2024-04-15_47084f6ce67b7dbcaea4a56e92204960_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-15_47084f6ce67b7dbcaea4a56e92204960_magniber
Size

31.4MB
MD5

47084f6ce67b7dbcaea4a56e92204960
SHA1

86888af29f1ad49a4ca9aabad70a81b2419c1715
SHA256

1284c739d8e4e4abba493681a16e533187bef5e35d4c3698a37ee6b4f7753c8c
SHA512

bc8579da90e8b8ec0e76d451f3bdf2149409e807b82774598d4217871fe2fb656eae2d1b56c32788c824a3f614f5e8c3f075eef6b7a7152f275e58d0fd212412
SSDEEP

196608:T3ddjGFBlPjZQzaOKDwu9wEMeINNq906rlFW7HjNbfvQuQ30u5CMY+CSoR:hdyFBVZQz/Mn9way7j1vpI0OCd+CSoR

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-15_47084f6ce67b7dbcaea4a56e92204960_magniber

Files

2024-04-15_47084f6ce67b7dbcaea4a56e92204960_magniber
.exe windows:5 windows x86 arch:x86

f0b34c62317d215e2154e761fc68faf5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeSetEvent
PlaySoundW
timeGetTime

quartz

AMGetErrorTextW

wmvcore

WMCreateIndexer
WMIsContentProtected

gdiplus

GdipGetImageEncodersSize
GdipGetImageEncoders
GdipAlloc
GdipFree
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipCreatePen1
GdipDeletePen
GdipCreateFromHDC
GdipDeleteGraphics
GdipDrawLine
GdipFillEllipse
GdiplusStartup
GdiplusShutdown
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromScan0
GdipCreateHBITMAPFromBitmap
GdipFillRectangleI
GdipDrawImageRectRectI
GdipTranslateWorldTransform
GdipRotateWorldTransform
GdipDrawImage
GdipLoadImageFromFile
GdipLoadImageFromFileICM
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipCreateFromHWND
GdipSetInterpolationMode
GdipCreateBitmapFromHBITMAP
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipCreateFromHWNDICM
GdipDrawImageRectI
GdipCreateBitmapFromResource
GdipFillRectangle
GdipCreateFontFromDC
GdipCreateFontFromLogfontW
GdipDeleteFont
GdipDrawString
GdipMeasureString
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatAlign
GdipDrawImageI
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipCreateFontFamilyFromName
GdipCreateFont
GdipStringFormatGetGenericTypographic
GdipCloneStringFormat
GdipDeleteFontFamily

smm_resample

?RSProcess@@YAJPAX0K0@Z
?RSOutputBufferSize@@YAKPAXK@Z
?RSInitialize@@YAJPAXPAUtWAVEFORMATEX@@1@Z
?RSCreateInstance@@YAPAXXZ
?RSReleaseInstance@@YAXPAX@Z

winhttp

WinHttpQueryHeaders
WinHttpReceiveResponse
WinHttpCloseHandle
WinHttpOpen
WinHttpCrackUrl
WinHttpSendRequest
WinHttpReadData
WinHttpConnect
WinHttpQueryDataAvailable
WinHttpOpenRequest

