df255af635a2dde04c031db95862f11e1bf44fe5cfc10d3b20bd4678ed818567[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

df255af635a2dde04c031db95862f11e1bf44fe5cfc10d3b20bd4678ed818567.exe
Size

623KB
MD5

c24a08bfeb09c9842b8e6578d7b0b721
SHA1

937a77b8ad27217b346922cb5513458542e3d390
SHA256

df255af635a2dde04c031db95862f11e1bf44fe5cfc10d3b20bd4678ed818567
SHA512

42717c37604b41fff2bae91a22037f0e2b1d3514a8305d672595930f331a6a998d1a88741585413977ee81cd59ab155faf19ae654d229dc0256e30d71b222799
SSDEEP

6144:Xe1Hsi5y4+31THCZ1L8TtY5d1XECPBe8gtgU/EOS1YnxsWMmxGnNWSjiSJWw2dh+:XL9hrCZ58TCTQ8MXSynHSh9WhxRrt+z

Score

N/A

Malware Config

Signatures

Files

df255af635a2dde04c031db95862f11e1bf44fe5cfc10d3b20bd4678ed818567.exe
.exe windows x86

a99564d9a11ac02dbb1ea9e9f35fba2e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

oleaut32

VariantInit
VariantChangeType
VariantClear

gdi32

RectVisible
DeleteObject
GetDeviceCaps
SetTextColor
SetMapMode
TextOutW
PtVisible
ScaleWindowExtEx
SaveDC
GetClipBox
SelectObject
ScaleViewportExtEx
GetStockObject
DeleteDC
SetWindowExtEx
SetViewportExtEx
ExtTextOutW
SetViewportOrgEx
RestoreDC
OffsetViewportOrgEx
Escape
SetBkColor
CreateBitmap

advapi32

CryptHashData
LsaClearAuditLog
SystemFunction019
ClearEventLogA

user32

GetMenuItemCount
SetPropW
ClientToScreen
GetWindowRect
GrayStringW
SetWindowLongW
RegisterWindowMessageW
CallWindowProcW
GetWindowPlacement
GetMenuState
CopyRect
GetPropW
GetClassNameW
GetMenuCheckMarkDimensions
SetWindowsHookExW
SystemParametersInfoA
PostMessageW
UnregisterClassA
LoadCursorW
ReleaseDC
CallNextHookEx
IsIconic
DrawTextExW
GetWindow
GetClientRect
MessageBoxW
SetWindowTextW
CheckMenuItem
SetMenuItemBitmaps
GetWindowLongW
DestroyMenu
GetClassInfoW
GetDlgItem
PtInRect
GetMessageTime
ModifyMenuW
GetDlgCtrlID
SetForegroundWindow
GetKeyState
GetDC
GetSysColorBrush
WinHelpW
GetMenu
GetCapture
UnhookWindowsHookEx
LoadIconW
SetWindowPos
GetTopWindow
DrawTextW
EnableWindow
GetWindowThreadProcessId
PostQuitMessage
LoadBitmapW
IsWindowEnabled
GetSystemMetrics
DefWindowProcW
EnableMenuItem
GetLastActivePopup
wsprintfW
GetParent
GetClassLongW
ValidateRect
GetClassInfoExW
GetForegroundWindow
GetMenuItemID
GetFocus
RemovePropW
AdjustWindowRectEx
SendMessageW
GetSysColor
MapWindowPoints
PeekMessageW
GetWindowTextW
TabbedTextOutW
DispatchMessageW
DestroyWindow
IsWindow
ExitWindowsEx
GetMessagePos
GetSubMenu
RegisterClassW
CreateWindowExW

kernel32

GetCurrentThreadId
GetModuleFileNameA
FreeEnvironmentStringsA
SetStdHandle
SetUnhandledExceptionFilter
GetConsoleMode
GetModuleFileNameW
LCMapStringW
LoadResource
GetVersionExA
GetLocaleInfoA
InitializeCriticalSection
GetLastError
WriteFile
CreateFileA
LeaveCriticalSection
IsDebuggerPresent
TlsGetValue
GetEnvironmentStringsW
GetModuleHandleW
SetFilePointer
SetLastError
DeleteCriticalSection
GetProcessHeap
VirtualFree
GlobalFlags
GetConsoleCP
SetHandleCount
FreeEnvironmentStringsW
SetCurrentDirectoryW
GetVersion
RaiseException
GetCurrentProcess
InterlockedIncrement
FlushFileBuffers
TlsAlloc
InterlockedDecrement
GetSystemDefaultLangID
SizeofResource
FreeLibrary
GetStartupInfoW
LCMapStringA
LocalReAlloc
GetStdHandle
GetCPInfo
WriteConsoleA
GlobalDeleteAtom
GetPrivateProfileStringW
WinExec
EnterCriticalSection
GetCurrentProcessId
GetThreadLocale
GlobalFindAtomW
InterlockedExchange
GlobalReAlloc
GlobalLock
LoadLibraryA
GlobalFree
lstrcmpW
Sleep
GlobalAddAtomW
TlsFree
HeapDestroy
GetCommandLineA
CloseHandle
RtlUnwind
HeapCreate
GlobalAlloc
LockResource
GetOEMCP
GetConsoleOutputCP
HeapAlloc
FormatMessageW
ExitProcess
HeapReAlloc
GlobalUnlock
FindResourceW
HeapFree
LoadLibraryW
GetEnvironmentStringsA
GetProcAddress
GetFileType
HeapSize
GetModuleHandleA
WriteConsoleW
GetStartupInfoA
GetStringTypeW
LocalFree
LocalAlloc
lstrlenW
GetACP
QueryPerformanceCounter
GetVersionExW
GetStringTypeA
TlsSetValue
GlobalHandle
SetPriorityClass
GetCommandLineW

Sections

.text
Size: 74KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 162KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 257KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a99564d9a11ac02dbb1ea9e9f35fba2e

Headers

File Characteristics

Imports

winspool.drv

oleaut32

gdi32

advapi32

user32

kernel32

Sections

.text Size: 74KB - Virtual size: 76KB

.data Size: 162KB - Virtual size: 162KB

.rdata Size: 109KB - Virtual size: 109KB

.pdata Size: 257KB - Virtual size: 272KB

.idata Size: 15KB - Virtual size: 15KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 74KB - Virtual size: 76KB

.data
Size: 162KB - Virtual size: 162KB

.rdata
Size: 109KB - Virtual size: 109KB

.pdata
Size: 257KB - Virtual size: 272KB

.idata
Size: 15KB - Virtual size: 15KB

.rsrc
Size: 3KB - Virtual size: 3KB