4c9d43b48d1c44b79a537afe18017eeb9514964607c4467143a93ba73ee61301

Sharing

Copy URL

Twitter E-mail

General

Target

4c9d43b48d1c44b79a537afe18017eeb9514964607c4467143a93ba73ee61301
Size

344KB
MD5

1fad224af477bd9eb1fae52dcd3925f6
SHA1

6c9d4eeb717bdc36fb329b0ed737755946b2f8ed
SHA256

4c9d43b48d1c44b79a537afe18017eeb9514964607c4467143a93ba73ee61301
SHA512

407dde8ef9f3b489923b781c9de7ce32e0b4ce211d869d1f997fe9e4fc58db6ece3085ce82c758ba525a26fd555bc05e7668ef4a38e507f56a4b1c388171bfd5
SSDEEP

6144:AvVa4BAOQoPuJytUrKLG7HPeWSe5JpOUKFupPx93iURqajc:AQ4BWgvriTPeWd5JjPx931tjc

Score

N/A

Malware Config

Signatures

Files

4c9d43b48d1c44b79a537afe18017eeb9514964607c4467143a93ba73ee61301
.exe windows x86

cb30bc489af74681e7205346a1d6da49

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateMessage
ValidateRect
PostQuitMessage
GetCursorPos
WindowFromPoint
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetMenuItemBitmaps
GetMessageA
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetActiveWindow
CreateDialogIndirectParamA
IsWindowEnabled
SetWindowRgn
ReleaseDC
GetWindowDC
PostMessageA
SetCursor
GetWindowThreadProcessId
UnregisterClassA
GetMenuCheckMarkDimensions
GetWindowRect
GetClientRect
InvalidateRect
EnableWindow
GetNextDlgTabItem
EndDialog
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetFocus
IsWindow
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageA
GetDlgItem
DestroyWindow
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetWindowLongA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
GetWindow
GetSysColor
EndPaint
GetDC
ClientToScreen
ScreenToClient
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
LoadCursorA
GetSysColorBrush
GetClassNameA
DestroyMenu
UnhookWindowsHookEx
GetSystemMetrics
ExitWindowsEx
LoadIconA
GetDesktopWindow
BeginPaint
IsIconic
DrawIcon
LoadBitmapA
MessageBoxA
GetParent
SendMessageA
OffsetRect
CopyRect
LoadImageA
GetTopWindow

shell32

ShellExecuteA

advapi32

RegCloseKey
RegQueryValueA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA
RegQueryValueExA
AdjustTokenPrivileges
RegOpenKeyExA
OpenProcessToken
RegOpenKeyA
LookupPrivilegeValueA
RegEnumKeyA

gdi32

GetBkColor
BitBlt
StretchBlt
SelectObject
CreateRectRgn
CreateFontIndirectA
GetStockObject
GetDeviceCaps
SaveDC
SetBkColor
SetBkMode
SetTextColor
SetMapMode
GetClipBox
DeleteObject
GetDIBits
GetObjectA
CreateCompatibleBitmap
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
CreateBitmap
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
CreateCompatibleDC
CombineRgn
RestoreDC

comctl32

_TrackMouseEvent

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

netapi32

NetEnumerateComputerNames

shlwapi

PathFindExtensionA
PathFindFileNameA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

kernel32

GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
HeapReAlloc
VirtualAlloc
DeleteCriticalSection
VirtualFree
HeapCreate
Sleep
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
GetModuleHandleA
TlsAlloc
TlsGetValue
GetProcAddress
GetModuleHandleW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
LeaveCriticalSection
EnterCriticalSection
GetStartupInfoA
GetCommandLineA
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
GetLastError
WideCharToMultiByte
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
RtlUnwind
MultiByteToWideChar
InitializeCriticalSectionAndSpinCount
LoadLibraryA
RaiseException
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LCMapStringA
LCMapStringW
SetFilePointer
HeapSize
ReadFile
CloseHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
CreateFileA
TlsSetValue

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.TEXT
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cb30bc489af74681e7205346a1d6da49

Headers

DLL Characteristics

File Characteristics

Imports

user32

shell32

advapi32

gdi32

comctl32

version

netapi32

shlwapi

winspool.drv

kernel32

Sections

.text Size: 96KB - Virtual size: 95KB

.rdata Size: 44KB - Virtual size: 43KB

.data Size: 13KB - Virtual size: 344KB

.TEXT Size: 5KB - Virtual size: 5KB

.rsrc Size: 184KB - Virtual size: 183KB

.text
Size: 96KB - Virtual size: 95KB

.rdata
Size: 44KB - Virtual size: 43KB

.data
Size: 13KB - Virtual size: 344KB

.TEXT
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 184KB - Virtual size: 183KB