cf44ef540aed6fc3cad64e7bdfa5f75fe31b7ef76eebe0365261a4b852301deb

Sharing

Copy URL Twitter E-mail

General

Target

cf44ef540aed6fc3cad64e7bdfa5f75fe31b7ef76eebe0365261a4b852301deb
Size

888KB
MD5

1e608b151ea7d1985d580994c3030e68
SHA1

a53187ce83c4437df25ecd1bccba7b7c8a57b537
SHA256

cf44ef540aed6fc3cad64e7bdfa5f75fe31b7ef76eebe0365261a4b852301deb
SHA512

305513c69c2c2fde37c469b154e307fc14bc834a67e93db2772b34c28b14a264f8aae3cf9b15439d13da444309fadfa13d6f750026c7951adb3a2169d0c56f83
SSDEEP

12288:lWtrfcanNV7iHa5ZtHwBIC1nyZXsOra0W3zGoa/3zPvlg+7TWkxW:AtrfBzWU1gyZ8Ora0uumATzW

Score

1^/10

Malware Config

Signatures

Files

cf44ef540aed6fc3cad64e7bdfa5f75fe31b7ef76eebe0365261a4b852301deb
.exe windows x86

ce0ff6cfc7e0c8e1c006af3779d23945

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

utl

??1GPing@@QAE@XZ
?CheckConnection@GPing@@QAEHPADPAK@Z
??0GPing@@QAE@H@Z

kernel32

TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GetProcessVersion
GetCPInfo
GetOEMCP
SetErrorMode
WritePrivateProfileStringA
lstrlenW
GlobalSize
RtlUnwind
GetTimeZoneInformation
GetSystemTime
ExitThread
GetSystemTimeAsFileTime
ExitProcess
GetCommandLineA
RaiseException
HeapAlloc
HeapFree
GetACP
SetStdHandle
GetFileType
HeapReAlloc
HeapSize
FatalAppExitA
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetEnvironmentVariableA
HeapDestroy
HeapCreate
SetUnhandledExceptionFilter
IsBadWritePtr
GetStringTypeA
GetStringTypeW
GetDriveTypeA
GlobalHandle
IsBadCodePtr
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
SetConsoleCtrlHandler
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetLocaleInfoW
InitializeCriticalSection
DeleteCriticalSection
GetFileAttributesA
GetPrivateProfileStringA
GetLastError
CopyFileA
Sleep
SetEvent
LeaveCriticalSection
EnterCriticalSection
OutputDebugStringA
CreateDirectoryA
FreeLibrary
CloseHandle
WaitForSingleObject
CreateRemoteThread
GetProcAddress
LoadLibraryA
OpenProcess
DeleteFileA
GetDiskFreeSpaceA
GetDiskFreeSpaceExA
CreateEventA
GetPrivateProfileIntA
GetCurrentDirectoryA
CreateThread
GetTickCount
CreateMutexA
GetLocalTime
TerminateThread
GetExitCodeThread
WaitForMultipleObjectsEx
SetWaitableTimer
TlsAlloc
LocalAlloc
SizeofResource
GlobalFlags
MulDiv
SetThreadPriority
GlobalAlloc
lstrcmpA
GetCurrentThread
FileTimeToLocalFileTime
FileTimeToSystemTime
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileTime
GetFileSize
FindNextFileA
SetLastError
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
FindFirstFileA
FindClose
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
CreateFileA
FormatMessageA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
GetProfileStringA
lstrlenA
InterlockedDecrement
InterlockedIncrement
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GlobalLock
GlobalUnlock
CreateWaitableTimerA
GlobalFree
LockResource
FindResourceA
LoadResource
DuplicateHandle
VirtualFree
VirtualAlloc
GetVersionExA
QueryDosDeviceA
GetCurrentProcess
GetModuleHandleA
CreatePipe
GetStartupInfoA
ReadFile
CreateToolhelp32Snapshot
Process32First
GetLongPathNameA
Process32Next
SetFileAttributesA
RemoveDirectoryA
lstrcmpiA
lstrcpyA
GetCurrentProcessId
OpenEventA
OpenFileMappingA
CreateFileMappingA
MapViewOfFile
ResetEvent
UnmapViewOfFile
ResumeThread
SuspendThread
GetExitCodeProcess
TerminateProcess
CreateProcessA
GetModuleFileNameA
IsBadReadPtr

user32

InsertMenuA
WindowFromPoint
WaitMessage
ReleaseCapture
SetCapture
GetSysColorBrush
LoadCursorA
GetDialogBaseUnits
GetDesktopWindow
PtInRect
GetClassNameA
DestroyMenu
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GetDC
ReleaseDC
InflateRect
RegisterClipboardFormatA
LoadStringA
MapDialogRect
SetWindowContextHelpId
GetMessageA
TranslateMessage
ValidateRect
SetCursor
ShowOwnedPopups
PostQuitMessage
CharUpperA
OemToCharA
CharToOemA
wvsprintfA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
ShowWindow
SetWindowTextA
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
UpdateWindow
SendDlgItemMessageA
DeleteMenu
PeekMessageA
DispatchMessageA
GetFocus
SetFocus
LoadAcceleratorsA
ScreenToClient
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
GetTopWindow
IsChild
CopyAcceleratorTableA
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetMenuItemID
TrackPopupMenu
SetWindowPlacement
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode
GetWindowTextLengthA
GetMenuStringA
GetDlgCtrlID
GetKeyState
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
RemoveMenu
DestroyIcon
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
SetMenu
MapWindowPoints
GetWindow
SetWindowLongA
OffsetRect
IntersectRect
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
TranslateAcceleratorA
SetRectEmpty
MessageBeep
AdjustWindowRectEx
GetNextDlgGroupItem
GetParent
GetWindowLongA
IsWindowEnabled
GetWindowThreadProcessId
InvalidateRect
GrayStringA
DrawTextA
TabbedTextOutA
FillRect
SetRect
GetSysColor
PostThreadMessageA
LoadIconA
SetActiveWindow
KillTimer
SetTimer
IsWindowVisible
GetClientRect
GetWindowRect
IsIconic
GetSystemMenu
LoadMenuA
GetSubMenu
EnableMenuItem
CheckMenuItem
AppendMenuA
DrawIcon
EnumWindows
GetWindowTextA
GetDlgItem
SystemParametersInfoA
MoveWindow
GetCapture
CharNextA
SetWindowPos
GetCursorPos
SetForegroundWindow
GetSystemMetrics
FindWindowA
EnumChildWindows
MessageBoxA
IsWindow
SendMessageA
RegisterWindowMessageA
ExitWindowsEx
PostMessageA
EnableWindow
HideCaret
UnregisterClassA
SetScrollPos

