af7797bf0df65314f3173e06b114b0498ee0d76c35a243376d1bc1efc4a01347

Sharing

Copy URL

Twitter E-mail

General

Target

af7797bf0df65314f3173e06b114b0498ee0d76c35a243376d1bc1efc4a01347
Size

256KB
MD5

beddff97291279cbff84fa55fa85dcc8
SHA1

1a76fc9fcee3ec83e339248197d036789a03e7b8
SHA256

af7797bf0df65314f3173e06b114b0498ee0d76c35a243376d1bc1efc4a01347
SHA512

5c0147e4098afae2dc4a0b801f3b637335801acae0811e99a2c0e0353c8a4433126ff3ace0f276d11c688ea85b8c2b6d7da17f21a489d8c1bddc37f091ce3c6a
SSDEEP

6144:Wpr0xQncT7/C4BpTBJh8uJkfoniB827CgUMw4ssOe:EgaS3pTrh8uJGo+82mg06

Score

N/A

Malware Config

Signatures

Files

af7797bf0df65314f3173e06b114b0498ee0d76c35a243376d1bc1efc4a01347
.exe windows x86

d50f982fa90857d8c6f81c3ff73c68db

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
strcmp
memmove
_strdup
strlen
fopen
fclose
malloc
memcpy
free
_errno
strncmp
strtoul
_stat
memchr
fseek
clearerr
fread
ferror
ftell
_wfopen
_fileno
_fstat
time
_stricmp
strrchr
fwrite
_snprintf
sprintf
_fdopen
_close
remove
_setmode
qsort
realloc
mktime
putc
localtime
_wmktemp
_wcreat
_mktemp
_creat

kernel32

GetModuleHandleA
HeapCreate
LoadLibraryA
GetProcAddress
WriteProfileStringA
DefineDosDeviceA
ReleaseMutex
FindFirstChangeNotificationA
GetTapeStatus
FindResourceExA
GetConsoleTitleA
WritePrivateProfileSectionA
IsBadStringPtrA
GetTempFileNameA
GetProcessWorkingSetSize
SetConsoleCP
VirtualProtect
HeapDestroy
ExitProcess
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
FreeLibrary
HeapFree
CloseHandle
InitializeCriticalSection
GetModuleFileNameA
HeapAlloc
DeleteFileA
CreateFileA
WriteFile
MoveFileExW
MoveFileExA
HeapReAlloc
MultiByteToWideChar
WideCharToMultiByte

winspool.drv

PrinterMessageBoxA
DeletePrintProvidorA
PrinterProperties

user32

MessageBeep
GetKBCodePage
CallWindowProcA
ShowWindowAsync
SetParent
PackDDElParam
GetKeyState
SendMessageCallbackA
SwapMouseButton
EnumWindowStationsA

gdi32

SetBkColor
RoundRect
GetPixelFormat
SetTextJustification

comdlg32

PrintDlgA

advapi32

RegQueryValueA
RegDeleteKeyA

comctl32

InitCommonControlsEx

ole32

CoInitialize

imm32

ImmGetDefaultIMEWnd

netapi32

NetWkstaUserGetInfo

wininet

FtpGetCurrentDirectoryA

winmm

mciGetCreatorTask

Sections

.code
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pxr
Size: 512B - Virtual size: 62B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 140KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 636B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d50f982fa90857d8c6f81c3ff73c68db

Headers

File Characteristics

Imports

msvcrt

kernel32

winspool.drv

user32

gdi32

comdlg32

advapi32

comctl32

ole32

imm32

netapi32

wininet

winmm

Sections

.code Size: 32KB - Virtual size: 32KB

.text Size: 65KB - Virtual size: 65KB

.rdata Size: 15KB - Virtual size: 15KB

.pxr Size: 512B - Virtual size: 62B

.data Size: 140KB - Virtual size: 141KB

.rsrc Size: 1024B - Virtual size: 636B

.code
Size: 32KB - Virtual size: 32KB

.text
Size: 65KB - Virtual size: 65KB

.rdata
Size: 15KB - Virtual size: 15KB

.pxr
Size: 512B - Virtual size: 62B

.data
Size: 140KB - Virtual size: 141KB

.rsrc
Size: 1024B - Virtual size: 636B