a3dcd5760b08f7c302088107975afc716879d8b24a8c06d51d4dae1d6370afed

Sharing

Copy URL

Twitter E-mail

General

Target

a3dcd5760b08f7c302088107975afc716879d8b24a8c06d51d4dae1d6370afed
Size

597KB
MD5

17fa3181c6aec07b526e32620a4e49de
SHA1

2ea5a281aa5b42890e3aab0fc3e0bb115a4e8a88
SHA256

a3dcd5760b08f7c302088107975afc716879d8b24a8c06d51d4dae1d6370afed
SHA512

76f80f71dd5f2544ec111e1e3376029ae045242d970d34b46bb625716930e5374ff1f3cd7a169fc25b9d304db7e5b4b49b88bc31f3c53ee28dd2b7c483e8ab6c
SSDEEP

12288:ctqrhQAJEJRnhjCsLwldxJgfsRb/sYmgMnZc4uC786JR:cIrhHJePCsWXesRbkuI/

Score

1^/10

Malware Config

Signatures

Files

a3dcd5760b08f7c302088107975afc716879d8b24a8c06d51d4dae1d6370afed
.exe windows x86

522a1ad764b5d6fed9f92a25d0b58861

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathRenameExtensionA
PathStripToRootA
PathIsUNCA
PathFindFileNameA

pdh

PdhEnumObjectsA
PdhEnumObjectItemsA
PdhLookupPerfNameByIndexA
PdhOpenQueryA
PdhCollectQueryData
PdhGetFormattedCounterValue
PdhCloseQuery
PdhRemoveCounter
PdhMakeCounterPathA
PdhValidatePathA
PdhAddCounterA

kernel32

WriteFile
SetFileTime
GetCurrentDirectoryA
GetFileAttributesA
CreateDirectoryA
LocalFileTimeToFileTime
SystemTimeToFileTime
ReadFile
SetFilePointer
lstrlenA
lstrcpyA
GetSystemDefaultLCID
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetLocalTime
GetModuleFileNameA
OpenProcess
VirtualAllocEx
ReadProcessMemory
VirtualFreeEx
lstrcatA
WideCharToMultiByte
GetCurrentProcess
FindResourceA
LoadResource
LockResource
SizeofResource
DeleteFileA
SetLastError
GetProcAddress
GetModuleHandleA
LoadLibraryA
CreateFileA
UnmapViewOfFile
CloseHandle
FindFirstFileA
FindClose
GetLastError
GetTickCount64
GetFileInformationByHandle
InterlockedDecrement
FreeLibrary
MulDiv
MultiByteToWideChar
LocalFree
FormatMessageA
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalFree
FreeResource
GetVersionExA
lstrcmpW
CompareStringA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
GetCurrentProcessId
lstrcmpA
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetVolumeInformationA
GetFullPathNameA
GlobalFlags
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GetModuleHandleW
InterlockedIncrement
FileTimeToSystemTime
WaitForSingleObject
FileTimeToLocalFileTime
GetFileSizeEx
GetFileTime
GetLocaleInfoA
GetCPInfo
GetOEMCP
RtlUnwind
RaiseException
Sleep
ExitProcess
HeapFree
HeapAlloc
GetCommandLineA
GetStartupInfoA
VirtualAlloc
HeapReAlloc
SetStdHandle
GetFileType
HeapSize
ExitThread
CreateThread
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetACP
IsValidCodePage
GetConsoleCP
GetConsoleMode
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
HeapCreate
VirtualFree
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetTimeZoneInformation
LCMapStringA
LCMapStringW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetLocaleInfoW
GetProcessHeap
CompareStringW
SetEnvironmentVariableA
SleepEx
VerifyVersionInfoA
VerSetConditionMask
GetSystemDirectoryA
PeekNamedPipe
WaitForMultipleObjects
ExpandEnvironmentStringsA
GetDriveTypeA

