da9aa7a011fb30a8dc7219538b62f59b34176f282ff78f4a057a513003cce5ae

Sharing

Copy URL Twitter E-mail

General

Target

da9aa7a011fb30a8dc7219538b62f59b34176f282ff78f4a057a513003cce5ae
Size

3.4MB
MD5

465075f6ecccb34edbf14d664c7b3eee
SHA1

506bda057c6060093b933adbb9daa32da132ff4b
SHA256

da9aa7a011fb30a8dc7219538b62f59b34176f282ff78f4a057a513003cce5ae
SHA512

0e4fd094112ac58fce0d1cba5cc18c73d9c199e0390998cef798a66663aafb59ad29003194e5d30d2a02109f06068c8784d19dad380829dca6a0e070145397ea
SSDEEP

98304:nQuVSfGy7n6tHEJCkU+VSg8QhwwS5g/gxZS2pk:nQMuwHEfSMwwS5lfSd

Score

1^/10

Malware Config

Signatures

Files

da9aa7a011fb30a8dc7219538b62f59b34176f282ff78f4a057a513003cce5ae
.exe windows x86

8725b644b56ce695d816b6b7b3cebdb7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLogicalProcessorInformation
GetThreadPriority
SignalObjectAndWait
CreateTimerQueue
WriteConsoleW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsValidCodePage
FindNextFileW
FindFirstFileExW
GetTimeZoneInformation
EnumSystemLocalesW
IsValidLocale
ReadConsoleW
SetFilePointerEx
GetConsoleMode
UnregisterWait
GetStdHandle
GetCommandLineW
ChangeTimerQueueTimer
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
HeapQueryInformation
SetStdHandle
VirtualQuery
VirtualAlloc
GetSystemInfo
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
GetLocalTime
DosDateTimeToFileTime
GetFileType
InterlockedDecrement
InterlockedIncrement
ExitProcess
OutputDebugStringW
LCMapStringW
CompareStringW
QueryPerformanceFrequency
TryEnterCriticalSection
SwitchToThread
GetStringTypeW
CreateTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
GetCommandLineA
GetThreadTimes
VirtualFree
ReleaseSemaphore
InterlockedPopEntrySList
QueryDepthSList
UnregisterWaitEx
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
ResetEvent
RegisterWaitForSingleObject
GetUserDefaultLCID
GetTempFileNameA
SearchPathA
GetProfileIntA
GetTickCount
GetTempPathA
VerifyVersionInfoA
VerSetConditionMask
FindResourceExW
lstrcpyA
GetACP
GetCPInfo
GetOEMCP
VirtualProtect
GetUserDefaultUILanguage
GetLocaleInfoW
GetCurrentDirectoryA
GlobalFindAtomA
lstrcmpW
GetSystemDirectoryW
EncodePointer
GlobalDeleteAtom
GetVersionExA
GetCurrentThread
ResumeThread
SetThreadPriority
GetCurrentThreadId
GlobalFlags
GlobalAddAtomA
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
FileTimeToLocalFileTime
SystemTimeToFileTime
GlobalGetAtomNameA
lstrcmpA
GetCurrentProcessId
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
CompareStringA
GetVolumeInformationA
lstrcmpiA
GetCurrentProcess
DuplicateHandle
UnlockFile
WaitForSingleObject
SetEndOfFile
LockFile
GetFullPathNameA
FlushFileBuffers
FindFirstFileA
FindClose
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
LocalAlloc
LoadLibraryW
LoadLibraryExW
GetModuleHandleW
GetModuleFileNameW
FreeLibrary
LeaveCriticalSection
EnterCriticalSection
OutputDebugStringA
SetLastError
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
GetVersionExW
SetFilePointer
ReadFile
GetFileSize
CreateFileW
SetFileTime
SetFileAttributesW
CreateDirectoryW
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
InitializeCriticalSectionAndSpinCount
HeapFree
CreateEventA
SetEvent
GetProcAddress
GetWindowsDirectoryA
GetNativeSystemInfo
LoadLibraryA
CloseHandle
WriteFile
CreateFileA
CopyFileA
FreeResource
FindResourceA
GetModuleHandleA
CreateDirectoryA
DeleteFileA
FormatMessageA
GetLastError
CreateThread
GetModuleFileNameA
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
MultiByteToWideChar
Sleep
WritePrivateProfileStringA
CreateProcessA
GetConsoleCP

