973248e5df5c28ceb488330f3808bab6f58323246e6242bc73894876f28a8269

Sharing

Copy URL Twitter E-mail

General

Target

973248e5df5c28ceb488330f3808bab6f58323246e6242bc73894876f28a8269
Size

1.2MB
MD5

e96593ac0b9f231630670992ca00d14b
SHA1

d7d17aac9a2aab2e3709223a3dbc8895bf7e44b9
SHA256

973248e5df5c28ceb488330f3808bab6f58323246e6242bc73894876f28a8269
SHA512

5749173540c8d500d722810cd7c549f80c75428af0f3899801dc9a5e7dff64427c81962bb78c760f0fb512c5ec834a8128737587625cd800704f223e881796c5
SSDEEP

24576:nG35J/mCpjwRgkoKZWF+ux1WIRZgQsXj88rA/:SxvOZWF+ux1WIRZdAzA/

Score

1^/10

Malware Config

Signatures

Files

973248e5df5c28ceb488330f3808bab6f58323246e6242bc73894876f28a8269
.exe windows x86

e2ffa83a8e8f6d78dc981506b6e0320f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmDisableIME

comctl32

_TrackMouseEvent
ord17

gdiplus

GdipAlloc
GdiplusStartup
GdipDeleteBrush
GdipCreateSolidFill
GdipFree
GdiplusShutdown
GdipCreateFromHDC
GdipDrawImageRectI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipCloneImage
GdipLoadImageFromStream
GdipFillRectangle
GdipDrawRectangle
GdipDrawLinesI
GdipSetPenDashStyle
GdipDeletePen
GdipCreatePen1
GdipFillPieI
GdipSetSmoothingMode
GdipDeleteGraphics

msimg32

AlphaBlend
GradientFill

kkviewerbase

?GetWidth@CxImage@@QBEIXZ
?GetHeight@CxImage@@QBEIXZ
?RotateLeft@CxImage@@QAE_NPAV1@@Z
?RotateRight@CxImage@@QAE_NPAV1@@Z
?GetTypeIdFromName@CxImage@@SAIPB_W@Z
?IsValid@CxImage@@QBE_NXZ
?Draw@CxImage@@QAEHPAUHDC__@@HHHHPAUtagRECT@@_N2@Z
??0CxImage@@QAE@PB_WI@Z

kernel32

GetStartupInfoW
WriteConsoleW
HeapSize
GetConsoleCP
FlushFileBuffers
WaitForSingleObject
CloseHandle
FindFirstFileW
FindNextFileW
FindClose
ResumeThread
DeleteFileW
CreateFileW
SetFilePointer
ReadFile
lstrcmpA
lstrlenA
SystemTimeToFileTime
lstrcpyA
GetCurrentDirectoryW
lstrlenW
lstrcatW
lstrcpyW
MultiByteToWideChar
LocalFileTimeToFileTime
WideCharToMultiByte
WriteFile
FindResourceA
SizeofResource
LoadResource
FreeResource
lstrcmpiW
GetModuleHandleW
GetModuleFileNameW
GlobalAlloc
GlobalSize
GlobalLock
GlobalUnlock
GlobalFree
GetFileSize
OutputDebugStringW
LocalAlloc
LocalReAlloc
LocalLock
LocalUnlock
LocalSize
LocalFree
HeapAlloc
HeapReAlloc
HeapFree
SetStdHandle
Sleep
GetTickCount
CreateThread
SetEvent
ResetEvent
CreateEventW
SetProcessWorkingSetSize
GetCurrentProcess
GetTempPathW
GetTempFileNameW
GetStdHandle
GetLocalTime
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
LoadLibraryExW
FreeLibrary
RaiseException
RtlUnwind
GetProcessHeap
IsDebuggerPresent
InitializeSListHead
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
GetLocaleInfoW
LCMapStringW
GetProcAddress
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SwitchToThread
InitializeCriticalSectionAndSpinCount
SetLastError
DecodePointer
EncodePointer
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetStringTypeW
GetLastError
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExW
ExitProcess
GetACP
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetFileType
SetFilePointerEx
GetConsoleMode

