b31ab224c66295399e6ace1e0ae41cb57e570bf8b9f2d11953b7877e27378789

Sharing

Copy URL Twitter E-mail

General

Target

b31ab224c66295399e6ace1e0ae41cb57e570bf8b9f2d11953b7877e27378789
Size

2.1MB
MD5

2431b3013939cf02b414e420acc3f2bf
SHA1

35d228ad15d5c2bab11de45f5925cd4f2c3a1aff
SHA256

b31ab224c66295399e6ace1e0ae41cb57e570bf8b9f2d11953b7877e27378789
SHA512

17612c4011a01ebead612df251630c2d0e8dd85c37b16f84f909893787ec926371f09a5acf1aba0c21ed224d163b2105463589054057e855700c0cd9d39298c8
SSDEEP

49152:mdeeRNL+DmGvqB14e2KdNSyMg9Q48xX9D:KvGvqB6KayVerD

Score

1^/10

Malware Config

Signatures

Files

b31ab224c66295399e6ace1e0ae41cb57e570bf8b9f2d11953b7877e27378789
.exe windows x86

6e056e2befe47b018496a0a87b4e8d74

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

sentinelkeyw

SFNTQueryFeature
SFNTGetFeatureInfo
SFNTReadInteger
SFNTGetLicense
SFNTReleaseLicense

kernel32

LocalReAlloc
TlsGetValue
GetProcessVersion
GetCPInfo
GetOEMCP
GetCurrentDirectoryA
SetErrorMode
RtlUnwind
ExitProcess
HeapAlloc
GetTimeZoneInformation
HeapFree
ExitThread
GetStartupInfoA
GetCommandLineA
RaiseException
SetStdHandle
GetFileType
GetACP
HeapReAlloc
HeapSize
TlsSetValue
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GlobalReAlloc
TlsFree
GlobalHandle
DeleteCriticalSection
GetProfileStringA
TlsAlloc
LocalAlloc
SizeofResource
GlobalFlags
MulDiv
GetDiskFreeSpaceA
GetTempFileNameA
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileTime
GetFileSize
FileTimeToLocalFileTime
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
lstrcpynA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
DuplicateHandle
GlobalAlloc
GetCurrentThread
lstrcmpA
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedIncrement
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetModuleHandleA
GlobalLock
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
GetSystemTime
SetupComm
SetThreadPriority
EscapeCommFunction
InterlockedDecrement
GetTickCount
PulseEvent
SetNamedPipeHandleState
OpenProcess
GetExitCodeProcess
TerminateProcess
lstrcmpiA
TerminateThread
SetLastError
ReleaseMutex
WaitForSingleObject
ReadFile
WriteFile
GetOverlappedResult
FormatMessageA
LocalFree
WaitCommEvent
ClearCommError
CreateEventA
ResetEvent
InitializeCriticalSection
EnterCriticalSection
CreateFileA
SetCommTimeouts
SetCommMask
GetCommState
SetCommState
PurgeComm
LeaveCriticalSection
SetEvent
LoadLibraryA
GetProcAddress
FreeLibrary
DeleteFileA
RemoveDirectoryA
FileTimeToSystemTime
GetDefaultCommConfigA
FindFirstFileA
FindNextFileA
GetLastError
FindClose
lstrcatA
ResumeThread
GetFileAttributesA
GetModuleFileNameA
CreateToolhelp32Snapshot
Process32First
Process32Next
CreateDirectoryA
Sleep
CreateThread
CloseHandle
SuspendThread
GetVolumeInformationA
GetLocalTime
LCMapStringA

