052b937104d475a3a77c4c43f7b70b0d716b2136f15414125dcaf590be989a9b

Sharing

Copy URL Twitter E-mail

General

Target

052b937104d475a3a77c4c43f7b70b0d716b2136f15414125dcaf590be989a9b
Size

3.2MB
MD5

4bea7730cb1e815af024f543a7fcd0de
SHA1

ab373b0b3ab795f60556998e126645d4304a0cbb
SHA256

052b937104d475a3a77c4c43f7b70b0d716b2136f15414125dcaf590be989a9b
SHA512

bf42c2ffc7ba84dc0302b76e25ffefd2e35df3a72fb1035e9ecfa177a11702c99c01c71b71ee34b569f522b92bf57e4e6a7752dcccd705e654e0876e9623e286
SSDEEP

98304:I8eKTOHJ1bXdtaF4ddp9/joT003buJo3:I8MGF4/V03bu

Score

1^/10

Malware Config

Signatures

Files

052b937104d475a3a77c4c43f7b70b0d716b2136f15414125dcaf590be989a9b
.exe windows x86

3b2ed4aa8481647af48db3bf7b6253dd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalAlloc
LocalReAlloc
GlobalSize
MulDiv
CopyFileW
SetEvent
CreateEventW
SetThreadPriority
ResumeThread
lstrcmpA
GlobalGetAtomNameW
FileTimeToSystemTime
EncodePointer
GetSystemDirectoryW
FreeResource
LoadLibraryExW
GlobalFree
lstrcmpW
GlobalAddAtomW
GlobalFindAtomW
FindClose
FindFirstFileW
GetVolumeInformationW
DuplicateHandle
GetCurrentProcess
lstrcmpiW
CompareStringW
GetUserDefaultUILanguage
GlobalFlags
GetVersionExW
VirtualProtect
FileTimeToLocalFileTime
GetFileSizeEx
GetFileTime
SetFileTime
SystemTimeToTzSpecificLocalTime
lstrcpyW
GetCurrentDirectoryW
FindResourceExW
GetWindowsDirectoryW
VerSetConditionMask
VerifyVersionInfoW
GetTempFileNameW
GetProfileIntW
SearchPathW
ResetEvent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
InitializeSListHead
GetACP
ExitProcess
GetFileType
DosDateTimeToFileTime
CreateDirectoryW
InterlockedIncrement
InterlockedDecrement
ReleaseMutex
FindNextFileW
VirtualAlloc
OpenProcess
ReadProcessMemory
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
GetStdHandle
RtlUnwind
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
HeapQueryInformation
GetCommandLineA
GetCommandLineW
VirtualQuery
QueryPerformanceFrequency
SetStdHandle
FindFirstFileExW
GetDriveTypeW
PeekNamedPipe
GetStringTypeW
LCMapStringW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
IsValidCodePage
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
WriteConsoleW
GlobalUnlock
GlobalHandle
GlobalLock
GlobalReAlloc
GlobalAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
SetLastError
FindResourceW
SizeofResource
LockResource
LoadResource
GetExitCodeThread
TerminateThread
CreateThread
GetCurrentThreadId
TryEnterCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
AreFileApisANSI
ReadFile
HeapCreate
GetFullPathNameW
WriteFile
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
SetFilePointer
GetFullPathNameA
SetEndOfFile
UnlockFileEx
CreateMutexW
WaitForSingleObject
GetFileAttributesW
HeapValidate
MultiByteToWideChar
Sleep
GetTempPathA
FormatMessageW
GetDiskFreeSpaceA
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
CreateFileA
LoadLibraryA
WaitForSingleObjectEx
DeleteFileA
DeleteFileW
GetSystemInfo
LoadLibraryW
HeapCompact
UnlockFile
GetProcAddress
CreateFileMappingA
LocalFree
LockFileEx
GetFileSize
SystemTimeToFileTime
FreeLibrary
WideCharToMultiByte
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
QueryPerformanceCounter
GetTickCount
FlushFileBuffers
MoveFileExW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
UnmapViewOfFile
MapViewOfFile
OpenFileMappingW
CreateFileMappingW
GetLocalTime
GetCurrentProcessId
CloseHandle
GetTempPathW
CreateFileW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
GetLastError
RaiseException
GlobalDeleteAtom
DecodePointer