kernel32

FindFirstFileW
FindNextFileW
QueryPerformanceCounter
QueryPerformanceFrequency
ReadFile
VirtualAlloc
VirtualFree
IsDBCSLeadByteEx
DebugBreak
DuplicateHandle
TerminateThread
lstrcatW
OutputDebugStringA
GetModuleHandleA
FlushFileBuffers
GlobalGetAtomNameW
EncodePointer
GetSystemDirectoryW
lstrcmpW
FileTimeToLocalFileTime
SystemTimeToTzSpecificLocalTime
SuspendThread
lstrcmpA
CompareStringA
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetFileAttributesW
ReplaceFileW
GetUserDefaultLCID
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
GetThreadLocale
GetProfileIntW
GlobalFlags
GetShortPathNameW
LockFile
SetEndOfFile
UnlockFile
GetCurrentProcess
lstrcmpiW
GetStringTypeExW
GetFileAttributesExW
GetFileSizeEx
LocalFileTimeToFileTime
SetFileAttributesW
GetAtomNameW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
SetErrorMode
GetWindowsDirectoryW
VerSetConditionMask
VerifyVersionInfoW
FindResourceExW
SearchPathW
LocalLock
LocalUnlock
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
LoadLibraryExA
VirtualQuery
VirtualProtect
GetSystemInfo
CreateSemaphoreW
WaitForMultipleObjects
GetThreadPriority
SetThreadPriority
GetCurrentThread
InterlockedExchange
GetSystemDefaultLCID
RaiseException
GetProcessHeap
GetDiskFreeSpaceExW
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
DecodePointer
GlobalMemoryStatus
CompareFileTime
GetEnvironmentVariableW
GetModuleHandleW
ExitThread
GetVersionExW
GlobalFindAtomW
GlobalAddAtomW
GetTickCount
MulDiv
GlobalDeleteAtom
SetLastError
GetVersion
GetProcAddress
GetCurrentThreadId
InitializeCriticalSectionAndSpinCount
OutputDebugStringW
CompareStringW
FormatMessageW
LocalFree
ResetEvent
ResumeThread
GlobalFree
FreeResource
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
SetThreadLocale
MoveFileW
DeleteFileW
CreateFileW
CreateDirectoryW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetTempFileNameW
GetTempPathW
LoadLibraryExW
LoadLibraryW
CreateEventW
lstrcpynW
WriteFile
GetFileSize
Sleep
SetEvent
LeaveCriticalSection
EnterCriticalSection
GetLastError
ExitProcess
GetCurrentProcessId
GlobalSize
FreeLibrary
InterlockedDecrement
InterlockedIncrement
GetVolumeInformationW
CopyFileW
GetFullPathNameW
CreateProcessW
OpenMutexW
CreateMutexW
CloseHandle
WaitForSingleObject
CreateThread
GetExitCodeProcess
DeleteCriticalSection
InitializeCriticalSection
GlobalUnlock
GlobalLock
GlobalAlloc
WideCharToMultiByte
GetModuleFileNameW
FileTimeToSystemTime
SystemTimeToFileTime
GetLocalTime
GetSystemTimeAsFileTime
GetSystemTime
lstrlenW
lstrcpyW
MultiByteToWideChar
FindResourceW
SizeofResource
LoadResource
LockResource
GetDiskFreeSpaceW
SetFileTime
GetFileTime
FindClose
HeapSize
SetFilePointer
LCMapStringW
GetStringTypeW
GetCPInfo
GetACP
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
GetCommandLineA
GetCommandLineW
GetDriveTypeW
GetFileType
PeekNamedPipe
FreeLibraryAndExitThread
GetModuleHandleExW
GetFullPathNameA
HeapQueryInformation
SetStdHandle
GetStdHandle
GetModuleFileNameA
GetTimeZoneInformation
GetDateFormatW
GetTimeFormatW
IsValidLocale
EnumSystemLocalesW
GetConsoleCP
GetConsoleMode
SetFilePointerEx
ReadConsoleW
FindFirstFileExA
FindFirstFileExW
FindNextFileA
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
SetConsoleCtrlHandler
WriteConsoleW
ReleaseSemaphore
LoadLibraryA
GetCurrentProcess
FreeLibrary
TerminateProcess
GetSystemInfo
CreateToolhelp32Snapshot
Thread32First
GetCurrentThreadId
OpenThread
Thread32Next
CloseHandle
SuspendThread
ResumeThread
WriteProcessMemory
VirtualAlloc
VirtualProtect
VirtualFree
GetProcessAffinityMask
SetProcessAffinityMask
GetCurrentThread
SetThreadAffinityMask
Sleep
GetTickCount
GetLocalTime
GlobalFree
GetProcAddress
LocalAlloc
LoadLibraryA
ExitProcess
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetModuleHandleW
LoadResource
MultiByteToWideChar
FindResourceExW
FindResourceExA
WideCharToMultiByte
GetThreadLocale
GetUserDefaultLCID
GetSystemDefaultLCID
EnumResourceNamesA
EnumResourceNamesW
EnumResourceLanguagesA
EnumResourceLanguagesW
EnumResourceTypesA
EnumResourceTypesW
CreateFileW
LoadLibraryW
FlushFileBuffers
GetCurrentProcessId
GetLastError
GetModuleFileNameW
CreateEventA
GetModuleHandleA
GetSystemTimeAsFileTime
VirtualQuery
LocalFree
CreateFileA
ReadFile
GetCommandLineA
RaiseException
RtlUnwind
HeapFree
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
HeapReAlloc
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
WriteFile
SetFilePointer
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LocalAlloc
GetCurrentProcess
GetCurrentThread
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
GetLastError
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

