6c819a23eecf94778fcd7345c9798788110b87c8f85ae531a8a7ae00537c1105

Sharing

Copy URL Twitter E-mail

General

Target

6c819a23eecf94778fcd7345c9798788110b87c8f85ae531a8a7ae00537c1105
Size

395KB
MD5

66db98c5344502b2d8ec9c1619963e00
SHA1

7de6db7a6da04efb3f25683805fdb778d569e7ac
SHA256

6c819a23eecf94778fcd7345c9798788110b87c8f85ae531a8a7ae00537c1105
SHA512

06f9ae1466388f10059829031ac7438ea34413b8824ccf95bb63c698dd1744502c8eab8e07e7a3b98b33677eb82efdb4cfbf750648776972d1a3c6669f1af2a5
SSDEEP

12288:arhuzWyTFAwkmY+ZAXq+fGokq32gaxUAas1k:arkzbBAZmY7XfU9Us1

Score

N/A

Malware Config

Signatures

Files

6c819a23eecf94778fcd7345c9798788110b87c8f85ae531a8a7ae00537c1105
.exe windows x86

2ffdb6a36293a7a1e471298cbd42804c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
WideCharToMultiByte
GetStartupInfoA
OutputDebugStringA
SetUnhandledExceptionFilter
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetVersionExA
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetCurrentProcessId
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
GetModuleHandleW
GetSystemTime
SetEvent
CloseHandle
WaitForSingleObject
CreateThread
CreateEventW
ResetEvent
lstrcmpW
GlobalAlloc
GlobalUnlock
GlobalLock
GlobalSize
MulDiv
GlobalFindAtomW
GetLastError
InterlockedDecrement
MultiByteToWideChar
GetLocalTime
GetLocaleInfoW
GetDateFormatW
InterlockedIncrement
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrcmpiW
GetLocaleInfoEx
GetProcAddress
LoadLibraryW
FreeLibrary
DelayLoadFailureHook
InterlockedCompareExchange
LoadLibraryExA
HeapFree
HeapAlloc
GetProcessHeap
GetVersionExW
InterlockedExchange
FreeLibraryAndExitThread
GetFileAttributesW
Wow64RevertWow64FsRedirection
Wow64DisableWow64FsRedirection
IsWow64Process
GetCurrentProcess
GetModuleFileNameW
LocalFree
LocalReAlloc
LocalAlloc
GetProfileStringW
lstrlenW
CompareStringW
ApplicationRecoveryInProgress
Sleep
ApplicationRecoveryFinished
RegisterApplicationRecoveryCallback
RegisterApplicationRestart
CompareFileTime
SystemTimeToFileTime
GetTempFileNameW
FileTimeToSystemTime
DeleteFileW
CreateFileW
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
HeapDestroy
HeapReAlloc
HeapSize
RaiseException
GetProcAddress
LoadLibraryA
ExitProcess

comctl32

ImageList_Create
ImageList_GetIconSize
FlatSB_SetScrollProp
ImageList_Draw
ImageList_GetDragImage
ImageList_DrawIndirect
ImageList_Write
ImageList_GetImageCount
InitializeFlatSB
ImageList_GetImageInfo
ImageList_ReplaceIcon
ImageList_SetIconSize
ImageList_Read
ImageList_Duplicate
ImageList_DrawEx
FlatSB_GetScrollInfo
ImageList_Remove
ImageList_Merge
MakeDragList
ImageList_SetImageCount
ImageList_DragMove
ImageList_DragShowNolock

comdlg32

ReplaceTextW
CommDlgExtendedError
PrintDlgW
GetOpenFileNameA
GetSaveFileNameW
ChooseColorW
GetSaveFileNameA

