5dbe82308494bc44e201fbc2889c07dfb924fd5b261cf73355ce9a9cd1f0d5f7

Sharing

Copy URL Twitter E-mail

General

Target

5dbe82308494bc44e201fbc2889c07dfb924fd5b261cf73355ce9a9cd1f0d5f7
Size

348KB
MD5

3572a7aa48950bb4119e4cc87e327ed4
SHA1

e0935e235799a63f8b99c7922dae6ccd43b8064a
SHA256

5dbe82308494bc44e201fbc2889c07dfb924fd5b261cf73355ce9a9cd1f0d5f7
SHA512

6fed62ad0e55f10d301da229283a7ac336127f23f56f9e6b7a99d117a42fec2594fb61500c4f18fba7c1208799b4ba6dca670ff9339da13dc16149c2b52b2c7a
SSDEEP

6144:wzHs5chuQZleWIrF1GfbX7Xk1aK/X+bTFsRS1zzP:wzDhorfgDoj/SsRSJ

Score

N/A

Malware Config

Signatures

Files

5dbe82308494bc44e201fbc2889c07dfb924fd5b261cf73355ce9a9cd1f0d5f7
.dll windows x86

8b8ab81700882cf3fd87a458954b15dc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GrayStringA
wsprintfA
PostQuitMessage
SetWindowsHookExA
PeekMessageA
GetClientRect
IsWindow
ModifyMenuA
SetWindowPos
WinHelpA
SetMenuItemBitmaps
EnableWindow
DestroyMenu
SetCursor
MapWindowPoints
RegisterWindowMessageA
GetSystemMetrics
MessageBoxA
GetActiveWindow
GetCursorPos
GetMenuState
SetForegroundWindow
BeginPaint
GetMenuItemID
GetWindow
TranslateMessage
IsDialogMessageA
GetCapture
GetClassInfoA
DispatchMessageA
CallWindowProcA
IsWindowVisible
GetMessagePos
SetFocus
IsWindowEnabled
GetClassLongA
GetMenu
LoadIconA
SendMessageA
GetMenuItemCount
GetParent
GetForegroundWindow
CheckMenuItem
DestroyWindow
IsIconic
GetWindowLongA
GetMessageTime
UnregisterClassA
ValidateRect
SystemParametersInfoA
UnhookWindowsHookEx
ShowWindow
UpdateWindow
ScreenToClient
PostMessageA
SetWindowLongA
DrawTextA
GetLastActivePopup
RegisterClassA
GetSysColor
EndPaint
EnableMenuItem
GetWindowDC
GetMessageA
CopyRect
GetWindowRect
LoadStringA
LoadBitmapA
GetDlgItem
GetClassNameA
RegisterClipboardFormatA
SetActiveWindow
AdjustWindowRectEx
GetKeyState
GetTopWindow
GetWindowTextA
CreateWindowExA
CallNextHookEx
SetDlgItemTextA
TabbedTextOutA
LoadImageA
GetNextDlgTabItem
GetPropA
DefWindowProcA
LoadCursorA
GetMenuCheckMarkDimensions
GetSysColorBrush
SendDlgItemMessageA
ClientToScreen
GetSubMenu
CreateDialogIndirectParamA
GetFocus
GetWindowPlacement
FillRect
EndDialog
PtInRect

advapi32

RegCreateKeyExA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

gdi32

GetPixel
ScaleWindowExtEx
RestoreDC
GetObjectA
SetBkColor
ExtEscape
SetWindowExtEx
DeleteObject
SaveDC
RectVisible
TextOutA
Escape
BitBlt
GetDIBColorTable
CreateBitmap
SelectPalette
SelectObject
CreateDCA
SetTextColor
EnumFontFamiliesExA
CreateCompatibleDC
SetViewportOrgEx
SetBkMode
SetViewportExtEx
GetDeviceCaps
RealizePalette
ScaleViewportExtEx
GetClipBox
OffsetViewportOrgEx
DeleteDC
SetMapMode
SetStretchBltMode

comctl32

ord17
DestroyPropertySheetPage

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

kernel32

FindResourceExA
ExitProcess
GlobalAlloc
LocalReAlloc
GetEnvironmentStringsW
RtlUnwind
VirtualFree
GetModuleHandleA
WritePrivateProfileStringA
CloseHandle
GetProcessVersion
lstrlenA
LoadResource
RaiseException
DeleteCriticalSection
GetModuleFileNameA
GlobalFlags
GetFileType
SetFilePointer
TlsAlloc
FreeEnvironmentStringsW
GlobalFindAtomA
lstrcpynA
TlsFree
SetErrorMode
GetVersion
FindResourceA
GetDateFormatA
GetStringTypeW
LoadLibraryA
HeapFree
GetOEMCP
LocalFree
GetTickCount
GetStartupInfoA
HeapSize
MulDiv
GlobalAddAtomA
GetStdHandle
WriteFile
FlushFileBuffers
IsBadCodePtr
GetProcAddress
HeapReAlloc
LocalAlloc
GetEnvironmentVariableA
LCMapStringA
SetStdHandle
GlobalUnlock
TerminateProcess
SetHandleCount
lstrcpyA
TlsSetValue
lstrcmpA
IsBadWritePtr
HeapCreate
GlobalDeleteAtom
EnterCriticalSection
GetStringTypeA
SetLastError
HeapDestroy
FreeEnvironmentStringsA
WideCharToMultiByte
GetLastError
SetUnhandledExceptionFilter
GetACP
GetVersionExA
GetCPInfo
InitializeCriticalSection
LeaveCriticalSection
GetCurrentThread
InterlockedDecrement
HeapAlloc
LCMapStringW
VirtualAlloc
lstrcatA
GlobalFree
MultiByteToWideChar
GetCurrentThreadId
GlobalHandle
InterlockedIncrement
GetCommandLineA
GlobalGetAtomNameA
lstrcmpiA
GlobalReAlloc
FreeLibrary
TlsGetValue

Exports

Exports

ExecCodeModule
IncrementalDecoder
List_Reverse
Number_Multiply
State_ThreadHead
VaParse
_Readline
vResolveTokenVarW
write_init_2

Sections

.text
Size: 92KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8b8ab81700882cf3fd87a458954b15dc

Headers

File Characteristics

Imports

user32

advapi32

gdi32

comctl32

winspool.drv

kernel32

Exports

Exports

Sections

.text Size: 92KB - Virtual size: 89KB

.rdata Size: 72KB - Virtual size: 71KB

.data Size: 92KB - Virtual size: 92KB

.rsrc Size: 80KB - Virtual size: 79KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 92KB - Virtual size: 89KB

.rdata
Size: 72KB - Virtual size: 71KB

.data
Size: 92KB - Virtual size: 92KB

.rsrc
Size: 80KB - Virtual size: 79KB

.reloc
Size: 8KB - Virtual size: 6KB