0ef8fb38811c876792a8cc7832def5e5905df0c253ecc47998c18bc8ffb280cc

Sharing

Copy URL

Twitter E-mail

General

Target

0ef8fb38811c876792a8cc7832def5e5905df0c253ecc47998c18bc8ffb280cc
Size

728KB
MD5

dd2bca6daf4308b18afd9055b0584789
SHA1

67b997184106a4e238663d9ab7b2d1869b3869e4
SHA256

0ef8fb38811c876792a8cc7832def5e5905df0c253ecc47998c18bc8ffb280cc
SHA512

44f8653930f54b8dbfce192569f2e83e08f513945eb0be564458e256228484e607188979ad093c590d0ebf9e917c158d124ae319e9fc01f4233a0378710def14

Score

N/A

Malware Config

Signatures

Files

0ef8fb38811c876792a8cc7832def5e5905df0c253ecc47998c18bc8ffb280cc
.exe windows x86

b55667164076122e8c2d7538b2b13773

Code Sign

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
HeapFree
TerminateProcess
SetStdHandle
GetFileType
HeapReAlloc
HeapSize
GetACP
GetTimeZoneInformation
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetEnvironmentVariableA
ExitProcess
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetCommandLineA
GetStartupInfoA
RaiseException
RtlUnwind
SetErrorMode
lstrlenW
GlobalSize
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileSize
GetVolumeInformationA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentDirectoryA
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GlobalFlags
GetProcessVersion
MulDiv
GetTickCount
GetProfileIntA
GetDiskFreeSpaceA
GetFileTime
SetFileTime
GetFullPathNameA
GetFileAttributesA
FindNextFileA
FindFirstFileA
GetLastError
SetLastError
FindClose
CloseHandle
GlobalAlloc
lstrcmpA
GetCurrentThread
GetModuleFileNameA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GlobalFree
LoadLibraryA
FreeLibrary
FindResourceA
LoadResource
LockResource
GetCurrentThreadId
lstrcmpiA
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
GlobalLock
lstrcpynA
GlobalUnlock
GlobalGetAtomNameA
GlobalAddAtomA
GetVersion
lstrcpyA
lstrlenA
GetTempPathA
GetTempFileNameA
CopyFileA
DeleteFileA
GetWindowsDirectoryA
Sleep
GetModuleHandleA
GetVersionExA
GetProcAddress

user32

EndDialog
wvsprintfA
ReleaseDC
GetDC
ShowOwnedPopups
ValidateRect
TranslateMessage
GetMessageA
PtInRect
InflateRect
SetCapture
IsRectEmpty
SetRect
IsZoomed
SetParent
AppendMenuA
DeleteMenu
GetSystemMenu
LoadStringA
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
LoadCursorA
GetSysColorBrush
GetClassNameA
CharUpperA
SetTimer
KillTimer
WindowFromPoint
InvertRect
FillRect
GetDCEx
LockWindowUpdate
CheckMenuItem
GetNextDlgTabItem
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
MapWindowPoints
GetSysColor
DispatchMessageA
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
GetScrollPos
GetTopWindow
CreateDialogIndirectParamA
IsChild
GetWindowTextLengthA
GetWindowTextA
DestroyWindow
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetLastActivePopup
IsWindowVisible
IsIconic
GetFocus
EqualRect
CopyRect
GetDlgItem
InvalidateRect
GetKeyState
GetDlgCtrlID
UpdateWindow
UnpackDDElParam
ReuseDDElParam
SetActiveWindow
WinHelpA
SetMenu
GetClassInfoA
DestroyMenu
SetFocus
ShowWindow
GetDesktopWindow
GetWindow
IsWindowEnabled
SetCursor
PeekMessageA
GetCapture
ReleaseCapture
LoadAcceleratorsA
SetRectEmpty
RegisterWindowMessageA
GetActiveWindow
SendMessageA
EnableWindow
wsprintfA
PostQuitMessage
LoadIconA
GetSubMenu
UnregisterClassA
EnableMenuItem
GetParent
AdjustWindowRectEx
RedrawWindow
SetWindowPos
GetWindowLongA
SetWindowLongA
IsWindow
DefMDIChildProcA
DrawMenuBar
TranslateAcceleratorA
TranslateMDISysAccel
DefFrameProcA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
MessageBoxA
SetMenuItemBitmaps
CreateWindowExA
BringWindowToTop
GetMenu
GetMenuItemCount
GetClientRect
SetForegroundWindow
TrackPopupMenu
GetMenuItemID
PostMessageA
GetCursorPos
LoadMenuA
ClientToScreen
ScreenToClient
RegisterClassA

gdi32

SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
SetTextAlign
CreateRectRgn
GetDeviceCaps
CreateSolidBrush
CreatePatternBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateFontIndirectA
SetRectRgn
CombineRgn
CopyMetaFileA
BitBlt
ScaleViewportExtEx
CreateCompatibleDC
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
GetStockObject
RestoreDC
SaveDC
GetTextMetricsA
GetTextExtentPoint32A
CreateFontA
GetCharWidthA
DeleteObject
SelectObject
StretchDIBits
DeleteDC
CreateRectRgnIndirect
PatBlt
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateCompatibleBitmap

comdlg32

GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

SetFileSecurityA
GetFileSecurityA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA

shell32

DragQueryFileA
DragFinish
Shell_NotifyIconA

comctl32

ImageList_ReplaceIcon
ord17
ImageList_Destroy
ImageList_Create

ole32

OleDuplicateData
CoTaskMemAlloc
CreateStreamOnHGlobal
CoLockObjectExternal
RegisterDragDrop
CoCreateInstance
CoTaskMemFree
ReleaseStgMedium
DoDragDrop
RevokeDragDrop

oleaut32

SysAllocString
VariantClear

Sections

.text
Size: 248KB - Virtual size: 246KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 372KB - Virtual size: 386KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b55667164076122e8c2d7538b2b13773

Code Sign

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ole32

oleaut32

Sections

.text Size: 248KB - Virtual size: 246KB

.rdata Size: 64KB - Virtual size: 60KB

.data Size: 372KB - Virtual size: 386KB

.rsrc Size: 40KB - Virtual size: 37KB

.text
Size: 248KB - Virtual size: 246KB

.rdata
Size: 64KB - Virtual size: 60KB

.data
Size: 372KB - Virtual size: 386KB

.rsrc
Size: 40KB - Virtual size: 37KB