8f7dc90de0908f0db87f6f4c4c80a5f3add31f50c2ef5a5fbe35529b13d1936f

Sharing

Copy URL Twitter E-mail

General

Target

8f7dc90de0908f0db87f6f4c4c80a5f3add31f50c2ef5a5fbe35529b13d1936f
Size

140KB
MD5

5894c392c176fa54d7f6456e1b80b68a
SHA1

bd3661cced1f3b1654051bece1b171c54a957c2d
SHA256

8f7dc90de0908f0db87f6f4c4c80a5f3add31f50c2ef5a5fbe35529b13d1936f
SHA512

d85dcf7e48e517438635ec0663305a2d10cdb897214fa4bf92b9a06d80f59d7d8cd290134c214c8fd6c3ef74ec4389e453dd73f455c1a067a0ce80d551a67bd3
SSDEEP

3072:ZMavgphCXatt7ffsFotWSAGA+5IvvyDuM8:ZmhCk+TGA3cL8

Score

N/A

Malware Config

Signatures

Files

8f7dc90de0908f0db87f6f4c4c80a5f3add31f50c2ef5a5fbe35529b13d1936f
.exe windows x86

049fc74fd42b2295ac22c7d6655770fa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

vssconf

?Configure@@YAXXZ

kernel32

RtlUnwind
GetStartupInfoA
GetCommandLineA
ExitProcess
GetCPInfo
HeapAlloc
GetOEMCP
RaiseException
HeapReAlloc
HeapSize
GetACP
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
TerminateProcess
HeapFree
GetFileType
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CloseHandle
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetProfileStringA
SizeofResource
WriteFile
GetCurrentProcess
FindResourceA
SetErrorMode
GlobalGetAtomNameA
LoadResource
GetVersion
GlobalAddAtomA
GlobalFindAtomA
FreeLibrary
GetProcessVersion
LoadLibraryA
GetProcAddress
GetLastError
GetModuleHandleA
GetEnvironmentVariableA
WideCharToMultiByte
SetLastError
GetCurrentThreadId
MultiByteToWideChar
lstrcpyA
InterlockedIncrement
lstrcatA
WritePrivateProfileStringA
GlobalFlags
InterlockedDecrement
lstrcpynA
lstrlenA
TlsSetValue
TlsGetValue
LocalReAlloc
LeaveCriticalSection
EnterCriticalSection
GlobalReAlloc
GlobalUnlock
TlsFree
GlobalHandle
TlsAlloc
GlobalFree
DeleteCriticalSection
LocalAlloc
InitializeCriticalSection
LocalFree
GetModuleFileNameA
GetVersionExA
HeapDestroy
GetEnvironmentStringsW
SetHandleCount
GetStdHandle

user32

GetWindowTextLengthA
GetMenuItemID
GetSubMenu
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
SetFocus
MapWindowPoints
LoadIconA
ShowWindow
LoadStringA
DestroyMenu
InvalidateRect
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
SetWindowLongA
DefWindowProcA
GetDlgItem
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetCapture
GetSysColor
GetSysColorBrush
LoadCursorA
GetSystemMetrics
GrayStringA
DrawTextA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ScreenToClient
GetMenuItemCount
wsprintfA
UnhookWindowsHookEx
GetWindowTextA
SetWindowTextA
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetClassNameA
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
EnableWindow
SetCursor
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
SendMessageA
EnableMenuItem
GetFocus
GetParent
GetNextDlgTabItem
PostMessageA
PostQuitMessage
SetWindowPos
DestroyWindow
RegisterWindowMessageA
TabbedTextOutA
ExcludeUpdateRgn
ShowCaret
DefDlgProcA
IsWindowUnicode
CharNextA
InflateRect
UnregisterClassA
DrawFocusRect
HideCaret

gdi32

CreateDIBitmap
SelectObject
GetStockObject
RestoreDC
SetBkColor
SetBkMode
SetMapMode
SetViewportOrgEx
SetTextColor
SetViewportExtEx
ScaleViewportExtEx
OffsetViewportOrgEx
SetWindowExtEx
GetClipBox
ScaleWindowExtEx
IntersectClipRect
CreateCompatibleDC
DeleteObject
GetDeviceCaps
CreateSolidBrush
PtVisible
RectVisible
ExtTextOutA
Escape
TextOutA
GetObjectA
GetTextExtentPointA
PatBlt
BitBlt
DeleteDC
SaveDC
CreateBitmap

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegOpenKeyExA
RegCloseKey
RegCreateKeyExA
RegSetValueExA

comctl32

ord17

Sections

.text
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

049fc74fd42b2295ac22c7d6655770fa

Headers

File Characteristics

Imports

vssconf

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

Sections

.text Size: 68KB - Virtual size: 65KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 16KB - Virtual size: 24KB

.data1 Size: 4KB - Virtual size: 384B

.rsrc Size: 32KB - Virtual size: 32KB

.text
Size: 68KB - Virtual size: 65KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 16KB - Virtual size: 24KB

.data1
Size: 4KB - Virtual size: 384B

.rsrc
Size: 32KB - Virtual size: 32KB