user32

UpdateWindow
SetForegroundWindow
GetScrollPos
SetMenu
GetKeyState
MapWindowPoints
GetMessagePos
GetMessageTime
GetTopWindow
DispatchMessageA
GetLastActivePopup
GetForegroundWindow
RemovePropA
GetPropA
SetPropA
GetClassNameA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
GetCapture
WinHelpA
LoadIconA
RegisterWindowMessageA
CheckMenuItem
EnableMenuItem
ModifyMenuA
LoadBitmapA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CharUpperA
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
ClientToScreen
BeginPaint
EndPaint
GetSysColorBrush
LoadCursorA
TranslateMessage
GetMessageA
DestroyMenu
PostQuitMessage
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
ScreenToClient
DefWindowProcA
CallWindowProcA
GetMenu
IsIconic
GetWindowPlacement
GetSystemMetrics
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetNextDlgTabItem
EndDialog
GetWindowTextLengthA
GetWindowTextA
GetFocus
SetWindowPos
SetFocus
IsWindowEnabled
ShowWindow
MoveWindow
GetDlgCtrlID
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
GetDlgItem
GetWindow
GetMenuState
GetMenuItemID
GetSubMenu
UnhookWindowsHookEx
ReleaseDC
GetDC
IsWindow
OffsetRect
CopyRect
GetWindowRect
GetMonitorInfoA
SystemParametersInfoA
MonitorFromPoint
SendMessageA
GetWindowThreadProcessId
GetClientRect
SetTimer
KillTimer
ShowScrollBar
GetParent
EnableWindow
PeekMessageA
SetWindowLongA
GetWindowLongA
GetAsyncKeyState
MessageBeep
IsRectEmpty
PtInRect
FillRect
PostMessageA
InvalidateRgn
ValidateRect
GetSysColor
wsprintfA
GetMenuItemCount

gdi32

CreatePen
SetWindowExtEx
ScaleWindowExtEx
SaveDC
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
RestoreDC
SetBkMode
GetStockObject
SetMapMode
LineTo
MoveToEx
PtVisible
RectVisible
TextOutA
CreateSolidBrush
DeleteObject
CreateCompatibleBitmap
CreateRectRgn
CombineRgn
CreateCompatibleDC
Rectangle
BitBlt
GetTextExtentPoint32A
GetCurrentObject
GetClipBox
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
GetDeviceCaps
DeleteDC

advapi32

CryptAcquireContextA
CryptHashData
CryptDestroyHash
CryptGetHashParam
CryptDestroyKey
CryptEncrypt
CryptImportKey
RegQueryValueExA
CryptCreateHash
CryptGenRandom
CryptReleaseContext

shell32

ShellExecuteA

comctl32

ImageList_DrawEx

wldap32

ord22
ord211
ord143
ord60
ord50
ord26
ord30
ord200
ord32
ord35
ord79
ord33
ord301
ord27
ord41
ord46

ws2_32

htonl
ntohl
ioctlsocket
accept
recvfrom
sendto
getaddrinfo
freeaddrinfo
connect
socket
closesocket
getpeername
getsockopt
htons
bind
ntohs
WSACleanup
gethostname
WSAGetLastError
select
recv
send
WSAIoctl
setsockopt
getsockname
WSAStartup
WSASetLastError
listen
__WSAFDIsSet

crypt32

CertFreeCertificateContext

oleacc

LresultFromObject
CreateStdAccessibleObject

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

comdlg32

GetFileTitleA

oleaut32

VariantClear
VariantChangeType
VariantInit

Exports

Exports

GetSourceData
GetSourceDesc
GetSourcesNum
SetupSource

Sections

.text
Size: 455KB - Virtual size: 454KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

522a1ad764b5d6fed9f92a25d0b58861

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

pdh

kernel32

user32

gdi32

advapi32

shell32

comctl32

wldap32

ws2_32

crypt32

oleacc

winspool.drv

comdlg32

oleaut32

Exports

Exports

Sections

.text Size: 455KB - Virtual size: 454KB

.rdata Size: 96KB - Virtual size: 95KB

.data Size: 9KB - Virtual size: 24KB

.rsrc Size: 35KB - Virtual size: 35KB

.text
Size: 455KB - Virtual size: 454KB

.rdata
Size: 96KB - Virtual size: 95KB

.data
Size: 9KB - Virtual size: 24KB

.rsrc
Size: 35KB - Virtual size: 35KB