SubtractRect
SendNotifyMessageW
MonitorFromRect
InSendMessage
GetWindowRgn
GetTabbedTextExtentW
TranslateMessage
GetMessageW
IsDialogMessageW
SetWindowTextW
ScrollWindowEx
SendDlgItemMessageW
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextW
SetDlgItemTextW
GetDlgItemInt
SetDlgItemInt
GetMonitorInfoW
MonitorFromWindow
SetScrollInfo
GetTopWindow
GetClassLongW
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
ValidateRect
TrackPopupMenuEx
TrackPopupMenu
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
CreateWindowExW
GetClassInfoExW
RegisterClassW
GetMessageTime
GetMenuCheckMarkDimensions
SendDlgItemMessageA
EndPaint
BeginPaint
ReuseDDElParam
UnpackDDElParam
GetMenuBarInfo
WinHelpW
GetLastActivePopup
GetWindowThreadProcessId
InsertMenuItemW
GetDlgCtrlID
BringWindowToTop
GetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamW
DestroyWindow
GetMenuStringW
CharLowerBuffW
GetQueueStatus
PostThreadMessageW
UnregisterClassW
EnumDisplayDevicesW
CreateMenu
CharLowerW
UnregisterHotKey
RegisterHotKey
ShowScrollBar
FindWindowW
GetForegroundWindow
LoadStringW
IsIconic
AdjustWindowRect
GetScrollInfo
SetParent
UnionRect
FrameRect
GetClipboardData
WindowFromPoint
GetDCEx
GetIconInfo
DestroyIcon
GetClassNameW
RemovePropW
GetPropW
SetPropW
GetWindowDC
WindowFromDC
DrawStateW
GetMenuItemRect
GetMenuDefaultItem
SetMenuInfo
GetMenuInfo
DeleteMenu
AppendMenuW
CreatePopupMenu
DrawMenuBar
SetMenu
GetMessagePos
EnumChildWindows
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetMenu
IsMenu
GetClassInfoW
DefWindowProcW
IntersectRect
GetSysColor
GetUpdateRect
SetMenuItemInfoW
GetMenuItemInfoW
TranslateAcceleratorW
LoadAcceleratorsW
CallWindowProcW
DestroyCursor
CreateCursor
GetDesktopWindow
OffsetRect
SetRectEmpty
SetRect
InflateRect
CopyRect
LoadImageW
TrackMouseEvent
UpdateLayeredWindow
IsRectEmpty
LoadIconW
LoadCursorW
LoadBitmapW
GetWindow
GetParent
SetWindowLongW
GetWindowLongW
PtInRect
EqualRect
FillRect
ScreenToClient
SetCursor
LockWindowUpdate
RedrawWindow
InvalidateRect
SetWindowRgn
ReleaseDC
GetDC
SetActiveWindow
UpdateWindow
SetMenuItemBitmaps
RemoveMenu
ModifyMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
EnableMenuItem
CheckMenuItem
GetMenuState
LoadMenuW
GetSystemMetrics
IsWindowEnabled
SetTimer
MsgWaitForMultipleObjects
GetCapture
GetKeyState
SetFocus
CharUpperW
RegisterClipboardFormatW
IsZoomed
GetWindowPlacement
SetWindowPos
MoveWindow
SetLayeredWindowAttributes
ShowWindow
IsWindow
PeekMessageW
DispatchMessageW
wsprintfW
EnumWindows
SetForegroundWindow
PostMessageW
SystemParametersInfoW
ClientToScreen
GetCursorPos
CharUpperBuffW
GetDoubleClickTime
SetMenuDefaultItem
DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
ToUnicodeEx
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
WaitMessage
GetComboBoxInfo
MonitorFromPoint
CopyIcon
SetCursorPos
DrawFrameControl
SetClassLongW
EnumDisplayMonitors
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
DrawIconEx
GetWindowRect
GetClientRect
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
MenuItemFromPoint
DestroyMenu
GetSystemMenu
EnableWindow
KillTimer
GetAsyncKeyState
CopyImage
GetDialogBaseUnits
GetSysColorBrush
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
RealChildWindowFromPoint
IsClipboardFormatAvailable
MapVirtualKeyW
GetKeyNameTextW
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
ReleaseCapture
SetCapture
GetFocus
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
IsWindowVisible
IsChild
SendMessageW
RegisterWindowMessageW
MessageBoxW
CopyAcceleratorTableW
DrawIcon
CharNextW
MapDialogRect
ShowOwnedPopups
SetWindowContextHelpId
UnregisterClassA
DrawEdge
PostQuitMessage
DrawFocusRect
CharUpperBuffW
MessageBoxW

