13e42492c32c32c50147588b79383a536f5ed99926b29cefd576bf4a714617ca

Sharing

Copy URL Twitter E-mail

General

Target

13e42492c32c32c50147588b79383a536f5ed99926b29cefd576bf4a714617ca
Size

1.6MB
MD5

781fc6aea6d5f09a5b1ca73f363d406b
SHA1

064a6ea013d1e9c36373b61bfb1ca61660f9995c
SHA256

13e42492c32c32c50147588b79383a536f5ed99926b29cefd576bf4a714617ca
SHA512

e3dfaba2c81e7ea47a6ab94f6e8bef16ad7e4ddd939fa4d16b27b29419b6870ebbc0b747d9cf892dbbf17c5f79f0412415b8d15f9514a95c39c25cc3e77f2665
SSDEEP

24576:bFzMbhZm/yMc+3D3NFkwjvP3bSz4AWUJfKNLibhn+34tbqi4RUwKuxHY:+bhk/yMc+3LPN7Sz4jdIV+cm6ux4

Score

1^/10

Malware Config

Signatures

Files

13e42492c32c32c50147588b79383a536f5ed99926b29cefd576bf4a714617ca
.exe windows x86

1b376f54899f3d8cea8bca73adb90799

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipAddPathArcI
GdipAddPathEllipseI
GdipAddPathRectangleI
GdipAddPathCurveI
GdipAddPathBezierI
GdipAddPathLine2I
GdipAddPathLineI
GdipClosePathFigure
GdipStartPathFigure
GdipGetPathFillMode
GdipSetPathFillMode
GdipResetPath
GdipClonePath
GdipCreatePath
GdipCreateTexture
GdipGetPathWorldBoundsI
GdipIsVisiblePathPointI
GdipIsOutlineVisiblePathPointI
GdipTransformPath
GdipAddPathPieI
GdipFillRectangle
GdipDrawLineI
GdipDrawBezierI
GdipDrawRectangleI
GdiplusStartup
GdipDrawPath
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipDeleteFont
GdipCloneStringFormat
GdipCreateBitmapFromHBITMAP
GdipCreateSolidFill
GdipGetPenDashStyle
GdipDeleteStringFormat
GdipSetStringFormatTrimming
GdipSetStringFormatFlags
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipDrawString
GdipDeletePath
GdipAddPathPolygonI
GdipDrawEllipseI
GdipFillEllipseI
GdipFillPath
GdipSetPenDashStyle
GdipGetPenLineJoin
GdipSetPenLineJoin
GdipGetPenDashCap197819
GdipGetPenEndCap
GdipGetPenStartCap
GdipSetPenDashCap197819
GdipSetPenEndCap
GdipSetPenStartCap
GdipSetPenColor
GdipGetPenWidth
GdipSetPenWidth
GdipClonePen
GdipLoadImageFromFile
GdipMeasureString
GdipImageRotateFlip
GdipDrawImageRect
GdipSetWorldTransform
GdipRotateMatrix
GdipTranslateMatrix
GdipCreatePen2
GdipSetLineBlend
GdipCloneBrush
GdipDeleteBrush
GdipCreateLineBrushFromRect
GdipDrawArc
GdipDeletePen
GdipCreatePen1
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipStringFormatGetGenericTypographic
GdipScaleMatrix
GdipCreateBitmapFromFile
GdipDeleteMatrix
GdipCreateMatrix
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCreateHBITMAPFromBitmap
GdipImageSelectActiveFrame
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipCreateBitmapFromStream
GdipDisposeImage
GdipCloneImage
GdipAlloc
GdipFree
GdiplusShutdown