user32

PostThreadMessageA
SetParent
RegisterClipboardFormatA
SetCapture
LockWindowUpdate
GetDCEx
GetTabbedTextExtentA
MessageBeep
GetNextDlgGroupItem
CopyAcceleratorTableA
CharNextA
DestroyIcon
WindowFromPoint
GetMenuStringA
DeleteMenu
InsertMenuA
GetSysColorBrush
GetClassNameA
InflateRect
GetAsyncKeyState
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
FindWindowA
PtInRect
SetRect
DestroyCursor
MapDialogRect
SetWindowContextHelpId
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
GetDesktopWindow
ReleaseCapture
LoadAcceleratorsA
IsZoomed
SetRectEmpty
DestroyMenu
TranslateMessage
ValidateRect
GetCursorPos
SetCursor
ShowOwnedPopups
GetDC
ReleaseDC
LoadStringA
CharUpperA
PostQuitMessage
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
LoadIconA
SendDlgItemMessageA
MapWindowPoints
GetFocus
SetFocus
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
EnableWindow
KillTimer
SetTimer
SendMessageA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
IsWindowVisible
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DefWindowProcA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
InvalidateRect
SetMenu
LoadMenuA
UpdateWindow
GetParent
GetSysColor
GetWindowRect
FillRect
GetClientRect
LoadCursorA
SetClassLongA
MessageBoxA
PostMessageA
SetWindowPos
PeekMessageA
DispatchMessageA
GetMessageA
IsWindowEnabled
GetDlgItem
GetWindowLongA
DestroyWindow
CreateDialogIndirectParamA
GetSystemMetrics
IsWindow
SetActiveWindow
GetActiveWindow
EndDialog
GetNextDlgTabItem
GetWindowPlacement
IsIconic
SystemParametersInfoA
IntersectRect
OffsetRect
RegisterWindowMessageA
SetWindowLongA
GetWindow
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
TranslateAcceleratorA

gdi32

SetRectRgn
CombineRgn
CreateFontIndirectA
GetTextColor
GetBkColor
GetNearestColor
GetStretchBltMode
GetPolyFillMode
GetTextAlign
GetBkMode
GetROP2
GetTextFaceA
GetCharWidthA
GetMapMode
BitBlt
CreateCompatibleDC
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreatePatternBrush
CreateSolidBrush
GetWindowExtEx
GetViewportExtEx
GetCurrentPositionEx
SetTextAlign
LineTo
CreateRectRgn
DeleteObject
GetClipBox
SetTextColor
SetBkColor
GetObjectA
CreateBitmap
GetWindowOrgEx
PatBlt
MoveToEx
IntersectClipRect
ExcludeClipRect
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
LPtoDP
DeleteDC
CreateDCA
SetAbortProc
StartDocA
StartPage
EndPage
EndDoc
AbortDoc
GetViewportOrgEx
CreatePen
DPtoLP
Rectangle
GetStockObject
GetDeviceCaps
GetTextMetricsA
SelectObject
CreateRectRgnIndirect
GetTextExtentPointA
CreateDIBitmap
CreateFontA
GetTextExtentPoint32A

comdlg32

CommDlgExtendedError
GetSaveFileNameA
PrintDlgA
GetOpenFileNameA
GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegSetValueA
RegCloseKey
RegCreateKeyA
RegOpenKeyA
RegOpenKeyExA
RegSetValueExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegCreateKeyExA
RegDeleteValueA
SetFileSecurityA
GetFileSecurityA
RegQueryValueExA

shell32

ExtractIconA
DragQueryFileA
DragFinish
SHGetFileInfoA
ShellExecuteA
ExtractIconExA
SHGetPathFromIDListA
SHGetMalloc
SHBrowseForFolderA

comctl32

ImageList_ReplaceIcon
ord17
ImageList_Destroy
ImageList_Create
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA

oledlg

ord8

ole32

StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
CoGetClassObject
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
CLSIDFromString
OleFlushClipboard
OleIsCurrentClipboard
CLSIDFromProgID
CoCreateInstance
CoInitialize
OleRun

olepro32

ord253

oleaut32

GetErrorInfo
SysStringLen
VariantTimeToSystemTime
VariantClear
VariantCopy
VariantInit
SysFreeString
SysAllocString
VariantChangeType
SysAllocStringLen
SysAllocStringByteLen
VarDateFromStr

ws2_32

WSAStartup
WSACleanup
send
sendto
__WSAFDIsSet
select
recv
recvfrom
connect
socket
bind
getpeername
shutdown
closesocket
accept
gethostname
inet_addr
gethostbyname
ntohl
getservbyname
ntohs
htonl
htons

Sections

.text
Size: 912KB - Virtual size: 911KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e056e2befe47b018496a0a87b4e8d74

Headers

File Characteristics

Imports

sentinelkeyw

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

ws2_32

Sections

.text Size: 912KB - Virtual size: 911KB

.rdata Size: 140KB - Virtual size: 139KB

.data Size: 1.0MB - Virtual size: 1.0MB

.rsrc Size: 76KB - Virtual size: 75KB

.text
Size: 912KB - Virtual size: 911KB

.rdata
Size: 140KB - Virtual size: 139KB

.data
Size: 1.0MB - Virtual size: 1.0MB

.rsrc
Size: 76KB - Virtual size: 75KB