b6bfe45e22d1e602c3252cb7a53a30b18ee72cc18b4702820b690892f028bc6f

Sharing

Copy URL Twitter E-mail

General

Target

b6bfe45e22d1e602c3252cb7a53a30b18ee72cc18b4702820b690892f028bc6f
Size

881KB
MD5

713cea2d9d9b9139c5adee5e68291b40
SHA1

114894752a858d6bf8bc9ed7f15dbc44feef1826
SHA256

b6bfe45e22d1e602c3252cb7a53a30b18ee72cc18b4702820b690892f028bc6f
SHA512

d740da4fe0a6beb81bf9db3d1634355efbe6c33a7cb1561cd6af11cdfd67f7f045313f18ff66bb897270cb541fdfcd60f7369def26f5bb2a019c0276095c27fe
SSDEEP

12288:UqRyzJ9L7UGz5x51vFEeC8A35PEYenyAleIjAr+AzCCYbMGn9R1MGNqzP614xSFP:TRyzJhTzlrA35zqe/+M+JNMaq7Mwci

Score

N/A

Malware Config

Signatures

Files

b6bfe45e22d1e602c3252cb7a53a30b18ee72cc18b4702820b690892f028bc6f
.exe windows x86

25d4d79b2229a00658743aa74114bc12

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsA
PathFindFileNameW
PathAddBackslashW
PathFindExtensionW

ws2_32

WSAStartup
socket
select
recvfrom
WSACleanup

user32

GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
UpdateWindow
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
CopyRect
PtInRect
DefWindowProcW
CallWindowProcW
GetMenu
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetWindowThreadProcessId
GetLastActivePopup
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
IsWindowVisible
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
GetWindowTextW
GetFocus
SetWindowPos
SetFocus
ShowWindow
SetWindowLongW
GetDlgCtrlID
SetWindowTextW
IsDialogMessageW
SendDlgItemMessageW
GetWindow
PostQuitMessage
PostMessageW
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
MessageBoxW
GetWindowLongW
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
SendMessageW
LoadIconW
EnableWindow
PeekMessageW
UnregisterClassW
DestroyMenu
GetSysColorBrush
LoadCursorW
EndPaint
BeginPaint
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
RegisterWindowMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetKeyState

ole32

CoSetProxyBlanket
CoInitializeSecurity
CoGetObject
CoUninitialize
CoCreateInstance
CoInitializeEx

kernel32

GetLocaleInfoA
GetConsoleCP
GetConsoleMode
GetLocaleInfoW
CompareStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
CreateFileA
FreeResource
LockResource
LoadResource
FindResourceW
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
lstrcmpW
SizeofResource
lstrcmpA
EnumResourceLanguagesW
ConvertDefaultLocale
GlobalDeleteAtom
GlobalAddAtomW
GlobalFindAtomW
MulDiv
FormatMessageW
GlobalFlags
WritePrivateProfileStringW
LocalAlloc
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
LocalReAlloc
SetErrorMode
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
RtlUnwind
InitializeCriticalSectionAndSpinCount
InterlockedExchange
FreeLibrary
HeapSize
RaiseException
HeapReAlloc
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
IsValidCodePage
GetOEMCP
GetCPInfo
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
VirtualFree
HeapCreate
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
DeleteCriticalSection
GetStartupInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
WriteFile
SetUnhandledExceptionFilter
MoveFileA
GetStartupInfoW
GetFileAttributesW
LocalFree
RemoveDirectoryW
CreateMutexW
OpenMutexW
GetCurrentThread
SetThreadPriority
GetCommandLineW
GetModuleFileNameA
CopyFileW
lstrcpyA
lstrlenA
GetACP
ExitProcess
GetTempFileNameA
GetTempPathA
GetSystemTime
GetTickCount
ReadFile
GetWindowsDirectoryW
HeapFree
GetProcessHeap
HeapAlloc
MoveFileW
Sleep
WaitForSingleObject
lstrcatA
lstrcpyW
lstrlenW
GetTempFileNameW
GetTempPathW
ExpandEnvironmentStringsW
GetFileSize
SetFilePointer
GetVersionExW
GetCurrentProcess
WideCharToMultiByte
MultiByteToWideChar
GetLastError
GetModuleFileNameW
lstrcatW
lstrcmpiW
GetModuleHandleW
InterlockedDecrement
GetModuleHandleA
GetProcAddress
LoadLibraryA
SetFileAttributesA
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
CloseHandle
GetVersionExA
LoadLibraryW

advapi32

RegSetValueExW
RegCreateKeyExW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegOpenKeyW

gdi32

DeleteObject
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
SetMapMode
DeleteDC
GetStockObject
GetDeviceCaps
RestoreDC
SaveDC
GetObjectW
SetBkColor
SetTextColor
GetClipBox
CreateBitmap

oleacc

CreateStdAccessibleObject
LresultFromObject

oleaut32

VariantChangeType
VariantClear
VariantInit
SysFreeString
SysAllocString

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

Sections

.text
Size: 226KB - Virtual size: 225KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 549KB - Virtual size: 564KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

25d4d79b2229a00658743aa74114bc12

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

ws2_32

user32

ole32

kernel32

advapi32

gdi32

oleacc

oleaut32

winspool.drv

Sections

.text Size: 226KB - Virtual size: 225KB

.rdata Size: 38KB - Virtual size: 37KB

.data Size: 549KB - Virtual size: 564KB

.rsrc Size: 67KB - Virtual size: 67KB

.text
Size: 226KB - Virtual size: 225KB

.rdata
Size: 38KB - Virtual size: 37KB

.data
Size: 549KB - Virtual size: 564KB

.rsrc
Size: 67KB - Virtual size: 67KB