7696dc4cf76ec19ea14c00e31269a2caabc64c49e3c33e98ab14bb09783bc74e

Sharing

Copy URL

Twitter E-mail

General

Target

7696dc4cf76ec19ea14c00e31269a2caabc64c49e3c33e98ab14bb09783bc74e
Size

393KB
MD5

be689e507b251c23e0a5cb1b222f9f1f
SHA1

3c5725ccf1618c3e7fbd7eca4984f4ad2d7b4769
SHA256

7696dc4cf76ec19ea14c00e31269a2caabc64c49e3c33e98ab14bb09783bc74e
SHA512

d8f158152090c5b278abe8f85e151fdbcfe6ddd9d309df0d934b699e5693e32c1881fded7d784001cf416fab00d4d7565a0fb2db9bfc6679d698f0afcd1e1e89
SSDEEP

6144:KEFECJBkRcjlfzOVdo9kRj9+XZRq5xjg2lpyqkbxiTjV4H/L:3UYF2dAkRx+Xjq5xQFiV4fL

Score

N/A

Malware Config

Signatures

Files

7696dc4cf76ec19ea14c00e31269a2caabc64c49e3c33e98ab14bb09783bc74e
.exe windows x86

fa946e88327a89bdac99be875a4fd807

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
VirtualAlloc
VirtualFree
VirtualProtect
GetProcAddress
GetCurrentThread
GetCurrentProcess
GetConsoleCP
lstrlenA
lstrcatA
GetCurrentThreadId
GetACP
SetLastError
GetDefaultCommConfigA
WriteProfileStringW
WriteConsoleOutputW
VerLanguageNameW
MoveFileWithProgressA
SetThreadContext

user32

GetCursorPos
GetGUIThreadInfo
SetFocus
GetCapture
GetCaretBlinkTime
GetCursorInfo
ShowWindow
SetCursor
GetKeyboardType
SetWindowPos
ShowCursor
TranslateAccelerator
OemToCharBuffA
OemToCharA
GetWindowPlacement
DdeReconnect
SwitchDesktop
SendMessageCallbackA
SetClassWord
GetTabbedTextExtentW
IMPGetIMEA
DrawCaption
CallNextHookEx
CharUpperBuffW
CloseDesktop
WaitForInputIdle
ImpersonateDdeClientWindow
LockWindowStation
GetComboBoxInfo

oleaut32

VarDateFromR4
VarI2FromUI1
VarI1FromBool
VarUI1FromUI2
VarI1FromUI8
VarAnd
VarBstrCat
OleSavePictureFile
VarI4FromUI2
CreateTypeLib2
VarNot
SafeArrayGetElemsize
RegisterTypeLib
LoadTypeLibEx
VarBoolFromI8
VarI2FromCy
SafeArrayCreateVectorEx
OACreateTypeLib2

imagehlp

SymGetTypeFromName
RemovePrivateCvSymbolicEx
ImageNtHeader
SymGetLineNext
GetTimestampForLoadedLibrary
FindDebugInfoFileEx
SymEnumTypes
BindImage
ImageAddCertificate
ImageRemoveCertificate
UpdateDebugInfoFile
ImageLoad
ImageDirectoryEntryToDataEx
GetImageConfigInformation
ImageEnumerateCertificates
SymGetLineFromAddr64

version

VerQueryValueW
VerQueryValueA
VerInstallFileA
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
VerFindFileA

ole32

CoSetCancelObject
CoGetContextToken
DllRegisterServer
CoImpersonateClient
StgConvertVariantToProperty
CoDosDateTimeToFileTime
WdtpInterfacePointer_UserSize
DllGetClassObject
ComPs_NdrDllUnregisterProxy
StgSetTimes
CoMarshalInterThreadInterfaceInStream
UtConvertDvtd16toDvtd32
HENHMETAFILE_UserMarshal
OleIsCurrentClipboard
UtGetDvtd16Info
HWND_UserSize
HGLOBAL_UserFree
StgIsStorageFile
HDC_UserFree
OleBuildVersion
HMETAFILEPICT_UserFree
CoPopServiceDomain
StgOpenAsyncDocfileOnIFillLockBytes
CoFreeLibrary

