpackDDElParam
ReuseDDElParam
SetMenu
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
RemoveMenu
AppendMenuA
DestroyMenu
MessageBeep
GetNextDlgGroupItem
SetRect
CopyAcceleratorTableA
CharNextA
GetDialogBaseUnits
GetSysColorBrush
GetMenuStringA
DeleteMenu
InsertMenuA
GetWindowLongA
GetParent
IsWindowVisible
EnumWindows
PostMessageA
GetDlgItem
PostQuitMessage
PtInRect
LoadStringA
IsWindowEnabled
SetCursor
ShowOwnedPopups
GetDC

gdi32

PolyBezierTo
DeleteObject
GetClipRgn
CreateRectRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreatePen
ExtCreatePen
CreateHatchBrush
CreatePatternBrush
CreateDIBPatternBrushPt
PtVisible
RectVisible
TextOutA
LineTo
Escape
GetMapMode
PatBlt
SetRectRgn
CombineRgn
CreateRectRgnIndirect
DPtoLP
GetTextExtentPoint32A
SetColorAdjustment
GetTextColor
GetBkColor
LPtoDP
CopyMetaFileA
CreateDCA
MoveToEx
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SelectPalette
GetStockObject
SelectObject
RestoreDC
SaveDC
StartDocA
PolylineTo
PolyDraw
SetArcDirection
ArcTo
GetCurrentPositionEx
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
GetTextMetricsA
SetTextAlign
GetTextExtentPointA
BitBlt
CreateCompatibleDC
CreateDIBitmap
DeleteDC
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
GetBitmapBits
CreateCompatibleBitmap
CreateBitmap
CreateSolidBrush
GetObjectA
ExtTextOutA
CreateFontIndirectA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegisterEventSourceA
DeregisterEventSource
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegEnumValueA
RegQueryInfoKeyA
RegSetValueExW
RegQueryValueExW
RegConnectRegistryA
RegEnumKeyA
RegQueryValueA
RegSetValueA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
LogonUserA
RegOpenKeyA
GetUserNameA
LookupAccountSidA
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCreateKeyA
RegQueryValueExA
RegCloseKey
OpenThreadToken
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
ReportEventA

shell32

ExtractIconA
DragQueryFileA
DragFinish
SHGetFileInfoA
DragAcceptFiles

comctl32

ImageList_Read
ImageList_Merge
ImageList_LoadImageA
ImageList_Create
ImageList_Destroy
ord14
ord13
ord17
ImageList_Write

oledlg

ord8

ole32

OleUninitialize
OleInitialize
CoDisconnectObject
OleRun
ReleaseStgMedium
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
WriteClassStg
CoFreeUnusedLibraries
SetConvertStg
CreateBindCtx
OleDuplicateData
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoRegisterMessageFilter
CoRegisterClassObject
CoRevokeClassObject
OleSetClipboard
OleFlushClipboard
OleIsCurrentClipboard
WriteFmtUserTypeStg
CreateStreamOnHGlobal
OleRegGetUserType

olepro32

ord253

oleaut32

SysAllocStringByteLen
CreateErrorInfo
LoadTypeLi
SysStringLen
SysReAllocStringLen
VariantTimeToSystemTime
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCopy
VarBstrFromDate
VarDateFromStr
VarBstrFromCy
VarCyFromStr
SysStringByteLen
VariantChangeType
SetErrorInfo
SysAllocString
VariantCopy
SafeArrayRedim
VariantClear
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocStringLen
SysFreeString
GetErrorInfo
VariantInit

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

setupapi

SetupInstallFileA

rpcrt4

UuidCreate
RpcStringFreeW
UuidToStringW

Exports

Exports

?Dll_GetLogFileName@@YAHPADH@Z
?Dll_GetLogLevel@@YAKXZ
?Dll_GetLogTos@@YAKXZ
?Dll_SetLogOutput@@YAXKKPBD@Z

Sections

.text
Size: 728KB - Virtual size: 727KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.OutputL
Size: 4KB - Virtual size: 268B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7a18fbb943a57c11fe26875999612762

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

version

setupapi

rpcrt4

Exports

Exports

Sections

.text Size: 728KB - Virtual size: 727KB

.rdata Size: 120KB - Virtual size: 119KB

.data Size: 64KB - Virtual size: 93KB

.OutputL Size: 4KB - Virtual size: 268B

.rsrc Size: 52KB - Virtual size: 51KB

.text
Size: 728KB - Virtual size: 727KB

.rdata
Size: 120KB - Virtual size: 119KB

.data
Size: 64KB - Virtual size: 93KB

.OutputL
Size: 4KB - Virtual size: 268B

.rsrc
Size: 52KB - Virtual size: 51KB