user32

SendMessageW
GetSubMenu
DestroyMenu
GetMenuStringW
IsMenu
EnableWindow
GetFocus
RedrawWindow
PtInRect
GetSysColor
GetSystemMetrics
GetKeyState
CharLowerBuffW
CharUpperBuffW
EmptyClipboard
GetClipboardData
SetClipboardData
CloseClipboard
OpenClipboard
SystemParametersInfoW
SetWindowRgn
IsZoomed
GetPropW
DrawTextW
EqualRect
IsRectEmpty
OffsetRect
LoadImageW
MapWindowPoints
ClientToScreen
GetActiveWindow
CopyRect
SetRectEmpty
GetClassNameW
GetParent
GetDesktopWindow
SetClassLongW
GetClassLongW
GetWindowLongW
DestroyCursor
GetIconInfo
SetFocus
SetCursor
LoadCursorW
BeginPaint
GetClientRect
FillRect
EndPaint
InvalidateRect
IntersectRect
ScreenToClient
SetCaretPos
ShowCaret
HideCaret
DestroyCaret
GetCaretBlinkTime
EndMenu
TrackPopupMenu
GetMenuItemCount
CreateCaret
GetCursorPos
RemovePropW
SetPropW
ReleaseDC
GetDC
KillTimer
SetTimer
ReleaseCapture
SetCapture
GetCapture
UpdateLayeredWindow
CallWindowProcW
GetWindowPlacement
UpdateWindow
GetWindowRect
wsprintfW
SetWindowLongW
DestroyWindow
SetWindowPos
IsWindow
DispatchMessageW
TranslateMessage
GetMessageW
SetRect
MoveWindow
ShowWindow
PostMessageW
CreateWindowExW
RegisterClassExW
LoadIconW
PostQuitMessage
DefWindowProcW
IsIconic

gdi32

CreateRectRgn
DeleteDC
SelectClipRgn
SelectObject
CreateDIBSection
GetObjectW
SetViewportOrgEx
EnumFontsW
GetClipBox
GetCurrentObject
GetStockObject
GetViewportOrgEx
SetBkColor
SetBkMode
CreateCompatibleDC
GetTextExtentPoint32W
CreateCompatibleBitmap
GetTextExtentPointW
GetTextMetricsW
TextOutW
CreateBitmap
CreatePatternBrush
PatBlt
CombineRgn
GetBkColor
GetBkMode
GetTextColor
SetRectRgn
CreateFontW
CreateRoundRectRgn
ExtCreateRegion
GetRegionData
BitBlt
DeleteObject
SetTextColor
CreateSolidBrush

comdlg32

GetOpenFileNameW

shell32

ShellExecuteW
CommandLineToArgvW

ole32

CoInitialize
CreateStreamOnHGlobal
CoCreateInstance
CLSIDFromProgID
StringFromGUID2

oleaut32

VariantChangeType
LoadTypeLi
SysFreeString
SysAllocString
DispGetIDsOfNames
VariantInit
GetErrorInfo
VariantClear

shlwapi

PathRemoveFileSpecW
StrStrIW
PathFileExistsW

Sections

.text
Size: 443KB - Virtual size: 443KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 597KB - Virtual size: 597KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e2ffa83a8e8f6d78dc981506b6e0320f

Headers

DLL Characteristics

File Characteristics

Imports

imm32

comctl32

gdiplus

msimg32

kkviewerbase

kernel32

user32

gdi32

comdlg32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 443KB - Virtual size: 443KB

.rdata Size: 118KB - Virtual size: 118KB

.data Size: 18KB - Virtual size: 22KB

.rsrc Size: 597KB - Virtual size: 597KB

.reloc Size: 28KB - Virtual size: 28KB

.text
Size: 443KB - Virtual size: 443KB

.rdata
Size: 118KB - Virtual size: 118KB

.data
Size: 18KB - Virtual size: 22KB

.rsrc
Size: 597KB - Virtual size: 597KB

.reloc
Size: 28KB - Virtual size: 28KB