9308f2fc520194002eac1956c6b5cb50d6ed995969a4c3e1e49d17f985bb4acc

Sharing

Copy URL Twitter E-mail

General

Target

9308f2fc520194002eac1956c6b5cb50d6ed995969a4c3e1e49d17f985bb4acc
Size

284KB
MD5

0788c792aee02c81413351905a39c80d
SHA1

2b59c8ba737afab323e4f8793a23ad1b7f4c1b9a
SHA256

9308f2fc520194002eac1956c6b5cb50d6ed995969a4c3e1e49d17f985bb4acc
SHA512

e0175031f152b67a07d39ef12cede5ba4505c6f237cb6ab794c8a158b099e26592a18b8fc0bdb869affc270f53a9838bc36cdf9acaf968a4c0abaac03c3bc173
SSDEEP

6144:/04znbzoFJ0dk+fdapXfT67wtI5myVUzJf:/0qbcJ0emapXfm7wr4U

Score

N/A

Malware Config

Signatures

Files

9308f2fc520194002eac1956c6b5cb50d6ed995969a4c3e1e49d17f985bb4acc
.exe windows x86

27caa953e5ad3ad5917555fed36d13aa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyA
InitializeSecurityDescriptor
RegCreateKeyExA
OpenProcessToken
GetLengthSid
RegDeleteKeyA
RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegQueryInfoKeyA
RegCloseKey
RegEnumKeyExA
SetSecurityDescriptorDacl
InitializeAcl

shell32

SHGetMalloc
ShellExecuteA
SHGetSpecialFolderLocation
SHChangeNotify
ord155
SHGetFileInfoA
ShellExecuteW
DragQueryFileA
DragFinish
SHBrowseForFolderA
SHGetPathFromIDListA
SHFileOperationA

version

GetFileVersionInfoA
VerLanguageNameA
VerQueryValueA
GetFileVersionInfoSizeA

gdi32

CreateSolidBrush
StretchBlt
GetObjectW
GetDeviceCaps
GetPixel
RectVisible
CreateCompatibleDC
GetTextExtentPoint32W
SetBkMode
CreateDCW
SetTextAlign
GetTextColor
Ellipse
LineTo
SetViewportOrgEx
GetWindowExtEx
DeleteDC
CreateCompatibleBitmap
MoveToEx
Escape
SetBrushOrgEx
CreateDIBSection
SetStretchBltMode
Rectangle
CombineRgn
GetPaletteEntries
GetStockObject
GetBkMode
ExtTextOutW
GetDIBits
RestoreDC
PtVisible
ExcludeClipRect
DeleteObject
CreateRectRgn
SaveDC
GetRgnBox

winmm

mmioWrite
mmioRead
mmioClose
mmioSeek
mmioOpenA
mmioDescend

comctl32

ImageList_LoadImageA
ImageList_ReplaceIcon
ImageList_Destroy
ImageList_DragMove
_TrackMouseEvent
ImageList_GetIcon
InitCommonControlsEx
DestroyPropertySheetPage
ImageList_DrawEx
ImageList_Draw
ImageList_GetImageCount
ImageList_EndDrag
ord17

mfc42

ord1576

winspool.drv

OpenPrinterA
ord204
DocumentPropertiesA

kernel32

FlushFileBuffers
LCMapStringA
GetModuleHandleW
InterlockedIncrement
GetTickCount
WriteFile
FreeEnvironmentStringsW
GetFileType
CompareStringA
GetCommandLineW
GetStringTypeW
SetEnvironmentVariableA
SetLastError
SetStdHandle
IsBadCodePtr
GetLocalTime
GetStringTypeA
LeaveCriticalSection
HeapDestroy
QueryPerformanceCounter
VirtualAlloc
GetSystemTime
CloseHandle
GetModuleFileNameA
InterlockedDecrement
GetStdHandle
LoadLibraryA
UnhandledExceptionFilter
GetCommandLineA
GetModuleHandleA
LCMapStringW
TlsSetValue
GetEnvironmentStrings
VirtualQuery
DeleteCriticalSection
CompareStringW
HeapReAlloc
GetStartupInfoA
GetVersion
InterlockedExchange
VirtualFree
HeapCreate
GetStartupInfoW
TerminateProcess
GetLastError
EnterCriticalSection
GetCurrentProcess
ReadFile
GetEnvironmentStringsW
RtlUnwind
RaiseException
HeapFree
FreeEnvironmentStringsA
CreateMutexW
GetTimeZoneInformation
ExitProcess
GetSystemTimeAsFileTime
WideCharToMultiByte
GetProcAddress
GetCurrentProcessId
SetHandleCount
GetCPInfo
HeapAlloc
GetModuleFileNameW
MultiByteToWideChar
TlsAlloc
LoadLibraryW
SetUnhandledExceptionFilter
SetFilePointer
InitializeCriticalSection
GetCurrentThreadId
TlsGetValue

user32

MessageBoxW
RegisterClassW
LoadCursorW
DefWindowProcW
RegisterClassExW
UnionRect
GetMonitorInfoW
RemoveMenu
EndDialog
FillRect
CreatePopupMenu
SetCursorPos
GetClientRect
CreateWindowExW
SetFocus
SendMessageW
DestroyWindow
LoadBitmapW
GetMessageW
GetWindowDC
LoadIconW
ShowWindow

Sections

.text
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

27caa953e5ad3ad5917555fed36d13aa

Headers

File Characteristics

Imports

advapi32

shell32

version

gdi32

winmm

comctl32

mfc42

winspool.drv

kernel32

user32

Sections

.text Size: 64KB - Virtual size: 61KB

.rdata Size: 96KB - Virtual size: 93KB

.data Size: 64KB - Virtual size: 86KB

.rsrc Size: 56KB - Virtual size: 52KB

.text
Size: 64KB - Virtual size: 61KB

.rdata
Size: 96KB - Virtual size: 93KB

.data
Size: 64KB - Virtual size: 86KB

.rsrc
Size: 56KB - Virtual size: 52KB