f00fcbb9e25c08e6e8e766810eb53b502ae7b1825143da633ae576c4ded310ba

Sharing

Copy URL Twitter E-mail

General

Target

f00fcbb9e25c08e6e8e766810eb53b502ae7b1825143da633ae576c4ded310ba
Size

340KB
MD5

4b5eb54de32f86819c638878ac2c7985
SHA1

5acf553e8f2d4eb60ed63939d577f4c790638ee1
SHA256

f00fcbb9e25c08e6e8e766810eb53b502ae7b1825143da633ae576c4ded310ba
SHA512

59a8a7e288a02f6a292b466e75c6f847c7e3825a9a7fdf62a275dd68e94a036823f7b42029f3aa8b074265d56801e38ba6f8eb62af57825386874dbdd0fcbbe8
SSDEEP

6144:J1Bk/tHNfQgZNBESEtg9nDtSNCjHog9qdI22HS6:JrAMO7nEi9nxCkHoUqdJ

Score

N/A

Malware Config

Signatures

Files

f00fcbb9e25c08e6e8e766810eb53b502ae7b1825143da633ae576c4ded310ba
.exe windows x86

d8625fe6eb7922fb3c336dc3de46cd54

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedDecrement
MultiByteToWideChar
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetLastError
lstrcpynA
LocalAlloc
TlsAlloc
GlobalUnlock
GlobalHandle
GlobalLock
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GetVersion
GetCurrentThreadId
lstrcpyA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
lstrcmpiA
GlobalGetAtomNameA
lstrcatA
InterlockedIncrement
FreeLibrary
GetProcessVersion
lstrcmpA
GlobalFlags
GetCPInfo
GetOEMCP
FlushFileBuffers
HeapFree
HeapReAlloc
HeapAlloc
RaiseException
ExitProcess
GetStartupInfoA
HeapSize
GetACP
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
SetHandleCount
GetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
lstrlenA
CreateProcessA
GetCommandLineA
GetCommandLineW
CopyFileA
LocalFree
Sleep
GetTempFileNameA
GetTempPathA
CreateDirectoryA
GetEnvironmentVariableA
DeleteFileA
GetModuleFileNameA
LoadLibraryA
GetVersionExA
FindResourceA
SizeofResource
LoadResource
GetCurrentProcessId
GlobalAlloc
GlobalFree
TerminateProcess
GetLastError
GetModuleHandleA
GetProcAddress
GetCurrentProcess
SetFilePointer
CreateFileA
GetFileSize
ReadFile
CloseHandle
WriteFile
WideCharToMultiByte

user32

GetSubMenu
GetMenuItemCount
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
PostMessageA
LoadIconA
SetWindowTextA
LoadCursorA
GetSysColorBrush
ReleaseDC
GetDC
GetClassNameA
PtInRect
ClientToScreen
PostQuitMessage
DestroyMenu
TabbedTextOutA
DrawTextA
GrayStringA
GetMenuItemID
GetDlgItem
GetWindowTextA
GetDlgCtrlID
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
DispatchMessageA
GetKeyState
CallNextHookEx
PeekMessageA
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
SendMessageA
MessageBoxA
EnableWindow
LoadStringA
ShowWindow
GetForegroundWindow
UnhookWindowsHookEx

advapi32

RegCreateKeyExA
RegEnumValueA
RegSetValueExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA

shell32

CommandLineToArgvW
ShellExecuteA

ole32

CoInitialize
CoCreateGuid
StringFromGUID2

comctl32

ord17

ntdll

RtlUnwind

gdi32

SelectObject
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
GetClipBox
SetTextColor
SetBkColor
Escape
ExtTextOutA
CreateBitmap
TextOutA
RectVisible
PtVisible
GetObjectA
GetDeviceCaps
DeleteObject
DeleteDC
SaveDC
RestoreDC
GetStockObject

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

Sections

.text
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 216KB - Virtual size: 214KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d8625fe6eb7922fb3c336dc3de46cd54

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

comctl32

ntdll

gdi32

winspool.drv

Sections

.text Size: 84KB - Virtual size: 82KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 20KB - Virtual size: 30KB

.rsrc Size: 216KB - Virtual size: 214KB

.text
Size: 84KB - Virtual size: 82KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 20KB - Virtual size: 30KB

.rsrc
Size: 216KB - Virtual size: 214KB