user32

IsCharLowerW
MapVirtualKeyExW
ToUnicodeEx
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
SetRect
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuW
RegisterClipboardFormatW
CharUpperBuffW
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
SubtractRect
CreateMenu
DestroyCursor
RegisterClassExW
CharNextW
CharPrevW
CreateCaret
ShowCaret
SetCaretPos
GetCaretPos
InvalidateRgn
AttachThreadInput
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
LoadIconW
GetWindow
GetTopWindow
GetClassNameW
GetClassLongW
SetWindowLongW
EqualRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
GetClientRect
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
EndPaint
BeginPaint
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
FrameRect
SetFocus
GetDlgCtrlID
GetDlgItem
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetKeyboardLayout
DefWindowProcW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
GetWindowTextLengthW
GetWindowTextW
GetSysColorBrush
GetSysColor
ReleaseDC
GetDC
GetSystemMetrics
CallNextHookEx
SetWindowsHookExW
ValidateRect
GetKeyState
GetActiveWindow
IsWindowVisible
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
GetLastActivePopup
GetWindowThreadProcessId
GetParent
GetWindowLongW
MessageBoxW
IsWindowEnabled
EnableWindow
UnhookWindowsHookEx
CopyIcon
SetCursorPos
BringWindowToTop
GetSystemMenu
IsZoomed
IsWindow
GetCursorPos
DrawFrameControl
DrawEdge
DrawStateW
EmptyClipboard
ScreenToClient
PtInRect
LoadCursorW
SendMessageW
PostQuitMessage
WaitMessage
PostThreadMessageW
GetComboBoxInfo
IntersectRect
ReuseDDElParam
UnpackDDElParam
MoveWindow
GetWindowRgn
InvalidateRect
SetClipboardData
CloseClipboard
OpenClipboard
SetParent
SetWindowRgn
SetClassLongW
EnumDisplayMonitors
SetLayeredWindowAttributes
LoadMenuW
GetKeyNameTextW
MapVirtualKeyW
GetMenuDefaultItem
CreatePopupMenu
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
MessageBeep
GetIconInfo
DrawIconEx
IsRectEmpty
DrawFocusRect
WindowFromPoint
ReleaseCapture
SetCapture
GetNextDlgGroupItem
KillTimer
SetTimer
DeleteMenu
ShowOwnedPopups
LoadImageW
TrackMouseEvent
MapDialogRect
GetAsyncKeyState
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
MonitorFromPoint
UpdateLayeredWindow
UnionRect
CallWindowProcW
DrawIcon
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
SetRectEmpty
SendDlgItemMessageA
CopyImage
InflateRect
GetMenuItemInfoW
FindWindowW
SetForegroundWindow
PostMessageW
keybd_event
SetWindowPos
ShowWindow
SystemParametersInfoW
OffsetRect
ClientToScreen
SetCursor
GetWindowRect
DestroyMenu
FillRect
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
RealChildWindowFromPoint
GetDesktopWindow
CharUpperW
DestroyIcon
IsDialogMessageW
SetWindowTextW
CheckDlgButton
GetCapture

gdi32

MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetWindowOrgEx
GetLayout
ScaleWindowExtEx
CreateFontIndirectW
GetTextExtentPoint32W
CombineRgn
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
GetTextMetricsW
EnumFontFamiliesExW
CreatePalette
GetNearestPaletteIndex
SetTextAlign
SetStretchBltMode
SetPolyFillMode
SetROP2
OffsetViewportOrgEx
SetLayout
SetMapMode
SetBkMode
CopyMetaFileW
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
CreateRectRgn
DeleteObject
PtInRegion
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteDC
CreateSolidBrush
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
BitBlt
GetObjectW
SetTextColor
SetBkColor
CreateBitmap
GetDeviceCaps
CreateDCW
ScaleViewportExtEx
GetObjectA
GetCharABCWidthsW
CreatePenIndirect
GetTextFaceW
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
SetPaletteEntries
ExtFloodFill
GetBoundsRect
FrameRgn
FillRgn
CreateDIBSection
StretchBlt
SetPixel
GetDIBits
RoundRect
OffsetRgn
GetRgnBox
Rectangle
LPtoDP
CreateRoundRectRgn
Polyline
Polygon
CreatePolygonRgn
GetTextColor
Ellipse
CreateEllipticRgn
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetDIBColorTable

ole32

OleUninitialize
OleInitialize
CoInitialize
CoUninitialize
CLSIDFromProgID
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoTaskMemFree
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
CoInitializeEx
CLSIDFromString
CoCreateInstance
CoDisconnectObject
ReleaseStgMedium
OleDuplicateData
CoTaskMemAlloc

msimg32

AlphaBlend
TransparentBlt

shlwapi

PathFileExistsW
PathIsUNCW
PathStripToRootW
PathFindExtensionW
PathRemoveFileSpecW
StrFormatKBSizeW
PathFindFileNameW

uxtheme

DrawThemeBackground
GetThemeColor
GetCurrentThemeName
GetWindowTheme
OpenThemeData
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor
GetThemePartSize
DrawThemeParentBackground
DrawThemeText
IsAppThemed
CloseThemeData

winmm

PlaySoundW

gdiplus

GdipDrawString
GdipCreateStringFormat
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipDrawImageI
GdipDeleteStringFormat
GdipDeleteFont
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipCloneBrush
GdipDeleteBrush
GdipCreateLineBrushI
GdipSetTextRenderingHint
GdipCreateFontFromDC
GdipBitmapUnlockBits
GdipCreateFontFromLogfontA
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipGetPropertyItemSize
GdipCreateBitmapFromHBITMAP
GdipGetPropertyItem
GdipDrawImageRectRectI
GdipDeleteGraphics

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus
ImmSetCompositionWindow

xdll

ZZ_RecgTuxg
ZZ_DeleteLib
ZZ_CreateLib

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

GetSecurityDescriptorDacl
RegCreateKeyExW
RegDeleteKeyW
RegOpenKeyExW
RegDeleteValueW
RegEnumKeyExW
RegSetValueExW
RegQueryValueExW
RevertToSelf
ImpersonateLoggedOnUser
OpenProcessToken
GetTokenInformation
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
LookupAccountSidW
DuplicateTokenEx
EqualSid
GetLengthSid
InitializeAcl
GetAclInformation
AddAce
GetAce
AddAccessAllowedAce
GetSecurityDescriptorControl
LookupAccountNameW
GetSecurityDescriptorSacl
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetNamedSecurityInfoW
RegCloseKey

shell32

SHGetSpecialFolderLocation
SHGetDesktopFolder
DragQueryFileW
DragFinish
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetSpecialFolderPathW
SHGetFolderPathW
ShellExecuteW
SHGetFileInfoW
SHAppBarMessage

oleaut32

VariantInit
VarBstrFromDate
SysAllocString
VariantCopy
VariantClear
LoadTypeLi
VariantChangeType
SysFreeString
SysAllocStringLen
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime

comctl32

_TrackMouseEvent
ord17

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 493KB - Virtual size: 492KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b2ed4aa8481647af48db3bf7b6253dd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

ole32

msimg32

shlwapi

uxtheme

winmm

gdiplus

imm32

xdll

oleacc

winspool.drv

advapi32

shell32

oleaut32

comctl32

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 493KB - Virtual size: 492KB

.data Size: 44KB - Virtual size: 80KB

.gfids Size: 104KB - Virtual size: 103KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 61KB - Virtual size: 61KB

.reloc Size: 160KB - Virtual size: 160KB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 493KB - Virtual size: 492KB

.data
Size: 44KB - Virtual size: 80KB

.gfids
Size: 104KB - Virtual size: 103KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 61KB - Virtual size: 61KB

.reloc
Size: 160KB - Virtual size: 160KB