gdi32

SetTextAlign
SetTextJustification
PlayMetaFileRecord
EnumMetaFile
SetWorldTransform
ModifyWorldTransform
SetColorAdjustment
StartDocW
ArcTo
PolyDraw
SelectClipPath
SetArcDirection
ExtCreatePen
MoveToEx
PolyBezierTo
PolylineTo
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
GetBkColor
GetMapMode
GetViewportExtEx
GetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
PtVisible
RectVisible
TextOutW
ExtTextOutW
DPtoLP
LPtoDP
CreateBitmap
CreateRectRgn
DeleteObject
FillRgn
GetBitmapBits
GetDeviceCaps
GetPixel
SelectObject
StretchBlt
GetTextMetricsW
GetObjectW
Rectangle
DeleteDC
CreateDIBSection
CreatePen
CreateBitmapIndirect
SetBitmapBits
RoundRect
SetPixel
CombineRgn
CreateHatchBrush
SetTextCharacterExtra
OffsetWindowOrgEx
ScaleViewportExtEx
SetStretchBltMode
PatBlt
SetRectRgn
GetTextColor
CreateEllipticRgn
Ellipse
GetCharWidthW
StretchDIBits
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetDIBits
SetDIBColorTable
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
EnumFontFamiliesExW
OffsetRgn
GetCurrentObject
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
CloseMetaFile
CreateMetaFileW
DeleteMetaFile
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
GetROP2
GetBkMode
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetTextFaceW
EndPath
CloseFigure
BeginPath
CreatePatternBrush
GetPath
SetMapMode
SetBkMode
AddFontResourceW
TranslateCharsetInfo
CreateFontW
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetGraphicsMode
SetMapperFlags
SelectPalette
ExtSelectClipRgn
SaveDC
RestoreDC
PlayMetaFile
OffsetClipRgn
LineTo
IntersectClipRect
GetObjectType
GetCurrentPositionEx
GetClipRgn
GetClipBox
ExcludeClipRect
CreateDIBPatternBrushPt
CopyMetaFileW
CreateDCW
Escape
CreateSolidBrush
CreateFontIndirectW
CreateCompatibleDC
CreateCompatibleBitmap
ScaleWindowExtEx
BitBlt
CombineTransform
GetCharacterPlacementW
SetTextColor
SetBkColor
GetStockObject
GetRgnBox
UnrealizeObject
SetBrushOrgEx
SelectClipRgn
GetTextExtentPoint32W
GetNearestColor
CreateRectRgnIndirect
AbortPath

