d1376e6c8ff3af7b4f96072758fc13feada305cc9ebb38146440710891b1d851

Sharing

Copy URL Twitter E-mail

General

Target

d1376e6c8ff3af7b4f96072758fc13feada305cc9ebb38146440710891b1d851
Size

120KB
MD5

64577d46df5f7438fb62ae8fed0655ab
SHA1

45046f55de4c64928c087b5861bf8b21c5672343
SHA256

d1376e6c8ff3af7b4f96072758fc13feada305cc9ebb38146440710891b1d851
SHA512

b4c15fdf5237705d74df004a8bc03e8a6c18e3eb1fadbd4700a32adfce83ddbff82c42d9a47db5db2c98b890b67612d6724fb94afd362c892914d70800bb8b14
SSDEEP

1536:ZRPjR5RwCGjTMNr2oHqFiKwrOvVDN9L0asrJuUNjB2PXu6LoUlKKEkOK8:7N5OC7r2oKFWWV59urJuUNjB2fhYi

Score

N/A

Malware Config

Signatures

Files

d1376e6c8ff3af7b4f96072758fc13feada305cc9ebb38146440710891b1d851
.exe windows x86

5b3509c587b617b5d2b94b7d127bcad0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

kernel32

LoadResource
LockResource
GetCommandLineA
GetWindowsDirectoryA
FindResourceA
WideCharToMultiByte
SetFileAttributesA
lstrlenA
lstrcpyA
GetModuleHandleA
SetEvent
WaitForSingleObject
GlobalAlloc
MultiByteToWideChar
GlobalFree
CreateDirectoryA
GetFileAttributesA
FindNextFileW
FindFirstFileW
DeleteFileW
DeleteFileA
RemoveDirectoryW
FindFirstFileA
RemoveDirectoryA
FindNextFileA
FindClose
lstrcatA
Sleep
lstrcpynA
CreateFileMappingA
MoveFileExA
GetProcAddress
GetPrivateProfileStringA
GetLastError
CloseHandle
CreateEventA
lstrcmpA
LoadLibraryExA
FreeLibrary
lstrlenW
GetStringTypeA
GetStringTypeW
LCMapStringA
HeapReAlloc
VirtualAlloc
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
LCMapStringW
GetModuleFileNameA
GetOEMCP
GetACP
GetCPInfo
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
RtlUnwind
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
HeapAlloc
TlsGetValue
SetLastError
TlsAlloc
HeapFree
ExitProcess
GetVersion
GetStartupInfoA
ExitThread
TlsSetValue
GetCurrentThreadId
LoadLibraryA
CreateThread

user32

LoadIconA
LoadCursorA
DestroyWindow
SendMessageA
InvalidateRect
SetWindowTextA
CreateWindowExA
ShowWindow
CreateDialogParamA
SetFocus
SetWindowLongA
PostQuitMessage
EnableWindow
GetWindowTextA
GetMessageA
TranslateMessage
DispatchMessageA
wsprintfA
GetDlgItem
CallWindowProcA
GetDlgCtrlID
GetParent
DefWindowProcA
EnumWindows
PostMessageA
GetClassNameA
LoadStringA
MessageBoxA
SetForegroundWindow
MoveWindow
GetSystemMetrics
GetDesktopWindow
GetWindowRect
LoadBitmapA
GetWindowLongA
RegisterClassExA

gdi32

DeleteObject
SetDIBitsToDevice
GetObjectA
RealizePalette
CreatePalette
GetStockObject
SelectPalette

winspool.drv

EnumPrintersA

advapi32

RegCreateKeyExA
RegDeleteKeyA
RegCloseKey

shell32

SHGetMalloc
SHGetSpecialFolderLocation
CommandLineToArgvW
SHGetPathFromIDListW

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5b3509c587b617b5d2b94b7d127bcad0

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

Sections

.text Size: 24KB - Virtual size: 20KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 80KB - Virtual size: 80KB

.text
Size: 24KB - Virtual size: 20KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 80KB - Virtual size: 80KB