winspool.drv

SplDriverUnloadComplete
OpenPrinterA
AddFormA
EnumPrintProcessorDatatypesW
ConvertUnicodeDevModeToAnsiDevmode
SetFormW
StartDocPrinterW
EnumPrinterDriversA
DocumentEvent
DeletePrinterKeyW
CommitSpoolData
XcvDataW
IsValidDevmodeA
SetPortA
FlushPrinter
IsValidDevmodeW

shell32

SHSetInstanceExplorer
StrStrA
StrRChrIW
RestartDialog
Options_RunDLLW
SheChangeDirExW
SHCreateShellFolderView
ExtractAssociatedIconA
SHChangeNotification_Lock
OpenAs_RunDLLW
StrRStrW
StrChrW
SHQueryRecycleBinA
ShellExecuteEx
StrStrIW
StrCmpNIW
SHStartNetConnectionDialogW
ExtractAssociatedIconExA
PickIconDlg

gdiplus

GdipCreateTextureIA
GdipCreateHICONFromBitmap
GdipSetClipRegion
GdipSetPathGradientFocusScales
GdipGetPropertySize
GdipDrawCurve2I
GdipFillRegion
GdipBitmapLockBits
GdipSetImageAttributesOutputChannel
GdipGetLineTransform
GdipSetPenWidth
GdipGetGenericFontFamilyMonospace
GdipCreatePath2
GdipGetPathGradientGammaCorrection
GdipGetPageUnit
GdipDeleteMatrix
GdipGetPenDashStyle
GdipAddPathPie
GdipGetWorldTransform
GdipWarpPath

oledlg

OleUIInsertObjectA
OleUIPromptUserW
OleUIAddVerbMenuW
OleUIUpdateLinksA
OleUIUpdateLinksW
OleUIPromptUserA
OleUIChangeIconA
OleUIEditLinksW
OleUIConvertA
OleUIAddVerbMenuA
OleUIBusyW
OleUIPasteSpecialW

comctl32

ImageList_BeginDrag
DSA_DeleteAllItems
DPA_SetPtr
CreateStatusWindow
ImageList_SetDragCursorImage
DllGetVersion
FlatSB_GetScrollProp
MakeDragList
ImageList_GetBkColor
ImageList_Destroy
PropertySheetA
CreateStatusWindowW
RemoveWindowSubclass
FlatSB_GetScrollPos
ImageList_GetImageInfo
ImageList_Merge

winmm

DriverCallback
waveOutWrite
midiOutShortMsg
joySetThreshold
mmTaskSignal
midiInGetDevCapsA
mmioStringToFOURCCA
wid32Message
waveOutBreakLoop
waveInGetNumDevs
waveOutOpen
PlaySoundA
waveInOpen
waveOutReset
mciDriverYield
waveInReset
mmioAscend
midiOutOpen

shlwapi

ColorAdjustLuma
PathIsLFNFileSpecA
PathUnquoteSpacesA
PathStripToRootA
SHCreateStreamOnFileEx
SHRegOpenUSKeyW
PathIsLFNFileSpecW
PathIsUNCServerW
PathMakePrettyA
SHCreateThread
SHRegCloseUSKey
PathMatchSpecA
PathAddBackslashW

Sections

.text
Size: 372KB - Virtual size: 371KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 484B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fa946e88327a89bdac99be875a4fd807

Headers

File Characteristics

Imports

kernel32

user32

oleaut32

imagehlp

version

ole32

winspool.drv

shell32

gdiplus

oledlg

comctl32

winmm

shlwapi

Sections

.text Size: 372KB - Virtual size: 371KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 7KB - Virtual size: 11KB

.rdata Size: 8KB - Virtual size: 8KB

.rsrc Size: 512B - Virtual size: 484B

.text
Size: 372KB - Virtual size: 371KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 7KB - Virtual size: 11KB

.rdata
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 512B - Virtual size: 484B