69d37d4a26fa7a5b41a573c865b4a006ccb34a2a685fd3fe5ed8555e4216379c

Sharing

Copy URL

Twitter E-mail

General

Target

69d37d4a26fa7a5b41a573c865b4a006ccb34a2a685fd3fe5ed8555e4216379c
Size

880KB
MD5

6ff24c402c7e7e2bf8207e516ddbceb7
SHA1

dc700809e8c868ea3227f3df3d9be4087b8eba25
SHA256

69d37d4a26fa7a5b41a573c865b4a006ccb34a2a685fd3fe5ed8555e4216379c
SHA512

0b12d4bc4a91de4bb440f8bd079e93b19155cca20210a6be3bbb097bbafb92e0a99cf2bbfeb086542ff0955692c5bc2a9fe6dc0bef78b14627fd1bbaba90c06b
SSDEEP

24576:t1agPHmnL10dauqlbyKc8KN7v1Jv4Wd2KcFtpvuMjDxMx/RWN28o77VGbm8nsqcJ:t1XPHmnK3qNyKc8aKKOvuMjDxMx/RWNc

Score

1^/10

Malware Config

Signatures

Files

69d37d4a26fa7a5b41a573c865b4a006ccb34a2a685fd3fe5ed8555e4216379c
.exe windows x86

6fa96dceaa3e9eccd7b60a1812a6bdf9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileTime
SetErrorMode
ExitProcess
RtlUnwind
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
HeapReAlloc
ExitThread
SetStdHandle
GetFileType
HeapSize
QueryPerformanceCounter
LCMapStringA
LCMapStringW
GetStringTypeA
SetHandleCount
GetStdHandle
GetTimeZoneInformation
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
GetOEMCP
GetCPInfo
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetFullPathNameA
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
LocalAlloc
FileTimeToLocalFileTime
InterlockedIncrement
FileTimeToSystemTime
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
CreateEventA
SuspendThread
SetEvent
GetCurrentThreadId
ResumeThread
SetThreadPriority
FreeResource
lstrcmpA
SetLastError
GlobalFree
MulDiv
lstrcpynA
InterlockedDecrement
WritePrivateProfileStringA
GetPrivateProfileStringA
TerminateThread
GetExitCodeThread
WaitForSingleObject
GlobalAlloc
GetLogicalDrives
GetCurrentProcessId
GlobalLock
GlobalUnlock
FindFirstFileA
FindNextFileA
FindClose
CompareStringW
CompareStringA
lstrlenW
lstrcmpiA
GetVersion
RaiseException
Module32First
Module32Next
GetCommandLineA
GetCurrentProcess
CreateMutexA
OpenProcess
TerminateProcess
GetVolumeInformationA
GetLastError
GetFileAttributesA
FormatMessageA
LocalFree
DeviceIoControl
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetWindowsDirectoryA
lstrcatA
WinExec
lstrcpyA
CreateFileA
WriteFile
GetModuleFileNameA
lstrlenA
MultiByteToWideChar
CreateToolhelp32Snapshot
Process32First
Thread32First
Thread32Next
Process32Next
DeleteFileA
CreateDirectoryA
GetTickCount
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
UnmapViewOfFile
CreateFileMappingA
OpenFileMappingA
MapViewOfFile
CreateThread
CloseHandle
Sleep
ReadProcessMemory
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
GetStringTypeW
InterlockedExchange

user32

GetSysColorBrush
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
PostQuitMessage
IsRectEmpty
FindWindowA
DestroyMenu
GetMenuItemInfoA
SetMenuItemBitmaps
ModifyMenuA
GetMenuCheckMarkDimensions
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
SetFocus
IsChild
GetWindowTextLengthA
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetClassInfoA
RegisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowPos
OffsetRect
SetRect
SystemParametersInfoA
GetWindowPlacement
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetKeyState
PeekMessageA
ValidateRect
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
PostMessageA
GetWindowRect
CopyAcceleratorTableA
TranslateAcceleratorA
SetMenu
BringWindowToTop
GetClientRect
GetParent
EnableWindow
PtInRect
GetCursorPos
SendMessageA
UpdateWindow
InvalidateRect
EndDialog
GetMenuState
ClientToScreen
EmptyClipboard
SetClipboardData
ShowWindow
GetClassNameA
WindowFromPoint
OpenClipboard
GetClipboardData
CloseClipboard
SetForegroundWindow
UnregisterClassA
GetMenu
IsWindowVisible
SetWindowRgn
IsIconic
GetSystemMenu
SetRectEmpty
InsertMenuItemA
PostThreadMessageA
RegisterClipboardFormatA
GetMenuItemID
GetMenuItemCount
EnableMenuItem
CheckMenuItem
AppendMenuA
CreatePopupMenu
DrawIcon
CharUpperA
EnumWindows
GetWindowLongA
GetNextDlgGroupItem
LoadAcceleratorsA
CharNextA
UnpackDDElParam
ReuseDDElParam
IntersectRect
FillRect
GetSubMenu
LoadMenuA
ScreenToClient
RedrawWindow
InflateRect
FrameRect
LoadIconA
DrawIconEx
GetSystemMetrics
LoadBitmapA
SetTimer
KillTimer
FlashWindow
GetForegroundWindow
wsprintfA
CopyRect
AdjustWindowRectEx
IsWindow
SetCursor
GetDC
ReleaseDC
SetCapture
ReleaseCapture
GetSysColor
LoadCursorA
CopyIcon
MessageBeep
SetWindowLongA
GetDesktopWindow
GetWindow
GetWindowTextA
GetWindowThreadProcessId
MessageBoxA
InvalidateRgn

