80fefa828fc143125f4affab91741918f6382d03f03fd6ec3c70f9fb2df05935

Sharing

Copy URL Twitter E-mail

General

Target

80fefa828fc143125f4affab91741918f6382d03f03fd6ec3c70f9fb2df05935
Size

3.5MB
MD5

aa1f7972911bd9feeb684adfdac83b47
SHA1

7d7a3fe9a7f969e89be2043f99902e57f1fbc067
SHA256

80fefa828fc143125f4affab91741918f6382d03f03fd6ec3c70f9fb2df05935
SHA512

e77e70b9c4659fa1b3a4a56f4ab186a27b8be8128ba9b1e3fb0da99b6cfb20722f43c822b2e07593d563292796b45e0ec6a4298d7ae01afae2d2d757f0f546b1
SSDEEP

49152:b0eGU7obrvj3w+3SR0/CWbbBLkW+slsJaS20t5rrET141tHFzRc1AEgGaGAAujyH:Ahz3w+O8bBLkW+ThETy1t5Rc1ZU7AuI

Score

1^/10

Malware Config

Signatures

Files

80fefa828fc143125f4affab91741918f6382d03f03fd6ec3c70f9fb2df05935
.exe windows x86

622d95406a6aaac6031d48e3b9c987f0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetCurrentThreadId
SetErrorMode
InterlockedIncrement
FindResourceExW
FindResourceW
SizeofResource
LoadResource
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetLastError
RaiseException
lstrcmpiW
LoadLibraryExW
GetModuleFileNameW
GetModuleHandleW
MultiByteToWideChar
WideCharToMultiByte
GetShortPathNameW
LoadLibraryW
DeleteFileW
CopyFileW
MoveFileW
GetCommandLineW
GetTickCount
OpenProcess
GetCurrentProcess
GetCurrentProcessId
TerminateProcess
GetExitCodeProcess
SetLastError
WaitForSingleObject
WriteFile
SetFilePointer
FindClose
MoveFileExW
FindNextFileW
GetProcessHeap
HeapSize
FindFirstFileW
GetFileAttributesW
SetFileAttributesW
CreateFileW
GetFullPathNameW
RemoveDirectoryW
GetTempFileNameW
lstrlenW
GetSystemWindowsDirectoryW
WriteConsoleW
FreeLibrary
SetStdHandle
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeZoneInformation
GetConsoleMode
GetConsoleCP
GetFileType
FreeLibraryAndExitThread
ExitThread
RtlUnwind
CreateFileA
lstrcmpiA
lstrcmpA
DeviceIoControl
DosDateTimeToFileTime
LocalFileTimeToFileTime
CreateDirectoryW
GetSystemDirectoryW
ReadConsoleW
InterlockedDecrement
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
LockResource
CloseHandle
OutputDebugStringA
GetModuleHandleExW
GetModuleHandleExA
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsDebuggerPresent
OutputDebugStringW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
GetStringTypeW
Sleep
GetNativeSystemInfo
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
InitializeCriticalSectionEx
TryEnterCriticalSection
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
SleepConditionVariableSRW
LocalFree
EncodePointer
LCMapStringEx
QueryPerformanceFrequency
GetCPInfo
ReleaseMutex
FormatMessageW
CreateMutexW
GetPrivateProfileIntW
WritePrivateProfileStringW
GetVersionExW
GetFileSizeEx
ReadFile
GetACP
FreeResource
ExitProcess
GlobalAlloc
GlobalLock
GlobalUnlock
GetFileSize
lstrcmpW
MulDiv
lstrcpynW
IsBadReadPtr
GlobalFree
SetEvent
ResetEvent
CreateEventW
GetVersion
InterlockedExchange
InterlockedCompareExchange
ResumeThread
GetLocalTime
SetEndOfFile
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
GetTempPathW
CreateThread
GetCurrentThread
CreateIoCompletionPort
GetQueuedCompletionStatus
PostQueuedCompletionStatus
WaitForMultipleObjects
GetStdHandle
FlushFileBuffers
SetFilePointerEx
SetFileTime
DuplicateHandle
DecodePointer

user32

ScreenToClient
MapWindowPoints
PtInRect
LoadIconW
SystemParametersInfoW
GetDC
ReleaseDC
GetIconInfo
MoveWindow
SetWindowPos
GetWindowRect
GetClientRect
SetForegroundWindow
wsprintfW
wvsprintfW
SetCursor
InflateRect
OffsetRect
LoadCursorW
GetMessageW
TranslateMessage
SwitchToThisWindow
SendMessageW
CreateWindowExW
IsChild
UpdateLayeredWindow
GetFocus
GetKeyState
SetCapture
ReleaseCapture
SetTimer
KillTimer
BeginPaint
EndPaint
GetUpdateRect
InvalidateRect
IsRectEmpty
GetWindowLongW
SetWindowLongW
GetParent
GetClassNameW
GetWindow
CallWindowProcW
RegisterClassW
RegisterClassExW
GetClassInfoExW
EnableWindow
GetMenu
SetPropW
GetPropW
AdjustWindowRectEx
CopyRect
IntersectRect
IsIconic
SetWindowRgn
MonitorFromWindow
GetMonitorInfoW
FindWindowExW
CharPrevW
DrawTextW
SetRect
DrawIconEx
CreateCaret
HideCaret
ShowCaret
SetCaretPos
GetCaretPos
ClientToScreen
GetSysColor
RemovePropW
GetWindowDC
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
CreateAcceleratorTableW
InvalidateRgn
FillRect
PeekMessageW
WaitMessage
CallMsgFilterW
GetQueueStatus
MsgWaitForMultipleObjectsEx
UpdateWindow
SetFocus
IsZoomed
IsWindowVisible
ShowWindow
IsWindow
PostQuitMessage
RegisterWindowMessageW
GetCursorPos
MessageBoxW
LoadImageW
DestroyIcon
PostMessageW
CharNextW
DestroyWindow
DefWindowProcW
UnregisterClassW
DispatchMessageW

