1130c38b05892129ef1a97693b0d3797a45ec69fe0d95bc28e4b09e3d4dd0e9c

Sharing

Copy URL

Twitter E-mail

General

Target

1130c38b05892129ef1a97693b0d3797a45ec69fe0d95bc28e4b09e3d4dd0e9c
Size

834KB
MD5

9655fcc96226cc1c9b6190f154a03066
SHA1

33e65f6a0a939efe5c899bcd025609fa8b43d0bc
SHA256

1130c38b05892129ef1a97693b0d3797a45ec69fe0d95bc28e4b09e3d4dd0e9c
SHA512

26ff6450786373fa654244900ce3147c171217d64dcc814a2df49616a227e94e53b91ad08e012cc952f03873959e6d482afdd5553e9a97422f6317be37719ab9
SSDEEP

6144:gl3CTX/u+bCyxEN5XCy8GEj9N2ldrNdeE0+qpOoaRy6UdMWf:ghCT/u+myxs8mDR0+CJ6NW

Score

N/A

Malware Config

Signatures

Files

1130c38b05892129ef1a97693b0d3797a45ec69fe0d95bc28e4b09e3d4dd0e9c
.dll windows x86

5a830dc23dc9eec9b4a819148e8f82a2

Code Sign

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
VirtualAlloc
VirtualProtect
GetProcAddress
lstrcmpA
GetCurrentThread
GetACP
GetCurrentThreadId
GetVersion
GetLastError
GetCurrentProcess
lstrlenA
GetProcessId
SetLastError
lstrcatA
GetTickCount
GetConsoleCP
RemoveLocalAlternateComputerNameA
FindFirstFileExW
LocalFree
WaitForDebugEvent
SetConsoleTextAttribute
SetProcessShutdownParameters
CreateHardLinkW
FatalAppExitA
GetAtomNameA
GetWindowsDirectoryA
GetLogicalProcessorInformation
lstrcmpW

msimg32

TransparentBlt
vSetDdrawflag
DllInitialize
AlphaBlend

imagehlp

SymGetLineFromAddr64
SymEnumerateSymbols
SymGetLinePrev64
SymMatchFileName
FindExecutableImage
SymGetModuleInfoW64
GetImageUnusedHeaderBytes
SymRegisterCallback
UpdateDebugInfoFile
SymGetSymPrev
SymUnloadModule64
CheckSumMappedFile
ReBaseImage64
SymSetSearchPath
MakeSureDirectoryPathExists
SymGetModuleInfoW

user32

CreateMDIWindowA
PostThreadMessageW
PaintMenuBar
CharLowerA
IsCharUpperW
GetClipboardFormatNameW
CreateDialogParamW
CharPrevExA

winspool.drv

EnumPrintProcessorDatatypesA
GetPrinterDriverW
AbortPrinter
StartDocPrinterW
DeviceCapabilitiesA
ConvertAnsiDevModeToUnicodeDevmode
ResetPrinterW
ConfigurePortA
DocumentEvent
SetPrinterDataA
CreatePrinterIC
DeletePrintProvidorW
DevQueryPrintEx
AddMonitorA
GetSpoolFileHandle
QueryRemoteFonts
SetDefaultPrinterW
ADVANCEDSETUPDIALOG
PrinterMessageBoxA
EnumPrinterDriversA

oledlg

OleUIAddVerbMenuW
OleUIObjectPropertiesW
OleUIPasteSpecialA
OleUIChangeIconW
OleUIPasteSpecialW
OleUIConvertW
OleUIPromptUserW
OleUICanConvertOrActivateAs
OleUIConvertA
OleUIObjectPropertiesA
OleUIBusyW
OleUIEditLinksA
OleUIBusyA
OleUIInsertObjectW
OleUIChangeIconA

comdlg32

PrintDlgA
ChooseFontW
GetFileTitleW
PageSetupDlgW
ReplaceTextA
dwOKSubclass
GetSaveFileNameW

ole32

ReadClassStg
HENHMETAFILE_UserUnmarshal
IsEqualGUID
OleDraw
CoWaitForMultipleHandles
HMENU_UserSize
CoGetContextToken
CLIPFORMAT_UserFree
CoMarshalHresult
GetClassFile

advapi32

GetTrusteeTypeW
GetNamedSecurityInfoExA
GetSidLengthRequired
LsaAddPrivilegesToAccount
OpenEncryptedFileRawA
LsaCreateSecret
SystemFunction012
OpenSCManagerW
CryptGetProvParam
DestroyPrivateObjectSecurity
RegisterTraceGuidsW
FlushTraceA
CryptDuplicateHash
WmiQueryGuidInformation

Sections

.text
Size: 302KB - Virtual size: 301KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fcgq
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sjhp
Size: 512KB - Virtual size: 512KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5a830dc23dc9eec9b4a819148e8f82a2

Code Sign

Headers

File Characteristics

Imports

kernel32

msimg32

imagehlp

user32

winspool.drv

oledlg

comdlg32

ole32

advapi32

Sections

.text Size: 302KB - Virtual size: 301KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 11KB - Virtual size: 29KB

.fcgq Size: 4KB - Virtual size: 9KB

.sjhp Size: 512KB - Virtual size: 512KB

.text
Size: 302KB - Virtual size: 301KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 11KB - Virtual size: 29KB

.fcgq
Size: 4KB - Virtual size: 9KB

.sjhp
Size: 512KB - Virtual size: 512KB