aca86e525d6d7e7a4dc0f45665adde3393d9c8fa5f78d0f7fd64984207db00d8

Sharing

Copy URL

Twitter E-mail

General

Target

aca86e525d6d7e7a4dc0f45665adde3393d9c8fa5f78d0f7fd64984207db00d8
Size

2.6MB
MD5

55fe7b69c238fd822774bd44e3e4c677
SHA1

96860a8bcf2a97d2e50498527f58b1f28d8f4ad0
SHA256

aca86e525d6d7e7a4dc0f45665adde3393d9c8fa5f78d0f7fd64984207db00d8
SHA512

e3109e0f8be67d14962144ccf01fff07fe695997b50f96d65793216f3d377af319ea77da78c772212d98375ad9aa8907baf8eac343ccfd4eb2f4f2ca27d3544e
SSDEEP

49152:l3UngQyjLLvQq7ovXvhDTzA2cKHqCAbjvobtcX2uMUNMgVWi2F5seF5FFnJNo9rE:hUngQyjjIJW2

Score

1^/10

Malware Config

Signatures

Files

aca86e525d6d7e7a4dc0f45665adde3393d9c8fa5f78d0f7fd64984207db00d8
.exe windows x86

bf00435a95fe2a2a1b48687cae65585f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualAlloc
VirtualFree
DeleteCriticalSection
IsValidCodePage
GetOEMCP
FindClose
GetModuleFileNameA
GetStdHandle
GetCurrentThreadId
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoW
HeapReAlloc
HeapAlloc
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlUnwind
GetProcessHeap
HeapFree
HeapSize
LCMapStringW
LCMapStringA
GetModuleHandleA
LoadLibraryA
GetLocaleInfoA
GetStringTypeA
FindNextFileW
GetStringTypeW
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
DeviceIoControl
GetSystemDirectoryW
SetFileAttributesW
RemoveDirectoryW
CreateDirectoryW
TerminateProcess
GetTickCount
Sleep
DeleteFileW
GetFileSize
CreateFileMappingW
MapViewOfFile
GetModuleFileNameW
IsDebuggerPresent
RaiseException
FreeLibrary
ExitProcess
GetCurrentProcessId
SetStdHandle
FlushFileBuffers
CreateFileA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
lstrcmpiW
lstrcpynW
InterlockedIncrement
InterlockedDecrement
FreeResource
LocalFileTimeToFileTime
SystemTimeToFileTime
OutputDebugStringW
MulDiv
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetACP
GetWindowsDirectoryW
MoveFileExW
SetFilePointer
SetEndOfFile
GetCommandLineW
ReadFile
GetTempPathW
SetLastError
LoadLibraryW
CreateEventW
SetEvent
GetComputerNameW
ResetEvent
CreateProcessW
GlobalAlloc
GlobalLock
GlobalUnlock
GetDriveTypeW
GetLocalTime
FormatMessageW
LocalFree
WaitForSingleObject
CreateThread
FindResourceW
LoadResource
LockResource
FindFirstFileW
GetSystemTimeAsFileTime
SizeofResource
CreateFileW
GetLastError
WriteFile
IsBadWritePtr
GetLogicalDriveStringsW
lstrlenW
WideCharToMultiByte
lstrcpyW
GetModuleHandleW
GetProcAddress
GetNativeSystemInfo
GetCurrentProcess
CloseHandle
MultiByteToWideChar
IsBadReadPtr
GetCPInfo

user32

SetTimer
GetSystemMetrics
PostQuitMessage
GetWindowRect
KillTimer
PostMessageW
GetCursorPos
IsWindowVisible
FillRect
GetWindowRgn
UpdateLayeredWindow
MoveWindow
GetClientRect
SendMessageW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
SetForegroundWindow
ShowWindow
FindWindowW
MessageBoxW
DefWindowProcW
CreateWindowExW
SetWindowLongW
IsWindow
EnableWindow
GetMessageW
SetFocus
TranslateMessage
DispatchMessageW
LoadImageW
LoadCursorW
RegisterClassW
GetClassInfoExW
RegisterClassExW
GetWindowLongW
CallWindowProcW
SetPropW
GetPropW
AdjustWindowRectEx
GetParent
OffsetRect
InflateRect
UnionRect
SetCursor
CharNextW
ScreenToClient
GetKeyState
DestroyWindow
ReleaseDC
GetDC
GetActiveWindow
BeginPaint
GetWindowTextW
GetWindowTextLengthW
SetWindowTextW
SetWindowRgn
SetCapture
GetFocus
IsZoomed
InvalidateRect
GetSysColor
ReleaseCapture
PtInRect
MapWindowPoints
IntersectRect
IsRectEmpty
GetUpdateRect
DrawTextW
SetRect
CharPrevW
CreateCaret
ShowCaret
HideCaret
GetCaretPos
SetCaretPos
ClientToScreen
GetCaretBlinkTime
CreatePopupMenu
AppendMenuW
EnableMenuItem
TrackPopupMenu
DestroyMenu
IsWindowEnabled
EqualRect
InvalidateRgn
CreateAcceleratorTableW
GetGUIThreadInfo
wsprintfA
DrawTextA
MapVirtualKeyExW
GetWindow
GetKeyNameTextW
MonitorFromWindow
GetMonitorInfoW
IsIconic
SetWindowPos
GetMenu
EndPaint
GetKeyboardLayout