gdi32

CreateFontW

gdiplus

GdipCloneBrush
GdipAlloc
GdipAddPathEllipse
GdipCreateTexture
GdipGetDC
GdipCreateMatrix2
GdipDeleteMatrix
GdipCloneBitmapArea
GdipSetPathGradientSurroundColorsWithCount
GdipCreatePath
GdipDrawImage
GdipDeleteBrush
GdipSetPathGradientCenterPoint
GdipFree
GdipCreateHatchBrush
GdipSetMatrixElements
GdipCreatePathGradientFromPath
GdipCreateFromHDC
GdipSetPathGradientCenterColor
GdipSetPageUnit
GdipDrawImageI
GdipCreateBitmapFromScan0
GdipCreateLineBrush
GdipDisposeImage
GdipGetImageGraphicsContext

msimg32

AlphaBlend

msvfw32

MCIWndCreateW

ole32

OleCreateFromFile
CreateOleAdviseHolder
OleCreateLinkFromData
CreateILockBytesOnHGlobal
CoRegisterClassObject
WriteClassStg
ReadClassStg
OleIsCurrentClipboard
OleLockRunning
OleRegGetUserType
CoLockObjectExternal
OleGetIconOfClass
CoCreateGuid
OleCreateMenuDescriptor
CreateStreamOnHGlobal
CreateBindCtx
CreateItemMoniker
DoDragDrop
OleIsRunning
OleGetClipboard
GetClassFile

oleacc

LresultFromObject
AccessibleObjectFromWindow

oleaut32

SafeArrayCreateVector
SysAllocStringByteLen
SetErrorInfo
SafeArrayDestroy
SafeArrayGetElemsize
VarCyFromStr
SafeArrayAccessData
SysReAllocStringLen
SafeArrayCreate
SafeArrayAllocData
SysFreeString
VarDateFromStr
SafeArrayPutElement
SafeArrayPtrOfIndex
VariantClear
VariantTimeToSystemTime

oledlg

OleUIConvertW
OleUIUpdateLinksW

olepro32

OleCreateFontIndirect

rpcrt4

UuidCreate
UuidToStringW
RpcStringFreeW

shell32

SHAppBarMessage
SHGetPathFromIDListW
SHChangeNotify

shlwapi

PathRelativePathToW
PathIsRelativeW
PathAppendW
PathFindExtensionW
PathFileExistsW
PathIsURLW

user32

CreateCaret
SubtractRect
GetWindowThreadProcessId
DestroyCaret
SetScrollPos
GetKeyNameTextW
ReplyMessage
GetMenuState
SetWindowContextHelpId
GetPropW
GetWindowTextLengthW
CountClipboardFormats
GetClassLongW
SetMenuItemBitmaps
CharToOemBuffA
PostQuitMessage
GetClassInfoW
GetCursor
EnableWindow
GetMenu
BeginDeferWindowPos
SetMenu
wsprintfA
GetMenuItemInfoW
WinHelpW
GetWindowTextA
ScrollWindow
DefDlgProcA
WindowFromPoint

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

winspool.drv

GetPrinterW
EnumJobsW
GetJobW
DocumentPropertiesW
EnumMonitorsW
EnumPrinterDriversW
DeviceCapabilitiesW
GetPrinterDataExW
OpenPrinterW
ClosePrinter

Sections

.bss
Size: - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.code
Size: 342KB - Virtual size: 341KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ffdb6a36293a7a1e471298cbd42804c

Headers

File Characteristics

Imports

kernel32

comctl32

comdlg32

gdi32

gdiplus

msimg32

msvfw32

ole32

oleacc

oleaut32

oledlg

olepro32

rpcrt4

shell32

shlwapi

user32

version

winspool.drv

Sections

.bss Size: - Virtual size: 352KB

.code Size: 342KB - Virtual size: 341KB

.text Size: 43KB - Virtual size: 43KB

.idata Size: 7KB - Virtual size: 7KB

.rsrc Size: 1KB - Virtual size: 1KB

.bss
Size: - Virtual size: 352KB

.code
Size: 342KB - Virtual size: 341KB

.text
Size: 43KB - Virtual size: 43KB

.idata
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 1KB - Virtual size: 1KB