d5f738f9753a1e34c914e195a6cb2ffad16228909c88eec2adc8e581023600f2

Sharing

Copy URL

Twitter E-mail

General

Target

d5f738f9753a1e34c914e195a6cb2ffad16228909c88eec2adc8e581023600f2
Size

900KB
MD5

a2fbdd7b5c035944a5efa472b83736ef
SHA1

8c4daf6ad2058c75f7e4a3b1775757547074a3ea
SHA256

d5f738f9753a1e34c914e195a6cb2ffad16228909c88eec2adc8e581023600f2
SHA512

d50c0a13e1aa344c6af179efe6d1d2a7defec8f1abadafdd6683c780ada085ae3423119d00eabfdbab787be13221c1e46d24727d2d512ae0051087842172a67f
SSDEEP

12288:hx1vJfpzeLkTqhqeEmCJQOSafgHeGL7GOK:JfzIkTgqeEDQOffGod

Score

1^/10

Malware Config

Signatures

Files

d5f738f9753a1e34c914e195a6cb2ffad16228909c88eec2adc8e581023600f2
.exe windows x64

045715ac29c84a0e47dab339e337bc06

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

shell32

ord165
ShellAboutW
SHGetSpecialFolderPathW

shlwapi

ord225

gdiplus

GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipSetInterpolationMode
GdipSetSmoothingMode
GdipSetPageUnit
GdipDrawLineI
GdipDrawArcI
GdipFillRectangleI
GdipCloneImage
GdipCreateBitmapFromScan0
GdipDeletePen
GdipCreateFromHDC
GdipDrawImageRectI
GdipCreateBitmapFromHBITMAP
GdipCloneBitmapAreaI
GdipCreatePen1
GdipDisposeImage
GdipDeleteBrush
GdipAlloc
GdipFree
GdiplusShutdown
GdiplusStartup
GdipCreateHBITMAPFromBitmap
GdipCreateSolidFill

advapi32

RegEnumKeyExW
RegOpenKeyExW
RegEnumValueW
RegGetValueW
RegDeleteKeyW
RegQueryInfoKeyW
RegQueryValueExW
RegSetValueExW
EventUnregister
EventRegister
RegCloseKey
RegCreateKeyExW
EventWrite

oleaut32

SysStringLen
SysAllocStringByteLen
VariantClear
VariantInit
SysFreeString
SysAllocString

uxtheme

IsThemeActive

ole32

CoUninitialize
CoInitialize
CoCreateInstance

comctl32

ImageList_Destroy
ImageList_Create
ImageList_Add
ord413
ord410
ord380
ord392

ntdll

WinSqmAddToStreamEx
WinSqmAddToStream

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
OutputDebugStringA
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetStartupInfoW
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount
lstrlenA
GetModuleHandleW
SizeofResource
LockResource
LoadResource
GetModuleFileNameW
GetSystemTime
WaitForSingleObject
CreateEventW
CreateThread
ResetEvent
SetEvent
CloseHandle
GlobalSize
GlobalLock
GlobalUnlock
GlobalAlloc
lstrcmpW
MulDiv
GlobalFindAtomW
FindResourceW
GetLastError
MultiByteToWideChar
GetLocalTime
GetDateFormatW
GetLocaleInfoW
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrcmpiW
LoadLibraryW
GetProcAddress
GetLocaleInfoEx
FreeLibrary
LocalFree
LocalAlloc
LocalReAlloc
GetProfileStringW
lstrlenW
CompareStringW
RegisterApplicationRecoveryCallback
ApplicationRecoveryInProgress
Sleep
ApplicationRecoveryFinished
RegisterApplicationRestart
GetTempFileNameW
SystemTimeToFileTime
CompareFileTime
GetFileAttributesW
FileTimeToSystemTime
CreateFileW
DeleteFileW
LeaveCriticalSection
DeleteCriticalSection
SetLastError
GetModuleHandleExW
EnterCriticalSection
InitializeCriticalSection
RaiseException
GetProcessHeap
HeapSize
HeapFree
DelayLoadFailureHook
ResolveDelayLoadedAPI
HeapReAlloc
HeapAlloc
WideCharToMultiByte
FindResourceExW
HeapDestroy