shlwapi

PathAppendW
PathFileExistsW
PathIsRelativeW

winmm

timeKillEvent
timeSetEvent
timeGetTime

comctl32

ord17
_TrackMouseEvent

imm32

ImmGetContext
ImmReleaseContext
ImmSetCompositionWindow

msimg32

AlphaBlend

kernel32

CreateThread
LoadLibraryExW
SetLastError
RtlUnwind
InitializeSListHead
GetStartupInfoW
ExitThread
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
IsDebuggerPresent
GetCPInfo
GetStringTypeW
EncodePointer
FreeLibraryAndExitThread
GetStdHandle
GetFileType
LCMapStringW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
GetFileSizeEx
SetFilePointerEx
ReadConsoleW
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
SetEndOfFile
WriteConsoleW
VirtualQuery
IsProcessorFeaturePresent
Process32NextW
SizeofResource
HeapFree
EnterCriticalSection
WriteFile
LeaveCriticalSection
InitializeCriticalSectionEx
CreateFileW
FreeResource
HeapSize
MultiByteToWideChar
GetLastError
OutputDebugStringW
LockResource
HeapReAlloc
CloseHandle
RaiseException
LoadResource
FindResourceW
HeapAlloc
GetLocalTime
DecodePointer
DeleteCriticalSection
ExitProcess
GetProcessHeap
GetModuleHandleW
WideCharToMultiByte
SetThreadPriority
WaitForSingleObject
GetCurrentThreadId
Sleep
TerminateThread
TlsSetValue
TlsAlloc
TlsGetValue
TlsFree
CreateEventW
SetEvent
ResetEvent
InitializeCriticalSectionAndSpinCount
GetQueuedCompletionStatus
PostQueuedCompletionStatus
CreateIoCompletionPort
LocalFileTimeToFileTime
QueryPerformanceFrequency
SystemTimeToFileTime
GetSystemTimeAsFileTime
QueryPerformanceCounter
VerifyVersionInfoW
VerSetConditionMask
GetTickCount
GlobalFree
GetCurrentDirectoryW
GlobalAlloc
GlobalLock
GlobalUnlock
GetProcAddress
GetModuleHandleA
GetCurrentProcessId
MulDiv
GlobalSize
GetFileAttributesW
LoadLibraryW
SetFilePointer
ReadFile
CreateDirectoryW
GetFileSize
GetEnvironmentVariableW
FindClose
FindFirstFileW
FindNextFileW
GetDriveTypeW
GetCurrentProcess
TerminateProcess
GetModuleFileNameW
GetModuleHandleExW
LocalFree
CreateToolhelp32Snapshot
Process32FirstW
FreeLibrary

user32

CreateWindowExW
DestroyWindow
PostMessageW
DefWindowProcW
ReleaseDC
LoadCursorW
RegisterClassW
GetClassInfoExW
SetWindowLongW
IsWindow
GetWindowLongW
GetWindow
EnableWindow
SetFocus
ShowWindow
GetWindowRect
GetMonitorInfoW
MonitorFromWindow
IsIconic
SetWindowPos
GetSystemMetrics
SendMessageW
CallWindowProcW
SetPropW
GetPropW
GetDC
SetWindowTextW
InvalidateRect
ScreenToClient
GetKeyState
GetCursorPos
GetFocus
SetCapture
ReleaseCapture
BeginPaint
EndPaint
MoveWindow
GetUpdateRect
GetClientRect
WaitMessage
IntersectRect
UpdateLayeredWindow
PtInRect
IsZoomed
MonitorFromPoint
OffsetRect
SetWindowRgn
IsWindowVisible
SetForegroundWindow
UnionRect
SetCursor
CharNextW
ClientToScreen
GetSysColor
GetAsyncKeyState
OpenClipboard
IsClipboardFormatAvailable
GetClipboardData
CloseClipboard
EmptyClipboard
SetClipboardData
FindWindowW
GetDesktopWindow
MapWindowPoints
GetParent
UnregisterClassW
RegisterClassExW
MessageBoxW
PostQuitMessage
KillTimer
TranslateMessage
GetQueueStatus
CallMsgFilterW
MsgWaitForMultipleObjectsEx
PeekMessageW
DispatchMessageW
SetTimer
IsRectEmpty

gdi32

SetWindowOrgEx
SetStretchBltMode
GetObjectA
CreateRectRgnIndirect
ExtSelectClipRgn
StretchBlt
GetWindowOrgEx
GetDeviceCaps
CreateRoundRectRgn
BitBlt
SelectObject
DeleteObject
CreateCompatibleDC
CreateFontIndirectW
CreateDIBSection
SaveDC
GetStockObject
GetObjectW
RestoreDC
DeleteDC

advapi32

RegSetValueExW
RegCreateKeyExW
RegCloseKey

shell32

SHGetSpecialFolderPathW
ShellExecuteW

ole32

CoCreateInstance
CreateStreamOnHGlobal

oleaut32

VariantClear

Sections

.text
Size: 440KB - Virtual size: 439KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024KB - Virtual size: 47.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

rimwq
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1b376f54899f3d8cea8bca73adb90799

Headers

DLL Characteristics

File Characteristics

Imports

gdiplus

shlwapi

winmm

comctl32

imm32

msimg32

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 440KB - Virtual size: 439KB

.rdata Size: 107KB - Virtual size: 106KB

.data Size: 13KB - Virtual size: 17KB

.rsrc Size: 1024KB - Virtual size: 47.8MB

.reloc Size: 25KB - Virtual size: 24KB

rimwq Size: 4KB - Virtual size: 4KB

.text
Size: 440KB - Virtual size: 439KB

.rdata
Size: 107KB - Virtual size: 106KB

.data
Size: 13KB - Virtual size: 17KB

.rsrc
Size: 1024KB - Virtual size: 47.8MB

.reloc
Size: 25KB - Virtual size: 24KB

rimwq
Size: 4KB - Virtual size: 4KB