gdi32

SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
MoveToEx
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetCurrentPositionEx
ArcTo
SetArcDirection
PolyDraw
SetStretchBltMode
SetColorAdjustment
PolyBezierTo
GetClipRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
GetViewportExtEx
GetWindowExtEx
CreatePen
ExtCreatePen
CreateHatchBrush
CreateDIBPatternBrushPt
GetTextExtentPoint32A
GetTextMetricsA
GetTextColor
GetBkColor
LPtoDP
CopyMetaFileA
CreateDCA
SetROP2
SetPolyFillMode
SetBkMode
SelectPalette
GetStockObject
RestoreDC
SaveDC
StartDocA
DeleteDC
DPtoLP
CreateRectRgnIndirect
CreateRectRgn
CombineRgn
SetRectRgn
PatBlt
CreatePatternBrush
DeleteObject
GetMapMode
GetDeviceCaps
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
Escape
ExtTextOutA
TextOutA
BitBlt
RectVisible
PtVisible
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
CreateFontIndirectA
GetTextExtentPointA
PolylineTo
CreateDIBitmap
CreateSolidBrush

comdlg32

GetOpenFileNameA
GetFileTitleA
GetSaveFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyA
RegSetValueExA
RegCreateKeyA
RegDeleteValueA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCreateKeyExA
RegOpenKeyExA
RegSetValueA
RegQueryValueA
RegDeleteKeyA
RegEnumKeyA

shell32

DragQueryFileA
DragAcceptFiles
Shell_NotifyIconA
ExtractIconA
SHGetFileInfoA
DragFinish

comctl32

ImageList_Create
ImageList_Destroy
ord14
ord13
ord17
ImageList_LoadImageA
ImageList_Merge
ImageList_Write
ImageList_Read

oledlg

ord8

ole32

CoDisconnectObject
OleRun
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
ReleaseStgMedium
CoRevokeClassObject
CoRegisterClassObject
CoRegisterMessageFilter
CoTaskMemAlloc
CoTaskMemFree
ReadClassStg
StringFromCLSID
StgOpenStorageOnILockBytes
CoGetClassObject
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CLSIDFromString
CLSIDFromProgID
CoUninitialize
CoInitialize
CoCreateInstance
CoTreatAsClass
CreateStreamOnHGlobal
OleDuplicateData
CreateBindCtx
SetConvertStg
WriteFmtUserTypeStg
WriteClassStg
OleRegGetUserType
StgCreateDocfileOnILockBytes
ReadFmtUserTypeStg
CreateILockBytesOnHGlobal

olepro32

ord253

oleaut32

LoadTypeLi
SysStringLen
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCopy
VarBstrFromDate
VarDateFromStr
VarBstrFromCy
VarCyFromStr
SysAllocStringByteLen
SafeArrayRedim
SysFreeString
SysAllocStringLen
VariantClear
VariantTimeToSystemTime
SysStringByteLen
VariantCopy
VariantChangeType
SysReAllocStringLen
SysAllocString
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate

flrpclib

?CloseMasterSelectThread@CFLRPCApi@@QAEXXZ
?Listen@CFLRPCApi@@QAE_NGPADP6AHH0I0AAIH@Z@Z
?CallBack@CFLRPCApi@@UAEHHPADI0AAIH@Z
??0CFLRPCApi@@QAE@PADH@Z
??1CFLRPCApi@@UAE@XZ
?OnTimer@CFLRPCApi@@UAEXXZ
?FormatDebugInfoClient@CFLRPCApi@@UAEHXZ
?FormatDebugInfoServer@CFLRPCApi@@UAEHXZ
?OnRefresh@CFLRPCApi@@UAEHXZ
?ReadConfigParameter@CFLRPCApi@@UAEXPAUGlobalData@@@Z
?OnStop@CFLRPCApi@@UAEHXZ

psapi

GetModuleFileNameExA
GetProcessMemoryInfo
EnumProcessModules

rpcserverdll

GetRTDBDownLoadState
SendEventInfo

Sections

.text
Size: 444KB - Virtual size: 443KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 312KB - Virtual size: 311KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ce0ff6cfc7e0c8e1c006af3779d23945

Headers

File Characteristics

Imports

utl

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

flrpclib

psapi

rpcserverdll

Sections

.text Size: 444KB - Virtual size: 443KB

.rdata Size: 84KB - Virtual size: 82KB

.data Size: 44KB - Virtual size: 60KB

.rsrc Size: 312KB - Virtual size: 311KB

.text
Size: 444KB - Virtual size: 443KB

.rdata
Size: 84KB - Virtual size: 82KB

.data
Size: 44KB - Virtual size: 60KB

.rsrc
Size: 312KB - Virtual size: 311KB