user32

IsRectEmpty
DrawFocusRect
WindowFromPoint
ReleaseCapture
SetCapture
GetNextDlgGroupItem
GetMenuDefaultItem
CreatePopupMenu
LoadImageW
TrackMouseEvent
MapDialogRect
GetAsyncKeyState
OffsetRect
SetRectEmpty
GetMenuItemInfoA
DestroyMenu
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
InvalidateRect
DeleteMenu
SetCursor
ShowOwnedPopups
SystemParametersInfoA
CopyImage
IntersectRect
InflateRect
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconW
LoadIconA
GetTopWindow
GetClassLongA
EqualRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
GetClientRect
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
ScrollWindow
RedrawWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
EndDeferWindowPos
KillTimer
SetTimer
MessageBoxA
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsChild
IsMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
LoadImageA
DrawIconEx
GetIconInfo
MessageBeep
EnableScrollBar
HideCaret
InvertRect
LoadCursorW
NotifyWinEvent
MapVirtualKeyA
GetKeyNameTextA
SetLayeredWindowAttributes
EnumDisplayMonitors
SetClassLongA
GetMenuStringA
GetGUIThreadInfo
SetWindowRgn
GetCaretPos
SetCaretPos
ShowCaret
GetCaretBlinkTime
CreateCaret
CharPrevA
wvsprintfA
RegisterClassExA
CharNextA
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuA
AppendMenuA
RemoveMenu
GetDesktopWindow
CharUpperA
GetSystemMetrics
UnhookWindowsHookEx
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
LoadCursorA
SendMessageA
EnableWindow
IsWindowEnabled
GetWindowLongA
GetParent
GetWindowThreadProcessId
GetLastActivePopup
GetWindowTextA
GetWindowTextLengthA
DestroyIcon
GetDlgCtrlID
GetFocus
SetWindowTextA
GetWindowRect
ClientToScreen
PtInRect
GetClassNameA
GetWindow
RealChildWindowFromPoint
GetMessageA
TranslateMessage
DispatchMessageA
PeekMessageA
IsWindowVisible
GetActiveWindow
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExA
CallNextHookEx
SetFocus
SetScrollPos
GetScrollPos
IsWindow
ShowWindow
MoveWindow
SetWindowPos
GetDlgItem
CheckDlgButton
SendDlgItemMessageA
SetWindowLongA
IsDialogMessageA
FrameRect
DrawIcon
UnionRect
UpdateLayeredWindow
MonitorFromPoint
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
InsertMenuItemA
UnpackDDElParam
ReuseDDElParam
GetComboBoxInfo
PostThreadMessageA
WaitMessage
GetKeyboardLayout
IsCharLowerA
MapVirtualKeyExA
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
CopyAcceleratorTableA
SetRect
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuA
RegisterClipboardFormatA
CharUpperBuffA
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
SubtractRect
SetParent
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateA
DrawEdge
DrawFrameControl
IsZoomed
LoadMenuW
GetSystemMenu
BringWindowToTop
SetCursorPos
InvalidateRgn
CopyIcon
CreateMenu
DrawTextA
DrawTextExA
GrayStringA
TabbedTextOutA
GetWindowDC
BeginPaint
EndPaint
ScreenToClient
FillRect
PostMessageA
PostQuitMessage
IsIconic
SetForegroundWindow
CheckMenuItem
DestroyCursor
GetWindowRgn

