2f8c1bb835b5b4f3507da1d585223b8b426d1c6b21e3299a00c5a623c608a243

Sharing

Copy URL Twitter E-mail

General

Target

2f8c1bb835b5b4f3507da1d585223b8b426d1c6b21e3299a00c5a623c608a243
Size

986KB
MD5

727acfc5734c95164634bd95570cec00
SHA1

fc052ae96f7e35b120faa93a52349c4faebc922a
SHA256

2f8c1bb835b5b4f3507da1d585223b8b426d1c6b21e3299a00c5a623c608a243
SHA512

b0e31ea4a2f0a3979b6533e87b0945ad5cd60680a6863d631bd98f34c65fc517a4f447a9484ab20540892a64fab388f2c688dc8411a0c5b53eb288ba9b4b0847
SSDEEP

24576:HaJO1fpdZYTlh36PTIdgvkG7uNB4qWEKFi3q4:Amfpd2TSG5WX

Score

N/A

Malware Config

Signatures

Files

2f8c1bb835b5b4f3507da1d585223b8b426d1c6b21e3299a00c5a623c608a243
.exe windows x86

b8b697528f0fcc495427f5ee172ef9d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

Imports

version

VerQueryValueW

kernel32

SetEndOfFile
CreateFileW
SetErrorMode
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoW
RtlUnwind
ExitProcess
GetSystemTimeAsFileTime
HeapReAlloc
RaiseException
HeapSize
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
VirtualFree
QueryPerformanceCounter
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
Sleep
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
VirtualAlloc
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetThreadLocale
lstrlenA
InterlockedIncrement
GlobalFlags
WritePrivateProfileStringW
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetCurrentProcessId
GetModuleHandleA
GlobalFindAtomW
LoadLibraryA
GetVersionExA
GlobalAddAtomW
GlobalFree
GlobalUnlock
FormatMessageW
LocalFree
lstrlenW
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
lstrcmpA
GetLocaleInfoW
WideCharToMultiByte
InterlockedExchange
GlobalLock
lstrcmpW
InterlockedDecrement
GetModuleHandleW
SetLastError
GetTickCount
GetModuleFileNameW
GetCurrentProcess
GetLongPathNameW
FreeLibrary
EnumResourceLanguagesW
FreeResource
GetCommandLineW
ReleaseMutex
WaitForSingleObject
MultiByteToWideChar
CreateMutexW
LockResource
LoadResource
CloseHandle
FindResourceW
SizeofResource
GetProcAddress
LoadLibraryW
GetVersion
GetLastError
GlobalAlloc
ExpandEnvironmentStringsW
HeapCreate

user32

DestroyMenu
GetSysColorBrush
UnregisterClassW
GetWindowThreadProcessId
EndPaint
BeginPaint
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
IsWindowEnabled
ShowWindow
SetWindowTextW
RegisterWindowMessageW
LoadIconW
WinHelpW
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetWindowTextW
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
UnregisterClassA
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetWindow
SetCursor
GetMenuItemID
GetMenuItemCount
GetSubMenu
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageW
GetLastActivePopup
GetCursorPos
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
PostMessageW
UnhookWindowsHookEx
SystemParametersInfoW
GetWindowLongW
SetWindowLongW
EnableWindow
PostQuitMessage
LoadCursorW
SetClassLongW
SendMessageW
KillTimer
ValidateRect
InvalidateRect
SetWindowRgn
FillRect
GetSysColor
ReleaseDC
GetDC
IsWindow
SetTimer
SetRect
MessageBoxW
GetMessageTime

gdi32

GetStockObject
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetDIBits
SetMapMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
CreateBitmap
StretchBlt
DeleteObject
SetBkMode
CreateSolidBrush
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
SelectObject
BitBlt
CombineRgn
CreateRectRgn

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegQueryValueW
RegEnumKeyW
RegOpenKeyW
RegDeleteKeyW
RegSetValueExW
RegDeleteValueW
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyExW
RegCloseKey

shell32

ShellExecuteExW

shlwapi

PathFindFileNameW
PathFindExtensionW

ole32

CreateStreamOnHGlobal

oleaut32

OleLoadPicture
VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 291KB - Virtual size: 291KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 588KB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b8b697528f0fcc495427f5ee172ef9d4

Headers

File Characteristics

Imports

version

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

Sections

.text Size: 291KB - Virtual size: 291KB

.rdata Size: 90KB - Virtual size: 89KB

.data Size: 15KB - Virtual size: 31KB

.rsrc Size: 588KB - Virtual size: 2.3MB

.text
Size: 291KB - Virtual size: 291KB

.rdata
Size: 90KB - Virtual size: 89KB

.data
Size: 15KB - Virtual size: 31KB

.rsrc
Size: 588KB - Virtual size: 2.3MB