ef0e8df5c700e64d5d2e8dde4c9b5c117abfc919c676ff383019c585e8e367b0

Sharing

Copy URL

Twitter E-mail

General

Target

ef0e8df5c700e64d5d2e8dde4c9b5c117abfc919c676ff383019c585e8e367b0
Size

814KB
MD5

3e3563c9eb5692e5ef8957b5cccc6388
SHA1

741e0d1c224e813fbc77b379ae8cd75f99f05821
SHA256

ef0e8df5c700e64d5d2e8dde4c9b5c117abfc919c676ff383019c585e8e367b0
SHA512

4fef9a80fcec9464e3023664045a9f7592e2393026e1197545bb6f0a87c2837c7a1c0c2e56eae4b7258136901eb096660463aab7499460c9a1b91037fe273849
SSDEEP

12288:/GilCW+S1ahFGDjdr46SVI/2ioHBsofv7p6q+fEWmyCCjbTckCH00bI:/ULgr46SV82lfZGXgPb

Score

N/A

Malware Config

Signatures

Files

ef0e8df5c700e64d5d2e8dde4c9b5c117abfc919c676ff383019c585e8e367b0
.exe windows x86

f8df200343d212d0ee5e9e70c2879018

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleWindow
CreateFileW
SetEnvironmentVariableA
WriteConsoleW
GetStringTypeW
OutputDebugStringW
SetStdHandle
FlushFileBuffers
LCMapStringW
CompareStringW
SetFilePointerEx
ReadConsoleW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetModuleFileNameA
VirtualQuery
LoadLibraryExW
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EnumSystemLanguageGroupsA
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetConsoleMode
GetConsoleCP
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetModuleFileNameW
WideCharToMultiByte
GlobalAddAtomA
CreateProcessA
LoadLibraryA
FormatMessageA
WaitCommEvent
SetCommTimeouts
SetCommMask
ClearCommError
ReadFile
WriteFile
WaitForSingleObject
VirtualAlloc
GlobalAlloc
GetVersion
LockResource
QueryPerformanceFrequency
QueryPerformanceCounter
GetProcessHeap
GetCurrentThreadId
SetLastError
GetStartupInfoW
GetFileType
SetEndOfFile
GetStdHandle
CancelIo
DeleteFileA
CreateFileA
GetModuleHandleA
CreateEventA
CloseHandle
DeviceIoControl
Sleep
GetOverlappedResult
GetLastError
GetCurrentProcess
GetProcAddress
GetSystemInfo
IsDebuggerPresent
DeleteCriticalSection
HeapSize
IsProcessorFeaturePresent
HeapReAlloc
GetCommandLineA
MultiByteToWideChar
AreFileApisANSI
GetModuleHandleExW
ExitProcess
HeapAlloc
HeapFree
RtlUnwind
RaiseException
LeaveCriticalSection
SetCurrentDirectoryA
TerminateProcess
GetTempPathA
EncodePointer
DecodePointer
EnterCriticalSection

user32

wsprintfA
PostQuitMessage
WaitForInputIdle
CreateWindowExA
DestroyWindow
SetLayeredWindowAttributes
CallWindowProcA
SendMessageA
DefWindowProcA
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetDlgItem
IsDlgButtonChecked
GetClipboardData
TrackPopupMenu
DdeNameService
SystemParametersInfoA
WinHelpA
DefMDIChildProcA
GetIconInfo
GetWindow
GetDesktopWindow
SetWindowLongA
GetWindowLongA
PtInRect
OffsetRect
FillRect
GetSysColorBrush
GetSysColor
MapWindowPoints
GetCursorPos
MessageBoxA
GetWindowRect
GetClientRect
GetWindowTextA
SetWindowTextA
InvalidateRect
ReleaseDC
GetDC
GetForegroundWindow
SetActiveWindow
UpdateWindow
DrawTextA

gdi32

GetObjectA
CreateFontIndirectA
CreateDCA
EndDoc
StartDocA
GetTextMetricsA
SetTextAlign
SetTextColor
SelectClipRgn
GetDeviceCaps
Escape
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgnIndirect
CreatePen
CreateICA

winspool.drv

WritePrinter
StartPagePrinter
ClosePrinter
StartDocPrinterA
EndDocPrinter
EndPagePrinter
OpenPrinterA

advapi32

QueryServiceStatus
ControlService
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
StartServiceA
CloseServiceHandle
QueryServiceConfigA
OpenServiceA
OpenSCManagerA
DeleteService
CreateServiceA

shell32

ShellExecuteA

ole32

GetHGlobalFromStream
CoTaskMemFree
CoInitialize
StringFromCLSID

oleaut32

LoadTypeLi
OleSavePictureFile

wininet

InternetGetCookieA
InternetGetConnectedStateExW
InternetGetConnectedState

msimg32

TransparentBlt

imm32

ImmGetContext
ImmDisableTextFrameService

Sections

.text
Size: 457KB - Virtual size: 456KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 182KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 145KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f8df200343d212d0ee5e9e70c2879018

Code Sign

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

wininet

msimg32

imm32

Sections

.text Size: 457KB - Virtual size: 456KB

.rdata Size: 182KB - Virtual size: 182KB

.data Size: 15KB - Virtual size: 27KB

.rsrc Size: 145KB - Virtual size: 144KB

.reloc Size: 14KB - Virtual size: 13KB

.text
Size: 457KB - Virtual size: 456KB

.rdata
Size: 182KB - Virtual size: 182KB

.data
Size: 15KB - Virtual size: 27KB

.rsrc
Size: 145KB - Virtual size: 144KB

.reloc
Size: 14KB - Virtual size: 13KB