msimg32

AlphaBlend
TransparentBlt

comdlg32

CommDlgExtendedError

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter
GetJobW

advapi32

RegQueryValueW
RegOpenKeyW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegConnectRegistryW
RegEnumValueW
SetFileSecurityW
GetFileSecurityW
RegCloseKey
RegEnumKeyW
RegSetValueW
RegDeleteValueW
RegQueryValueExA
RegCloseKey
RegOpenKeyExA
CloseServiceHandle
QueryServiceConfigW
OpenServiceW
EnumServicesStatusExW
OpenSCManagerW
OpenSCManagerW
EnumServicesStatusExW
OpenServiceW
QueryServiceConfigW
CloseServiceHandle

shell32

SHAppBarMessage
ShellExecuteW
SHGetFolderPathW
Shell_NotifyIconW
ord155
ord190
SHOpenFolderAndSelectItems
SHGetSpecialFolderPathW
SHBindToParent
SHParseDisplayName
DragQueryFileW
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetMalloc
DragFinish
SHAddToRecentDocs
SHGetFileInfoW
ExtractIconW
SHGetSpecialFolderLocation
ShellExecuteExW
DragAcceptFiles
SHGetDesktopFolder

comctl32

ImageList_AddMasked
_TrackMouseEvent
ImageList_GetImageCount
ImageList_Add
ImageList_ReplaceIcon
ImageList_Draw
ImageList_Replace
ImageList_GetIcon
ImageList_GetIconSize
ImageList_SetBkColor

shlwapi

PathFindFileNameW
PathIsRelativeW
PathRemoveFileSpecW
StrCpyW
PathAppendW
PathFileExistsW
PathFindExtensionW
SHCreateStreamOnFileW
PathCombineW
PathRemoveExtensionW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW

uxtheme

GetThemeSysColor
GetWindowTheme
GetCurrentThemeName
DrawThemeBackground
CloseThemeData
OpenThemeData
IsThemeBackgroundPartiallyTransparent
IsAppThemed
DrawThemeParentBackground
DrawThemeText
GetThemeColor
GetThemePartSize

ole32

CoRegisterClassObject
CoFreeUnusedLibraries
CoTreatAsClass
ReadClassStg
WriteClassStg
WriteFmtUserTypeStg
OleUninitialize
ReadFmtUserTypeStg
OleDuplicateData
OleRegGetUserType
SetConvertStg
CLSIDFromProgID
PropVariantCopy
StringFromCLSID
CLSIDFromString
CoDisconnectObject
CoInitializeEx
CoGetClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
CoLoadLibrary
CreateBindCtx
StringFromGUID2
GetRunningObjectTable
CreateItemMoniker
OleSetClipboard
OleFlushClipboard
OleIsCurrentClipboard
DoDragDrop
OleRun
OleInitialize
CoCreateInstance
CoInitialize
CoUninitialize
CoFreeUnusedLibrariesEx
CoCreateGuid
ReleaseStgMedium
CreateStreamOnHGlobal
CoTaskMemAlloc
CoTaskMemFree
OleQueryCreateFromData
OleQueryLinkFromData
CoGetMalloc
OleIsRunning
CreateOleAdviseHolder
CreateDataAdviseHolder
GetHGlobalFromILockBytes
OleGetIconOfClass
OleSetContainedObject
OleSaveToStream
OleSave
OleLoad
OleCreateFromFile
OleCreateLinkToFile
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleCreate
WriteClassStm
CreateGenericComposite
OleRegEnumVerbs
OleRegGetMiscStatus
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CreateFileMoniker
StgIsStorageFile
StgOpenStorage
StgCreateDocfile
OleLockRunning
OleSetMenuDescriptor
CoRegisterMessageFilter
CoRevokeClassObject
PropVariantClear

oleaut32

VarCmp
OleCreatePropertyFrame
VarBstrCmp
SafeArrayCreateVector
SafeArrayPutElement
SafeArrayUnaccessData
SafeArrayAccessData
VariantCopy
SysAllocStringByteLen
SysStringByteLen
VarBstrCat
VariantClear
VariantInit
SafeArrayGetVartype
VariantTimeToSystemTime
LoadTypeLi
LoadRegTypeLi
RegisterTypeLi
SysReAllocStringLen
VariantChangeType
SafeArrayAllocData
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayRedim
SafeArrayGetDim
SafeArrayUnlock
SafeArrayLock
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayDestroy
SafeArrayCreate
SafeArrayGetElemsize
SafeArrayGetElement
SafeArrayCopy
SafeArrayPtrOfIndex
VarDateFromStr
VarCyFromStr
VarBstrFromCy
VarBstrFromDate
VarBstrFromDec
VarDecFromStr
OleCreateFontIndirect
SystemTimeToVariantTime
SafeArrayAllocDescriptor
SysAllocString
SysStringLen
SysFreeString
SysAllocStringLen
GetErrorInfo
SetErrorInfo
CreateErrorInfo

