698b8678ea2456bc94271e9815b6038764c8eb8911ccc2537dee910a6f20ee87

Sharing

Copy URL Twitter E-mail

General

Target

698b8678ea2456bc94271e9815b6038764c8eb8911ccc2537dee910a6f20ee87
Size

777KB
MD5

5b1fb3a810ed00d24eaed542d574a61e
SHA1

82c7c6c3a04b404431eb4dbaf4e27e8cb8b11b4f
SHA256

698b8678ea2456bc94271e9815b6038764c8eb8911ccc2537dee910a6f20ee87
SHA512

fb2305f52df080dd3940ead5ae2659d9dc6276c2a6f4bcf9a0b6cbda4679cdc3e40e138d72e9e4e82c4e5924a2581f3ea6f4b1977e89eead6b16951bd32f38a3
SSDEEP

12288:Mr2iyi1WXftXex4goEwTbS1k8G/NkzUHmj8YBNvfuC7+g8whG438:Mr2iyi264gZwTbBJNkIclNvThI

Score

1^/10

Malware Config

Signatures

Files

698b8678ea2456bc94271e9815b6038764c8eb8911ccc2537dee910a6f20ee87
.exe windows x86

b1a7330dfc6e6a590c9987ac62564bc7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileInformationByHandle
GetDriveTypeA
WriteFile
SetFileTime
GetCurrentDirectoryA
GetFileAttributesA
CreateDirectoryA
LocalFileTimeToFileTime
lstrcpyA
lstrcatA
SystemTimeToFileTime
ReadFile
SetFilePointer
GetSystemInfo
CreateFileA
UnmapViewOfFile
CloseHandle
FindFirstFileA
MulDiv
LocalFree
FormatMessageA
GlobalUnlock
GlobalLock
GlobalAlloc
FindClose
GlobalFree
SetLastError
GetModuleFileNameA
GetCurrentProcessId
GetVersionExA
GetModuleHandleA
lstrcmpW
CompareStringA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
FreeResource
GetThreadLocale
FileTimeToSystemTime
lstrcmpA
InterlockedExchange
GetLocaleInfoA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThread
WaitForSingleObject
GetModuleHandleW
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GlobalFlags
GetCPInfo
GetOEMCP
WritePrivateProfileStringA
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
GetVolumeInformationA
GetFullPathNameA
GetTickCount
FileTimeToLocalFileTime
GetFileSizeEx
GetFileTime
RtlUnwind
HeapAlloc
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
ExitProcess
RaiseException
GetCommandLineA
VirtualProtect
VirtualAlloc
VirtualQuery
HeapReAlloc
ExitThread
CreateThread
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
VirtualFree
GetStdHandle
GetTimeZoneInformation
GetACP
IsValidCodePage
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
SleepEx
VerifyVersionInfoA
VerSetConditionMask
GetSystemDirectoryA
PeekNamedPipe
WaitForMultipleObjects
ExpandEnvironmentStringsA
Sleep
FreeLibrary
FreeConsole
LoadLibraryA
GetProcAddress
DeleteFileA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
lstrlenA
MultiByteToWideChar
GetLastError
InterlockedDecrement
GetProcessHeap
HeapFree
InterlockedIncrement

user32

IsDialogMessageA
SetWindowTextA
MoveWindow
ShowWindow
CharNextA
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamA
GetActiveWindow
GetDesktopWindow
PostQuitMessage
ValidateRect
GetCursorPos
TranslateMessage
GetMessageA
SetCursor
MapDialogRect
SetWindowContextHelpId
DestroyMenu
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
ClientToScreen
GetDC
ReleaseDC
GetWindowDC
BeginPaint
EndPaint
GetSysColorBrush
LoadCursorA
CopyAcceleratorTableA
IsRectEmpty
SetRect
InvalidateRect
InvalidateRgn
SetCapture
ReleaseCapture
CharUpperA
GetNextDlgGroupItem
RegisterWindowMessageA
RegisterClipboardFormatA
PostThreadMessageA
GetMenu
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetWindow
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
MessageBoxA
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
DefWindowProcA
EnableWindow
SendMessageA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
IsWindow
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
SetActiveWindow
DispatchMessageA
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
SetMenu
CallWindowProcA
UpdateWindow
PostMessageA
CreateWindowExA
GetClassInfoExA
SetWindowLongA
GetWindowLongA
IsWindowVisible
GetParent
EnumWindows
DrawIcon
AppendMenuA
GetSystemMenu
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
EqualRect
CopyRect
IsIconic
GetClientRect
LoadIconA
GetSystemMetrics
PtInRect
wsprintfA
GetDlgCtrlID
MessageBeep
SetForegroundWindow

shell32

ShellExecuteA

ole32

CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoTaskMemAlloc
CoTaskMemFree
CoInitialize
CLSIDFromString
CLSIDFromProgID
CoUninitialize
OleRun
OleInitialize
CoCreateInstance

oleaut32

SysFreeString
VariantClear
SysAllocString
VariantInit
SysStringByteLen
VariantChangeType
VariantTimeToSystemTime
SystemTimeToVariantTime
VarUdateFromDate
SysAllocStringByteLen
VariantCopy
SysStringLen
SysAllocStringLen
OleCreateFontIndirect
SafeArrayDestroy
GetErrorInfo

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA

oledlg

ord8

wldap32

ord143
ord60
ord50
ord22
ord211
ord26
ord30
ord46
ord41
ord27
ord301
ord33
ord79
ord35
ord32
ord200

ws2_32

ntohl
getaddrinfo
freeaddrinfo
connect
closesocket
getpeername
getsockopt
htons
bind
ntohs
getsockname
setsockopt
WSAIoctl
send
recv
select
WSAGetLastError
__WSAFDIsSet
WSASetLastError
WSAStartup
WSACleanup
htonl
sendto
recvfrom
accept
listen
ioctlsocket
gethostname
socket

crypt32

CertFreeCertificateContext

oleacc

LresultFromObject
CreateStdAccessibleObject

gdi32

SetMapMode
DeleteObject
RestoreDC
SaveDC
ExtTextOutA
GetTextColor
GetBkColor
GetStockObject
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
GetMapMode
GetRgnBox
CreateRectRgnIndirect
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
TextOutA
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

comdlg32

GetFileTitleA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegOpenKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptGetHashParam
CryptDestroyKey
CryptEncrypt
CryptImportKey

Sections

.text
Size: 529KB - Virtual size: 529KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b1a7330dfc6e6a590c9987ac62564bc7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

ole32

oleaut32

shlwapi

oledlg

wldap32

ws2_32

crypt32

oleacc

gdi32

winspool.drv

comdlg32

advapi32

Sections

.text Size: 529KB - Virtual size: 529KB

.rdata Size: 128KB - Virtual size: 128KB

.data Size: 12KB - Virtual size: 27KB

.rsrc Size: 50KB - Virtual size: 50KB

.reloc Size: 55KB - Virtual size: 54KB

.text
Size: 529KB - Virtual size: 529KB

.rdata
Size: 128KB - Virtual size: 128KB

.data
Size: 12KB - Virtual size: 27KB

.rsrc
Size: 50KB - Virtual size: 50KB

.reloc
Size: 55KB - Virtual size: 54KB