gdi32

CreateEllipticRgn
LPtoDP
Ellipse
GetRgnBox
GetBkColor
GetMapMode
GetPixel
GetWindowExtEx
GetViewportExtEx
CreateRectRgnIndirect
CreateSolidBrush
CreatePatternBrush
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetTextColor
CreateFontA
MoveToEx
LineTo
GetClipBox
SetMapMode
SetBkMode
RestoreDC
SaveDC
GetDeviceCaps
RoundRect
CreateRoundRectRgn
CreateBitmap
StretchBlt
SetBkColor
SetTextColor
DeleteDC
GetObjectA
CreateFontIndirectA
CreatePen
GetTextExtentPoint32A
GetStockObject
SelectObject
DeleteObject
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap

msimg32

TransparentBlt
AlphaBlend

comdlg32

ChooseColorA
GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegEnumKeyA
RegQueryValueA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegFlushKey
RegCloseKey
RegOpenKeyA
RegDeleteKeyA

shell32

ShellExecuteA
Shell_NotifyIconA
SHGetSpecialFolderPathA
DragQueryFileA
DragFinish
ShellExecuteExA

comctl32

_TrackMouseEvent
ord17
ImageList_Destroy
ImageList_Draw
ImageList_GetImageInfo

shlwapi

PathFindExtensionW
PathFindExtensionA
PathStripToRootA
PathIsUNCA
PathFindFileNameA
UrlUnescapeA
PathFileExistsA

oledlg

ord8

ole32

OleFlushClipboard
CoRegisterMessageFilter
CoGetClassObject
OleIsCurrentClipboard
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromProgID
CoDisconnectObject
CLSIDFromString
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

VariantClear
SysFreeString
SysAllocString
SysAllocStringByteLen
SysStringLen
VariantInit
VariantCopy
VariantChangeType
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SysAllocStringLen
SafeArrayDestroy
SystemTimeToVariantTime
OleCreateFontIndirect
LoadTypeLi
GetErrorInfo

urlmon

URLDownloadToFileA

wininet

HttpOpenRequestA
InternetConnectA
HttpSendRequestA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
InternetGetLastResponseInfoA
InternetCloseHandle
HttpQueryInfoA
InternetQueryDataAvailable
InternetSetOptionExA
InternetCanonicalizeUrlA
InternetCrackUrlA
DeleteUrlCacheEntry

psapi

EnumProcessModules
EnumProcesses
GetModuleFileNameExA
GetProcessImageFileNameA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

iphlpapi

GetAdaptersInfo

gdiplus

GdipCloneImage
GdipAlloc
GdipFree
GdiplusShutdown
GdiplusStartup
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipSaveImageToFile
GdipDisposeImage

ws2_32

WSAStartup
gethostname
gethostbyname
listen
WSACleanup
closesocket
accept
recvfrom
ntohs
bind
sendto
socket
inet_addr
htons
connect
recv
send
select
WSAGetLastError
__WSAFDIsSet
shutdown
inet_ntoa

Sections

.text
Size: 680KB - Virtual size: 676KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6fa96dceaa3e9eccd7b60a1812a6bdf9

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

urlmon

wininet

psapi

version

iphlpapi

gdiplus

ws2_32

Sections

.text Size: 680KB - Virtual size: 676KB

.rdata Size: 112KB - Virtual size: 111KB

.data Size: 12KB - Virtual size: 94KB

.rsrc Size: 72KB - Virtual size: 71KB

.text
Size: 680KB - Virtual size: 676KB

.rdata
Size: 112KB - Virtual size: 111KB

.data
Size: 12KB - Virtual size: 94KB

.rsrc
Size: 72KB - Virtual size: 71KB