dc93daae0d43ae25c854ae0b0bc0f851a17f9a967bcb0297ad6a3c2e04a11f7c

Sharing

Copy URL Twitter E-mail

General

Target

dc93daae0d43ae25c854ae0b0bc0f851a17f9a967bcb0297ad6a3c2e04a11f7c
Size

188KB
MD5

40ae73dda85cf9d0adf868dd3c06ccc7
SHA1

e76633a6482e3f05e4ba17c3f3f60f8143b388bb
SHA256

dc93daae0d43ae25c854ae0b0bc0f851a17f9a967bcb0297ad6a3c2e04a11f7c
SHA512

55c38def893e446aba52064f01c92689efdf218905a768d204ed055255e80c322498cb53f3b43e00425b1157a33f68a63be231dd94479b25b1d76087e19b38f4
SSDEEP

3072:E5dIskta/RKi11c5RLiU1kr6YS08SkPS79dulcgw:AdIL3VWUar6YS0oK4cF

Score

N/A

Malware Config

Signatures

Files

dc93daae0d43ae25c854ae0b0bc0f851a17f9a967bcb0297ad6a3c2e04a11f7c
.exe windows x86

c0540e86df9b0bb091d23e9548ab7dc0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindFileNameA

kernel32

lstrlenA
MultiByteToWideChar
WaitForSingleObject
VirtualProtect
SetEndOfFile
LCMapStringW
LCMapStringA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
GetCPInfo
GetOEMCP
GetACP
InitializeCriticalSection
FlushFileBuffers
SetStdHandle
SetFilePointer
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
UnhandledExceptionFilter
TlsAlloc
SetLastError
TlsFree
VirtualAlloc
DeleteCriticalSection
VirtualFree
HeapSize
ExitProcess
HeapReAlloc
LeaveCriticalSection
EnterCriticalSection
ReadFile
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
CreateThread
GetLastError
TlsGetValue
TlsSetValue
GetCurrentThreadId
ExitThread
RtlUnwind
lstrcmpiA
WinExec
Sleep
lstrcatA
CreateDirectoryA
CopyFileA
GetCurrentProcess
GlobalAlloc
GlobalFree
CreateProcessA
WaitForSingleObjectEx
GetTempPathA
GetTempFileNameA
CreateFileA
WriteFile
CloseHandle
GetProcAddress
GetCurrentDirectoryA
HeapDestroy
GetSystemInfo
HeapCreate
GetSystemDirectoryA
GetModuleFileNameA
ExpandEnvironmentStringsA
lstrcpyA
GetWindowsDirectoryA
GetDiskFreeSpaceA
GetProcessHeap
HeapAlloc
HeapFree
SetErrorMode
LoadLibraryA
FreeLibrary
GetVersionExA
VirtualQuery
FreeEnvironmentStringsW

user32

LoadBitmapA
ReleaseDC
LoadIconA
GetMessageA
MessageBoxA
LoadCursorA
RegisterClassA
CreateDialogParamA
GetDC
SendMessageA
ExitWindowsEx
wsprintfA
SetWindowPos
GetWindowRect
IsDialogMessageA
BeginPaint
GetClientRect
InflateRect
SetRect
CopyRect
FillRect
DrawTextA
DrawEdge
EndPaint
InvalidateRect
GetWindowLongA
SetWindowLongA
IsWindow
PeekMessageA
DispatchMessageA
TranslateMessage
MoveWindow
IsIconic
SetTimer
GetForegroundWindow
PostMessageA
DefWindowProcA
CreateWindowExA
LoadImageA
GetMenu
GetSubMenu
AppendMenuA
DrawMenuBar
CheckDlgButton
IsDlgButtonChecked
SetDlgItemTextA
LoadStringA
ShowWindow
UpdateWindow
PostQuitMessage
DialogBoxParamA
GetKeyState
EndDialog
mouse_event
SetForegroundWindow
GetDlgItem
SetFocus
KillTimer
DestroyWindow
GetDesktopWindow

gdi32

StretchBlt
CreatePalette
GetObjectA
GetDeviceCaps
SetBkMode
SetStretchBltMode
GetTextExtentPoint32A
SetTextColor
CreateRectRgn
SelectClipRgn
CreateSolidBrush
GetStockObject
DeleteObject
StartDocA
StartPage
TextOutA
EndPage
EndDoc
DeleteDC
RealizePalette
SelectPalette
GetDIBColorTable
CreateCompatibleDC
SelectObject
SetAbortProc

winspool.drv

ClosePrinter
EnumPrintersA
OpenPrinterA

comdlg32

ChooseFontA
PrintDlgA

advapi32

RegOpenKeyExA
RegDeleteKeyA
RegCloseKey
RegCreateKeyExA
InitiateSystemShutdownA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegQueryValueExA

shell32

SHGetPathFromIDListA
SHChangeNotify
ShellAboutA
SHGetFolderPathA
SHGetSpecialFolderLocation

ole32

CoInitialize
CoTaskMemFree
CoCreateInstance

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c0540e86df9b0bb091d23e9548ab7dc0

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 120KB - Virtual size: 120KB

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 120KB - Virtual size: 120KB