gdi32

GdiFlush
TextOutW
GetTextExtentPoint32W
GetCharABCWidthsW
SetBkColor
GetObjectA
RoundRect
LineTo
MoveToEx
CreatePenIndirect
SetStretchBltMode
StretchBlt
CombineRgn
ExtSelectClipRgn
CreateRectRgnIndirect
GetClipBox
SelectClipRgn
PtInRegion
CreateRectRgn
CreateDIBSection
CreateSolidBrush
CreatePatternBrush
SetTextColor
GetTextExtentPointA
CreateRoundRectRgn
PlayEnhMetaFile
CreateCompatibleBitmap
GetDeviceCaps
GetEnhMetaFileHeader
CreateDIBitmap
AddFontMemResourceEx
GetTextMetricsW
CloseEnhMetaFile
CreateEnhMetaFileW
SetWindowOrgEx
Rectangle
RestoreDC
BitBlt
SaveDC
SelectObject
CreateCompatibleDC
DeleteDC
RemoveFontMemResourceEx
DeleteObject
CreatePen
CreateFontIndirectW
GetStockObject
GetObjectW
GetBitmapBits
SetBitmapBits
SetBkMode

winspool.drv

ConnectToPrinterDlg

comdlg32

GetSaveFileNameW

advapi32

GetSecurityDescriptorDacl
GetAce
LookupAccountSidW
RegOpenKeyExW
RegEnumKeyExW
RegQueryValueExW
RegCloseKey
ControlService
StartServiceW
OpenSCManagerW
OpenServiceW
CloseServiceHandle
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
AddAce
InitializeAcl
SetNamedSecurityInfoW
SetSecurityDescriptorDacl
AddAccessDeniedAceEx
AddAccessAllowedAceEx
EqualSid
GetLengthSid
GetAclInformation
InitializeSecurityDescriptor
LookupAccountNameW
DeleteAce
ChangeServiceConfigW
QueryServiceConfigW
QueryServiceStatus
RegSetValueExW
RegDeleteKeyW
LogonUserW
IsValidSid
CopySid
GetNamedSecurityInfoW
SetEntriesInAclW
BuildExplicitAccessWithNameW
RegDeleteValueW
RegCreateKeyExW
IsValidSecurityDescriptor

shell32

ShellExecuteW
SHGetPathFromIDListW
SHBrowseForFolderW
DragQueryFileW

ole32

CLSIDFromProgID
OleLockRunning
CreateStreamOnHGlobal
ReleaseStgMedium
RegisterDragDrop
DoDragDrop
OleDuplicateData
CLSIDFromString
StringFromCLSID
CoTaskMemFree
CoCreateInstance

oleaut32

VariantClear
VariantInit
SysAllocString
SysFreeString

imagehlp

ImageNtHeader
CheckSumMappedFile
MapFileAndCheckSumW

comctl32

ord17
InitCommonControlsEx
_TrackMouseEvent

gdiplus

GdipRotateWorldTransform
GdipTranslateWorldTransform
GdipImageSelectActiveFrame
GdipDrawImageRectI
GdipGetImageHeight
GdipGetImageWidth
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipDrawString
GdipMeasureString
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipSetStringFormatTrimming
GdipDeleteStringFormat
GdipStringFormatGetGenericTypographic
GdipCloneStringFormat
GdipSetInterpolationMode
GdipSetSmoothingMode
GdipSetTextRenderingHint
GdipDeleteFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipDrawRectangleI
GdipSetPenMode
GdipDeletePen
GdipCreatePen1
GdipFillRectangleI
GdipDeleteBrush
GdipCreateSolidFill
GdipDeleteGraphics
GdipCreateFromHDC
GdipDisposeImage
GdipCloneImage
GdipAlloc
GdipFree
GdipLoadImageFromStream
GdiplusShutdown
GdiplusStartup

imm32

ImmSetCompositionWindow
ImmReleaseContext
ImmGetContext

iphlpapi

IcmpSendEcho
IcmpCreateFile
CreateIpNetEntry
DeleteIpNetEntry
SendARP
GetPerAdapterInfo
GetAdaptersAddresses
GetAdaptersInfo
IcmpCloseHandle

netapi32

NetLocalGroupAddMembers
NetUserSetInfo
NetApiBufferFree
NetUserAdd
NetShareDel
NetShareSetInfo
NetShareAdd
NetGetJoinInformation
NetSessionDel
NetSessionEnum
NetConnectionEnum
NetShareGetInfo
NetShareEnum
NetUserEnum
NetUserDel
NetUserGetInfo

mpr

WNetConnectionDialog
WNetEnumResourceW
WNetOpenEnumW
WNetCancelConnection2W
WNetAddConnection2W
WNetCloseEnum
WNetDisconnectDialog

ws2_32

ntohl
WSAStartup
connect
ioctlsocket
recv
send
gethostname
gethostbyname
select
inet_addr
WSAAsyncSelect
WSACleanup
recvfrom
WSAGetLastError
socket
setsockopt
htons
htonl
sendto
closesocket
inet_ntoa
ntohs

shlwapi

PathFileExistsW
PathIsNetworkPathW

wininet

InternetOpenUrlW
HttpQueryInfoW
InternetReadFile
InternetOpenW
InternetCloseHandle

Sections

.text
Size: 630KB - Virtual size: 630KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 171KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf00435a95fe2a2a1b48687cae65585f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

imagehlp

comctl32

gdiplus

imm32

iphlpapi

netapi32

mpr

ws2_32

shlwapi

wininet

Sections

.text Size: 630KB - Virtual size: 630KB

.rdata Size: 171KB - Virtual size: 170KB

.data Size: 15KB - Virtual size: 290KB

.rsrc Size: 1.8MB - Virtual size: 1.8MB

.reloc Size: 53KB - Virtual size: 52KB

.text
Size: 630KB - Virtual size: 630KB

.rdata
Size: 171KB - Virtual size: 170KB

.data
Size: 15KB - Virtual size: 290KB

.rsrc
Size: 1.8MB - Virtual size: 1.8MB

.reloc
Size: 53KB - Virtual size: 52KB