gdi32

IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextColor
SetTextAlign
GetObjectA
MoveToEx
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
CreateFontIndirectA
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
GetTextExtentPoint32A
GetTextMetricsA
GetPixel
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
GetViewportExtEx
GetBkColor
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
GetRgnBox
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceA
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
GetWindowExtEx
RealizePalette
GetStockObject
GdiFlush
GetCharABCWidthsA
CreatePenIndirect
CreateCompatibleDC
CreateBitmap
CopyMetaFileA
CreateDCA
GetDeviceCaps
DeleteObject
EnumFontFamiliesExA
OffsetWindowOrgEx
BitBlt

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueExA
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
CreateServiceA
CloseServiceHandle
OpenSCManagerA
StartServiceA
OpenServiceA

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
SHGetDesktopFolder
DragQueryFileA
DragFinish
SHAppBarMessage
SHGetMalloc
ShellExecuteA

ole32

IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
CoInitializeEx
CLSIDFromString
CoDisconnectObject
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoUninitialize
CoCreateInstance
CoInitialize
CLSIDFromProgID

oleaut32

SysAllocString
VariantInit
VarBstrFromDate
VariantChangeType
VariantCopy
VariantClear
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
LoadTypeLi
SysAllocStringByteLen
SysFreeString
SysAllocStringLen

shlwapi

PathFileExistsA
PathAddBackslashA
PathStripPathA
PathAddBackslashW
PathFileExistsW
UrlUnescapeA
PathIsUNCA
PathStripToRootA
PathFindExtensionA
PathFindFileNameA
PathRemoveFileSpecW
StrFormatKBSizeA

msimg32

TransparentBlt
AlphaBlend

uxtheme

GetThemePartSize
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
IsAppThemed
GetWindowTheme
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
CloseThemeData
OpenThemeData
DrawThemeParentBackground
DrawThemeText

wininet

HttpAddRequestHeadersA
HttpOpenRequestA
InternetSetStatusCallback
InternetGetLastResponseInfoA
InternetWriteFile
InternetSetFilePointer
InternetCanonicalizeUrlA
InternetCrackUrlA
InternetQueryDataAvailable
HttpQueryInfoA
HttpSendRequestA
InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle
InternetConnectA

ws2_32

htons
inet_addr
connect
select
closesocket
WSAStartup
ioctlsocket
socket
send
recv

gdiplus

GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipImageGetFrameDimensionsList
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipImageSelectActiveFrame
GdipImageGetFrameDimensionsCount
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipDeleteStringFormat
GdipCreateStringFormat
GdipCreateBitmapFromStream
GdipDrawString
GdipGetFamily
GdipDeleteFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipDeleteFontFamily
GdipDrawImage
GdipGraphicsClear
GdipSetTextRenderingHint
GdipSetPixelOffsetMode
GdipSetSmoothingMode
GdipSetCompositingQuality
GdipCreateLineBrushI
GdipDeleteBrush
GdipCloneBrush
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipImageGetFrameCount

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmSetCompositionFontA
ImmSetCompositionWindow
ImmGetContext

winmm

PlaySoundA

comctl32

ord17
_TrackMouseEvent

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 396KB - Virtual size: 395KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024KB - Virtual size: 41.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 159KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8725b644b56ce695d816b6b7b3cebdb7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

shlwapi

msimg32

uxtheme

wininet

ws2_32

gdiplus

oleacc

imm32

winmm

comctl32

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 396KB - Virtual size: 395KB

.data Size: 30KB - Virtual size: 58KB

.rsrc Size: 1024KB - Virtual size: 41.6MB

.reloc Size: 159KB - Virtual size: 158KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 396KB - Virtual size: 395KB

.data
Size: 30KB - Virtual size: 58KB

.rsrc
Size: 1024KB - Virtual size: 41.6MB

.reloc
Size: 159KB - Virtual size: 158KB