14b606dfd8451e8f2ab1d33c0d863aae2796d6133964b2f07bba2e30d2307652

Sharing

Copy URL Twitter E-mail

General

Target

14b606dfd8451e8f2ab1d33c0d863aae2796d6133964b2f07bba2e30d2307652
Size

472KB
MD5

8462b55454773333a33eb97790f90b2a
SHA1

dddc8fbd4c16639373f9a92507b953fc44674260
SHA256

14b606dfd8451e8f2ab1d33c0d863aae2796d6133964b2f07bba2e30d2307652
SHA512

6b8ddb08ffddf2da5fae64c83cad2dbca9a2ae178675279b16dc16122bf9a75377e71d8f6faafa1d2b5f7f1ef9dda5a8b20a761495d4fa41a326e5a599f6929c
SSDEEP

12288:lxE4uUWHtWeFsTj/tEOBR2K2Nv60WfUeTuCRR6fEwYc9W:jX9ot43/tEOyKGSCYR6fxYc9W

Score

N/A

Malware Config

Signatures

Files

14b606dfd8451e8f2ab1d33c0d863aae2796d6133964b2f07bba2e30d2307652
.exe windows x86

e6d87410d98ba68e05899eb17aaed2de

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathStripToRootW
PathFindFileNameW
SHAutoComplete

advapi32

OpenProcessToken
CreateServiceA
QueryServiceStatus
OpenServiceA
RegOpenKeyA
RegCloseKey
RegQueryValueExA
RegDeleteKeyA

kernel32

GetProcessHeap
CreateMutexW
TlsGetValue
SetLastError
GetCPInfo
GetTimeFormatA
GetDateFormatA
WideCharToMultiByte
VirtualFree
TlsFree
RaiseException
GetLocaleInfoW
IsDebuggerPresent
ReadFile
GetStringTypeA
InterlockedExchange
GetCurrentThread
DeleteCriticalSection
GetModuleHandleW
SetConsoleCtrlHandler
GetProcAddress
GetLastError
LoadLibraryA
CompareStringW
GetCommandLineW
GetModuleFileNameW
SetUnhandledExceptionFilter
EnterCriticalSection
VirtualAlloc
HeapSize
InitializeCriticalSection
GetStdHandle
SetEnvironmentVariableA
GetTickCount
SetHandleCount
FreeLibrary
GetUserDefaultLCID
IsValidCodePage
CompareStringA
InterlockedDecrement
WriteFile
TlsSetValue
LCMapStringA
GetCurrentProcess
IsValidLocale
GetCurrentProcessId
GetConsoleCP
SetStdHandle
RtlUnwind
GetEnvironmentStrings
Sleep
HeapReAlloc
GetCommandLineA
GetACP
CloseHandle
GetCurrentThreadId
WriteConsoleA
FreeEnvironmentStringsA
GetFileType
GetVersionExA
GetModuleHandleA
GetConsoleOutputCP
ExitProcess
MultiByteToWideChar
GetTimeZoneInformation
WriteConsoleW
GetStartupInfoW
QueryPerformanceCounter
InterlockedIncrement
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetFilePointer
FlushFileBuffers
HeapCreate
GetStringTypeW
GetStartupInfoA
HeapFree
GetModuleFileNameA
GetLocaleInfoA
VirtualQuery
LCMapStringW
HeapAlloc
TlsAlloc
CreateFileA
GetEnvironmentStringsW
TerminateProcess
HeapDestroy
LeaveCriticalSection
GetSystemTimeAsFileTime
GetOEMCP
FatalAppExitA
GetConsoleMode

user32

GetMenuItemInfoW
SendMessageW
GetMessageW
SetDlgItemInt
RemovePropW
InvalidateRect
MessageBoxW
SetCursor
SetPropW
GetWindowDC
GetSystemMetrics
IsWindow
ModifyMenuW
ReuseDDElParam
RegisterClassW
CallNextHookEx
GetSysColorBrush
PostQuitMessage
GetClassNameW
SetMenuItemInfoW
GetWindowTextLengthW
SystemParametersInfoW
UnregisterClassW
GetPropW
GetDlgCtrlID
SetActiveWindow
LoadIconW
RegisterClassExW
GetFocus
GetDlgItem
ShowWindow
SetWindowPlacement
GetCursorPos
AppendMenuW
IsWindowVisible
GetWindowLongW
ReleaseDC
RedrawWindow
IsMenu
InvalidateRgn
KillTimer
IsChild
GetClientRect
GetWindowPlacement
GetClassLongW
SetForegroundWindow
MapWindowPoints

winspool.drv

ord204
OpenPrinterA
ClosePrinter

comctl32

InitCommonControlsEx
ImageList_DragLeave
ImageList_GetIcon
ImageList_GetIconSize

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

oleaut32

LoadTypeLi

ole32

OleQueryLinkFromData
WriteClassStg
OleIsCurrentClipboard
OleRegGetUserType
ReleaseStgMedium
OleUninitialize
OleQueryCreateFromData
ReadFmtUserTypeStg
CoDisconnectObject
OleRun
OleCreateFromData
CoGetClassObject
OleIsRunning
WriteFmtUserTypeStg
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
CoLockObjectExternal
GetClassFile
WriteClassStm
CoGetMalloc
CreateOleAdviseHolder
StgIsStorageFile
CoTaskMemFree
CoRevokeClassObject
OleSaveToStream
IsAccelerator
OleFlushClipboard
SetConvertStg
OleSetContainedObject
ReadClassStg
CoTreatAsClass
StgIsStorageILockBytes
OleTranslateAccelerator
CoRegisterMessageFilter
OleLoad
CreateItemMoniker

Sections

.text
Size: 112KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 264KB - Virtual size: 261KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e6d87410d98ba68e05899eb17aaed2de

Headers

File Characteristics

Imports

shlwapi

advapi32

kernel32

user32

winspool.drv

comctl32

version

oleaut32

ole32

Sections

.text Size: 112KB - Virtual size: 108KB

.rdata Size: 264KB - Virtual size: 261KB

.data Size: 72KB - Virtual size: 85KB

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 112KB - Virtual size: 108KB

.rdata
Size: 264KB - Virtual size: 261KB

.data
Size: 72KB - Virtual size: 85KB

.rsrc
Size: 20KB - Virtual size: 19KB