56784c281beab1fa1322a18448bc05fea4b5af795253c1f761a033b373e4f0d8

Sharing

Copy URL Twitter E-mail

General

Target

56784c281beab1fa1322a18448bc05fea4b5af795253c1f761a033b373e4f0d8
Size

276KB
MD5

469ba9794bf6f1fa0fefccccfc5029f0
SHA1

d2af6342f7cbd647649f49b69eedb731e139995d
SHA256

56784c281beab1fa1322a18448bc05fea4b5af795253c1f761a033b373e4f0d8
SHA512

86dd66dd88a1f5e141b239ca4aa6ce2318122f08e65528079711f9ae24a1794e302b0ff627b22bbbe261531f18dc07d4f975b65d345ff9b59f3df1e5cae8b563
SSDEEP

3072:ANJOtymoYgSNDQRRX0bpz88j70rLJzko4S+2da6CMihsXUkVjHu/IYXu7v2:ANJOtymoqNURV0Ae2Y6CJY3VrucL

Score

N/A

Malware Config

Signatures

Files

56784c281beab1fa1322a18448bc05fea4b5af795253c1f761a033b373e4f0d8
.dll windows x86

5de868d03799bb384ef0208dbc558b78

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
RaiseException
HeapAlloc
TerminateProcess
HeapSize
HeapReAlloc
SetUnhandledExceptionFilter
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
HeapFree
GetCommandLineA
IsBadWritePtr
Sleep
ExitProcess
GlobalFree
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GlobalDeleteAtom
lstrcpyA
GetModuleHandleA
GetProcAddress
WritePrivateProfileStringA
WritePrivateProfileStructA
GetPrivateProfileIntA
GetPrivateProfileStringA
GetPrivateProfileStructA
InterlockedDecrement
InterlockedIncrement
InterlockedExchange
SetFilePointer
FlushFileBuffers
WriteFile
GetCurrentProcess
GetOEMCP
MultiByteToWideChar
WideCharToMultiByte
GlobalFlags
GetCPInfo
GetProcessVersion
lstrcpynA
GetLastError
lstrlenA
LocalReAlloc
SetErrorMode
TlsGetValue
GlobalReAlloc
TlsSetValue
EnterCriticalSection
GlobalHandle
LeaveCriticalSection
TlsFree
LCMapStringA
DeleteCriticalSection
TlsAlloc
GetACP
InitializeCriticalSection
LocalFree
LocalAlloc
CloseHandle
GetModuleFileNameA
GlobalAlloc
lstrcmpA
GetCurrentThread
GlobalLock
GlobalUnlock
SetLastError
LoadLibraryA
FreeLibrary
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
LCMapStringW
SetHandleCount
VirtualFree
VirtualAlloc

user32

LoadBitmapA
GetMenuCheckMarkDimensions
ClientToScreen
GetDC
ModifyMenuA
GetMenuState
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
ReleaseDC
PostQuitMessage
SetCursor
GetCursorPos
ValidateRect
GetActiveWindow
TranslateMessage
GetMessageA
UnregisterClassA
GetClassNameA
PtInRect
LoadCursorA
GetSysColorBrush
LoadStringA
LoadIconA
PostMessageA
MapWindowPoints
GetSysColor
PeekMessageA
DispatchMessageA
GetFocus
SetFocus
AdjustWindowRectEx
DestroyMenu
SetMenuItemBitmaps
GetTopWindow
MessageBoxA
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextA
GetDlgCtrlID
GetKeyState
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
SendMessageA
GetWindow
GetWindowLongA
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
IsWindowEnabled
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
wsprintfA
EnableWindow
ShowWindow
CopyRect
SetWindowTextA
GetClientRect
FillRect
IsWindowVisible
GetMenu
GetParent

gdi32

CreateCompatibleDC
GetClipBox
SetTextColor
SetBkColor
GetObjectA
CreateBitmap
DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
MoveToEx
LineTo
CreateCompatibleBitmap
DeleteObject
GetDeviceCaps
CreatePen
CreateSolidBrush
PtVisible
TextOutA
ExtTextOutA
RectVisible
BitBlt
Escape

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA

comctl32

ord17

oleaut32

VariantClear

Exports

Exports

CloseStream
CopySettings
CreateSettingsWindow
Free
Initialize
InitializeXml
LoadPreset
OpenStream
PlugInInfo
ProcessStream
SavePreset
SavePresetXml
SetStreamCallBack
UnlockEffect

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5de868d03799bb384ef0208dbc558b78

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

oleaut32

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 119KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 24KB - Virtual size: 37KB

.data1 Size: 16KB - Virtual size: 12KB

.reloc Size: 28KB - Virtual size: 25KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 120KB - Virtual size: 119KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 24KB - Virtual size: 37KB

.data1
Size: 16KB - Virtual size: 12KB

.reloc
Size: 28KB - Virtual size: 25KB

.rmnet
Size: 60KB - Virtual size: 60KB