oledlg

OleUIBusyW

hhctrl.ocx

ord15

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

wtsapi32

WTSSendMessageW

Exports

Exports

$�%�0�nq�.��(3D��&ʲ��r �@j:�}�VBg��Fp�Tc��-X�t�f��m��M�w�5�+QG�&��};#��A�"wv��P�AD�R��H��=w�K�g�IGBm��a{E ��CVƑKAl��a�Z1*I}�8!�O��q��R��L�-��(�C�%�z?�~�5�6��%p̒�y}F1uOA��B��eژఉ�� g ��G�}��R�s�BAHE�`;��e;��Pv!bכ+��L��Az�t!7��2j�ph��xO2l�V�@�� D�H��[/�9��A�ݯT�4>��'��Fv�4�t``�t�N�={U��1��AG�L}w�Å�.!�`��:��N��yc��ti��WC��l3ο�S�D��uh�v��]i2Sd̒�Q\$�k�զ�o��2$��eԗ׎ �k��{$C�Q_c��9��;��1�<y�p��x�m5�y��_0��;<\�X-�P`Ҫ��P��Iae��^�z�-��R˳��уGr`f�?��e[+b��Q��ĺ�B��1�l7��6��Ҁ��WG��7�K^Zp�|��p�tj ��FG3�鐁�>��l̺<�o�v��DɊ�5'g�L#G�?��;U��Q]�%s�/# ��YDzm_��8��dWZ�Y`Ng�7��'N�:}�Qm��Q(y��fI��[�S��ȷ~/�X�nl�U� �8�7��|A) :WKw��&�A*}I�Ylds{�k1��X)�8��|��nr��x� =�M��?�^ ?��d��2V�M7��I?�D��_Z�S��v�.�<�h}�я�*!�iЕ�R��O��7I�X�N~q��^҃�aLW�w�iC��~̪#�Lg�8C��Qj�ъ��pf��n�`��i��ᑪxWn��-�J��ў�?wS- �I�i�U �;�Dfsy�ک�E�E]B��h��br�X�3g��w+�J��+}�B��Dȸq��Sg7�!W�m J�%��+��̺/�q�/�f~�yhV� B��>S��t�_�!�=\�ä�o�5_k\b��쭦�pɦ��d�E� �� 'Ky0�s�L�_� p;� p̦2��j��Ed��>��`k�n6�h�f�b,Ҵ�O��]D��C JF}ikUBX(��'+��7��Q��4��tUk�/�iɞ�Ҹ`$��-��J��+d�� (�_Sj<l��%aR��,2S�N��UD�q�D�d�ʲ�v�H�H+�~�*r bB��\�qL �O�ރ\��{��BfH_7�� d��}�� l��p5%�3j:��;)��mq�d��r)��KpL��Rc��&@��D��R9��IY��,�],�&��< �6�.��Mz��rI�ź��94Y��^�ݱ %6�YS(��+��Up��ob�>��;\�o�m��XY��Ђ3౥{gb�j��L�-WlCҤ*c��*��E��[� ��"��δ#�k;(a(YQ��>��g`d�c��C��0��/�𡼟�|��m�ޡ �Z;�{5��쓺p'5d��X��]�;�pC��!i��!��w'��\V��6�tHLk4fb�_ �O|r{��[R��Gr�ߜ)��Fҝ_�CvR4��+3�tq~��،�B: ;A.��υ�2̞��ݰb@?�I��T�ʓ�ˡYJ��=��h4a�zx��_i�:�ZC��N�ǃ��`�t��;y��O��2(¦=�>4Q�3�:|�U�~�L�]�;��0�E��iq)-��}�̲��Lf<<nq�4[Δ��`��'�&�'��=[L��%cL�h��":0Mk�ښ�b�C��Ѕ�l�g��Niчm�8� �YB��<G��uB�u��&4��Js �M%�P�%x�ݡL�bw�L�V��|чl�ir�ns��Y��(��΃ڧc��,ʤ��?��8��0��yJ��]QHH�-�ޯ "� � 9�7��F݊��˳g��y�ȡҊT��~�J�r�p�i(�Z�wƙDw/�ź 6�U7�*.q�GI�� y�0�*Oo֥�A�5��G�\4��9D�܌z��1d+C�9��V��Y��U�cM L2�0�yG�d�o �>��K�2�>�Ίn{idߤ��TnT�w �모�r�)8��'� S��A15X!��k��!k��Ob��)��L�(b�RN��*�c%��Y~t�U k`�"�;|G��s��6��Z��O��;��"��8�یW��ECixh��:�`]pH��D�{��$A��#g.@4��(�n�i��r2��f't��Y�� A�y�9�r{鹆��h�e1��!8�(g��>p�Ǒ�D_��Y��G�\,��$�qj@�j�a�$賒]��r�lu��/*��o�_ BzFp�z�r�j|�\B@��'��*�t�k{y_~��3��4��#J9��K��>�A�Wh�)��V��>c�fm��7�X��W�?�3+F��ǲy�\�69㩛��/��[�g�츿L�a��z��z��Y�J�o�1D�*��w�u��'x�f�t�k�h � G��jҥl;��ўG��r�g��"q��hL�ĴJ"-N#�P�ʵ�״�ݙ�E�yp��bV��?�*'2j��l�m�!\�B��A}��EHH+X}�-T��e��'�w�]�V�OB.E#E n��;^��b@SoKZ��mj�P�r��Lן��΄Ψ�j��o})��ޘV�y_�gT�q'z~1�!*��6�:)�]el[�f�K�z�yo9��T�#�Y��I�7�%��h�kG��zw:y��T��s� �.9�D�A��v�;�wp�

Sections

.text
Size: 5.6MB - Virtual size: 5.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

MY_DATA5
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UPX10
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.UPX11
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 394KB - Virtual size: 394KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 20.4MB - Virtual size: 20.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f0b34c62317d215e2154e761fc68faf5

Headers

DLL Characteristics

File Characteristics

Imports

winmm

quartz

wmvcore

gdiplus

smm_resample

winhttp

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

hhctrl.ocx

oleacc

imm32

version

wtsapi32

Exports

Exports

Sections

.text Size: 5.6MB - Virtual size: 5.6MB

.rdata Size: 1.3MB - Virtual size: 1.3MB

.data Size: 75KB - Virtual size: 128KB

MY_DATA5 Size: 3KB - Virtual size: 2KB

.gfids Size: 138KB - Virtual size: 137KB

.giats Size: 512B - Virtual size: 28B

.tls Size: 512B - Virtual size: 9B

.UPX10 Size: 1.1MB - Virtual size: 1.1MB

.UPX11 Size: 2.5MB - Virtual size: 2.5MB

.reloc Size: 394KB - Virtual size: 394KB

.rsrc Size: 20.4MB - Virtual size: 20.4MB

.text
Size: 5.6MB - Virtual size: 5.6MB

.rdata
Size: 1.3MB - Virtual size: 1.3MB

.data
Size: 75KB - Virtual size: 128KB

MY_DATA5
Size: 3KB - Virtual size: 2KB

.gfids
Size: 138KB - Virtual size: 137KB

.giats
Size: 512B - Virtual size: 28B

.tls
Size: 512B - Virtual size: 9B

.UPX10
Size: 1.1MB - Virtual size: 1.1MB

.UPX11
Size: 2.5MB - Virtual size: 2.5MB

.reloc
Size: 394KB - Virtual size: 394KB

.rsrc
Size: 20.4MB - Virtual size: 20.4MB