user32

OpenClipboard
GetClipboardData
InvalidateRect
CloseClipboard
EmptyClipboard
SetClipboardData
PostQuitMessage
DefWindowProcW
LoadAcceleratorsW
InsertMenuItemW
RegisterClassExW
SetWindowPlacement
SetForegroundWindow
GetMessageW
TranslateAcceleratorW
GetMessageExtraInfo
TranslateMessage
DispatchMessageW
GetKeyState
IsDialogMessageW
GetClassNameW
GetDC
ReleaseDC
GetSystemMetrics
GetWindowLongW
EnumChildWindows
DrawTextW
SetPropW
SystemParametersInfoW
CheckRadioButton
UpdateWindow
SendDlgItemMessageW
IsDlgButtonChecked
MoveWindow
SetDlgItemInt
GetDlgItemInt
FillRect
GetNextDlgTabItem
MonitorFromWindow
GetMonitorInfoW
OffsetRect
EqualRect
MonitorFromRect
GetClassWord
EnumDesktopWindows
EnumDisplayMonitors
IntersectRect
CopyRect
CreateDialogParamW
GetFocus
CreatePopupMenu
TrackPopupMenu
IsClipboardFormatAvailable
CharNextA
IsWindowEnabled
PostMessageW
GetWindowTextW
GetWindowTextLengthW
EnableWindow
GetWindowLongPtrW
SetWindowLongPtrW
SetWindowLongW
SetClassLongW
SetWindowTextW
GetWindowPlacement
CheckMenuItem
GetSysColor
SetClassLongPtrW
GetClassLongPtrW
DrawMenuBar
SetMenuItemInfoW
AppendMenuW
LoadStringW
GetSubMenu
RemoveMenu
CheckMenuRadioItem
SetFocus
MapWindowPoints
EnableMenuItem
GetMenu
GetClientRect
ShowWindow
CreateWindowExW
DestroyWindow
DialogBoxParamW
EndDialog
SetWindowPos
GetDlgItem
GetWindowRect
SendMessageW
MessageBeep
LoadCursorW
SetCursor
LoadImageW
UnregisterClassA
GetProcessDefaultLayout
GetMenuState
GetParent

rpcrt4

RpcStringFreeW
UuidToStringW
UuidCreate

winmm

timeGetTime

gdi32

CreateDIBSection
GetStockObject
SetBkColor
SetBkMode
CreatePatternBrush
DeleteObject
DeleteDC
EqualRgn
CombineRgn
SetRectRgn
CreateRectRgnIndirect
CreateRectRgn
CreateCompatibleBitmap
GetRgnBox
LineTo
MoveToEx
ExtCreatePen
GetObjectW
GetTextExtentPoint32W
GetTextMetricsW
CreateSolidBrush
SetTextColor
GetDeviceCaps
CreateCompatibleDC
CreateFontIndirectW
SelectObject
GetTextExtentPointW

msvcrt

difftime
memmove
memset
__C_specific_handler
??0exception@@QEAA@AEBQEBDH@Z
_callnewh
_CxxThrowException
__CxxFrameHandler3
setlocale
__pctype_func
___lc_handle_func
___lc_codepage_func
memcpy
___mb_cur_max_func
_errno
__mb_cur_max
__crtGetStringTypeW
__crtLCMapStringW
__uncaught_exception
isspace
tolower
abort
isalnum
_XcptFilter
_amsg_exit
__getmainargs
__set_app_type
time
_cexit
_ismbblead
__setusermatherr
_initterm
_acmdln
_fmode
_commode
??1type_info@@UEAA@XZ
_lock
_unlock
__dllonexit
_onexit
?terminate@@YAXXZ
mbstowcs_s
exit
isdigit
isxdigit
toupper
_purecall
malloc
??0exception@@QEAA@XZ
memmove_s
??0exception@@QEAA@AEBQEBD@Z
??1exception@@UEAA@XZ
?what@exception@@UEBAPEBDXZ
memcpy_s
??0exception@@QEAA@AEBV0@@Z
free
isalpha
wcstoul
strcspn
memchr
_wcsrev
strchr
_strtoui64
_strtoi64
sprintf_s
_wtoi64
_i64tow_s
_wcsdup
localeconv
iswalpha
iswdigit
_wcslwr_s
_wcsnicmp
wcsncmp
_itow_s
calloc
wcschr
_wcsicmp
_itoa
_wtoi
_vsnwprintf
wcscat_s
wcscpy_s
_exit
wcstol
wcscmp

Sections

.text
Size: 473KB - Virtual size: 472KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 372KB - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

045715ac29c84a0e47dab339e337bc06

Headers

DLL Characteristics

File Characteristics

Imports

shell32

shlwapi

gdiplus

advapi32

oleaut32

uxtheme

ole32

comctl32

ntdll

kernel32

user32

rpcrt4

winmm

gdi32

msvcrt

Sections

.text Size: 473KB - Virtual size: 472KB

.data Size: 19KB - Virtual size: 19KB

.pdata Size: 20KB - Virtual size: 20KB

.idata Size: 12KB - Virtual size: 12KB

.rsrc Size: 372KB - Virtual size: 372KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 473KB - Virtual size: 472KB

.data
Size: 19KB - Virtual size: 19KB

.pdata
Size: 20KB - Virtual size: 20KB

.idata
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 372KB - Virtual size: 372KB

.reloc
Size: 1KB - Virtual size: 1KB