gdi32

SetWindowOrgEx
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontIndirectW
CreatePen
DeleteDC
GetStockObject
GetTextExtentPoint32W
Rectangle
RestoreDC
SaveDC
SelectObject
GetTextMetricsW
SetDIBitsToDevice
DeleteObject
GetDIBits
GetObjectW
CreateDCW
CreateRoundRectRgn
CombineRgn
CreateRectRgnIndirect
GetCharABCWidthsW
GetClipBox
LineTo
RoundRect
SelectClipRgn
ExtSelectClipRgn
SetBkColor
SetBkMode
StretchBlt
SetStretchBltMode
SetTextColor
CreateDIBSection
MoveToEx
TextOutW
ExtTextOutW
GetDeviceCaps
CreateSolidBrush

advapi32

AdjustTokenPrivileges
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA
LookupPrivilegeValueW
OpenProcessToken
RegSetValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
RegCreateKeyW
RegQueryValueExW
GetTokenInformation

shell32

Shell_NotifyIconW
SHChangeNotify
ShellExecuteExW
ShellExecuteW
SHFileOperationW
ord165
SHGetSpecialFolderPathW
SHCreateDirectoryExW

ole32

CoCreateGuid
OleLockRunning
CLSIDFromProgID
CLSIDFromString
CoInitialize
CoUninitialize
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CreateStreamOnHGlobal

oleaut32

VarUI4FromStr
SysFreeString
SysAllocString
SysAllocStringLen
SafeArrayCreate
SafeArrayPutElement
VariantInit
VariantClear

shlwapi

StrCmpIW
StrCmpNIW
StrTrimA
PathFindFileNameW
SHGetValueA
PathAppendW
SHGetValueW
SHSetValueW
AssocQueryStringW
StrCpyW
PathFileExistsW
SHDeleteKeyW
PathRemoveFileSpecW
SHSetValueA
PathIsDirectoryW
StrStrIA
PathCombineW
StrStrIW

comctl32

_TrackMouseEvent
InitCommonControlsEx
ord17

gdiplus

GdipImageSelectActiveFrame
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipGraphicsClear
GdipDrawImageRectI
GdipCreatePath
GdipDeletePath
GdipClosePathFigure
GdipAddPathArcI
GdipCreateTexture
GdipSaveImageToFile
GdipGetImageGraphicsContext
GdipImageGetFrameCount
GdipCreateBitmapFromFile
GdipCreateBitmapFromScan0
GdipCreateHBITMAPFromBitmap
GdipCloneBitmapAreaI
GdipBitmapLockBits
GdipBitmapUnlockBits
GdiplusStartup
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipGetImageHeight
GdipGetImageWidth
GdipFillEllipseI
GdipSetSmoothingMode
GdipDeleteGraphics
GdipSetInterpolationMode
GdipFillPath
GdipDrawImagePointsI
GdipDrawImageRectRectI
GdipGetImageEncodersSize
GdipGetImageEncoders
ord1
GdipCreatePen1
GdipDeletePen
GdipDrawPath
GdipDrawEllipseI
GdipCreateFromHDC
GdipDisposeImage
GdipCloneImage
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdipFree
GdipAlloc
GdiplusShutdown
GdipCreateBitmapFromStream

psapi

EnumProcesses
EnumProcessModules
GetModuleFileNameExW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

wininet

InternetGetCookieExW
InternetSetCookieW
InternetGetConnectedState
InternetCrackUrlW

iphlpapi

GetAdaptersInfo

crypt32

CertGetNameStringW

wintrust

WinVerifyTrust
WTHelperProvDataFromStateData

winmm

timeBeginPeriod
timeEndPeriod
timeGetTime

msimg32

GradientFill
AlphaBlend

urlmon

URLDownloadToFileW
URLDownloadToCacheFileW

imm32

ImmReleaseContext
ImmSetCompositionWindow
ImmGetContext

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 264KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

622d95406a6aaac6031d48e3b9c987f0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

gdiplus

psapi

version

wininet

iphlpapi

crypt32

wintrust

winmm

msimg32

urlmon

imm32

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 264KB - Virtual size: 263KB

.data Size: 23KB - Virtual size: 37KB

.rsrc Size: 2.0MB - Virtual size: 2.0MB

.reloc Size: 63KB - Virtual size: 62KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 264KB - Virtual size: 263KB

.data
Size: 23KB - Virtual size: 37KB

.rsrc
Size: 2.0MB - Virtual size: 2.0MB

.reloc
Size: 63KB - Virtual size: 62KB