8fc6f3ca6dc38f0edca3b7f1972169de2c2b9d83e7a490015825e5a27c82f4ae

Sharing

Copy URL Twitter E-mail

General

Target

8fc6f3ca6dc38f0edca3b7f1972169de2c2b9d83e7a490015825e5a27c82f4ae
Size

297KB
MD5

d2f6f8c9cf614d2735c8df3c1da097ad
SHA1

946f965ca980a463d8213abc044f570aaace4fbc
SHA256

8fc6f3ca6dc38f0edca3b7f1972169de2c2b9d83e7a490015825e5a27c82f4ae
SHA512

0f3ddda227647609c6a8d8fc5dfb0d844c974fdf328de42957781d12e48a83a331b9661eff7908cc55ac77c8658db21e48ef75d70b3597d3775925a19c2d9aed
SSDEEP

6144:6XSosHgYX2U9cZcosoJtLFOJKelbiWliIPMcxu1yRgcKaAd:sOHjX5toJt4JKO1lW1Wgx

Score

N/A

Malware Config

Signatures

Files

8fc6f3ca6dc38f0edca3b7f1972169de2c2b9d83e7a490015825e5a27c82f4ae
.exe windows x86

b20f9c0f25770e518689955839a19631

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
CreateFileA
ReadFile
GetStringTypeExA
WritePrivateProfileStringW
LockFile
GlobalSize
GetModuleHandleW
lstrcmpA
GetShortPathNameA
DeleteTimerQueueTimer
lstrcpynA
PulseEvent
GetComputerNameA
Process32FirstW
FlushInstructionCache
FindClose
GetConsoleCP
GetStringTypeA
SetStdHandle
GetUserGeoID
WideCharToMultiByte
CreateMutexA
GetDateFormatW
GetPrivateProfileIntW
GlobalHandle
GetFileAttributesA
EnumCalendarInfoA
_lclose
lstrcatW
GetEnvironmentStrings
GetCurrentThreadId
FileTimeToLocalFileTime
TerminateProcess
GetSystemDirectoryA
GetEnvironmentStringsW
GetModuleFileNameW
GetProcessHeap
GetDateFormatA
GlobalUnlock
GetStartupInfoW
QueryDosDeviceW
GetFileInformationByHandle
GetUserDefaultLCID
FreeEnvironmentStringsW
GetWindowsDirectoryA
HeapSize
GetCurrentProcess
CreateNamedPipeA
ReleaseMutex
ReleaseSemaphore
GetProcessTimes
GetQueuedCompletionStatus
GlobalGetAtomNameA
lstrcmpiW
GlobalFlags
OutputDebugStringA
FindNextChangeNotification
QueryPerformanceFrequency
SetFilePointerEx
GetEnvironmentVariableW
GetExitCodeThread
GetACP
GetFileAttributesExW
CreateTimerQueue
LCMapStringA
GetDiskFreeSpaceExW
GetThreadLocale
TlsGetValue
GetCommandLineW
InitializeCriticalSectionAndSpinCount
IsValidCodePage
LocalUnlock
GetPrivateProfileIntA
LoadLibraryExW
GetCurrentDirectoryW
GetVolumeInformationW
WriteConsoleA
GetLogicalDriveStringsW
GetFullPathNameW
WriteConsoleW
GetLocaleInfoA
GlobalMemoryStatus
FindFirstFileW
InterlockedExchange
GetTempFileNameW
RaiseException
WaitForMultipleObjects
GetModuleFileNameA
LocalAlloc
IsDebuggerPresent
IsBadCodePtr
SetPriorityClass
HeapFree
OpenFileMappingW
GetPrivateProfileStringW
GlobalGetAtomNameW
SetNamedPipeHandleState
_llseek
LocalFree
GlobalReAlloc
FindResourceExW
GlobalLock
SetEvent
DeleteTimerQueueEx
CreateDirectoryW
SetFileAttributesW
CompareFileTime
InterlockedIncrement
InterlockedDecrement
GetStringTypeW
LCMapStringW
MultiByteToWideChar
LoadLibraryA
GetProcAddress
HeapReAlloc
HeapAlloc
GetOEMCP
GetCPInfo
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
WriteFile
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetLastError
SetLastError
TlsAlloc
TlsSetValue
GetFileType
GetStdHandle
SetHandleCount
FreeEnvironmentStringsA
UnhandledExceptionFilter
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA

user32

ReplyMessage
CharLowerW
IntersectRect
ModifyMenuW
GetWindowLongW
CharToOemBuffA
IsClipboardFormatAvailable
DefWindowProcA
CreateDialogIndirectParamW
DrawIcon
IsDlgButtonChecked
FlashWindow
GetMenuItemInfoW
FindWindowExW
DdeUnaccessData
GetPropW
GetMenuStringA
RegisterClassA
EnableMenuItem
DispatchMessageA
GetTopWindow
GetClassInfoExA
GetCapture
CharLowerA
ExitWindowsEx
SetWindowTextW
GetSubMenu
GetMessagePos
CharUpperBuffA
GetWindowLongA
IsWindowVisible
wvsprintfW
SetKeyboardState
DdeCreateDataHandle
SubtractRect
GetKeyboardState
DrawIconEx
CreateDialogIndirectParamA
SetDlgItemInt
OemToCharA
SetCursor

winspool.drv

GetPrinterDriverDirectoryA

ole32

OleSave
OleQueryLinkFromData
RegisterDragDrop
CreateILockBytesOnHGlobal
SetConvertStg
OleTranslateAccelerator
StgOpenStorage
OleCreateLinkToFile
OleCreateMenuDescriptor
OleRun

Sections

.text
Size: 244KB - Virtual size: 243KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b20f9c0f25770e518689955839a19631

Headers

File Characteristics

Imports

kernel32

user32

winspool.drv

ole32

Sections

.text Size: 244KB - Virtual size: 243KB

.rdata Size: 33KB - Virtual size: 32KB

.data Size: 18KB - Virtual size: 20KB

.rsrc Size: 1024B - Virtual size: 824B

.text
Size: 244KB - Virtual size: 243KB

.rdata
Size: 33KB - Virtual size: 32KB

.data
Size: 18KB - Virtual size: 20KB

.rsrc
Size: 1024B - Virtual size: 824B