307645e373fb21111b3c77394c7a1f5019b7aaa39a16a59241fa0043195658e4

Sharing

Copy URL Twitter E-mail

General

Target

307645e373fb21111b3c77394c7a1f5019b7aaa39a16a59241fa0043195658e4
Size

240KB
MD5

7b34c9e8b45a3a0aace73960ce976051
SHA1

22b8fcc4b52f756a4fd763fa8223450a15531bf3
SHA256

307645e373fb21111b3c77394c7a1f5019b7aaa39a16a59241fa0043195658e4
SHA512

3a5b1e200313281e816dc8daea007dd416fe3a385541d010a177ee2fdd703c41d74e2fb9b5a08839a4e30e4dacead6337520c16eaefcf9f9c6d00784d107913d
SSDEEP

6144:PQtx6Z6UqafHCT48GTK1/GicBm4pcYYb:PQfr148GToGicTDY

Score

N/A

Malware Config

Signatures

Files

307645e373fb21111b3c77394c7a1f5019b7aaa39a16a59241fa0043195658e4
.exe windows x86

786b466137c45c4d6d1a764830c58677

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winspool.drv

DeletePrinter
EnumPortsA

user32

GetTabbedTextExtentA
CharNextW
GetForegroundWindow
LoadMenuA
CopyAcceleratorTableW
DdeFreeDataHandle
MessageBoxW
SetClipboardData
SendMessageTimeoutA
DestroyCaret
ReleaseDC
OpenClipboard
UnregisterClassA
GetUpdateRgn
LoadCursorW
AttachThreadInput
CreateIcon
OemToCharA
WinHelpW
DdeUninitialize
DrawMenuBar
IsWindowVisible
SendDlgItemMessageW
ScrollWindow
PostThreadMessageA
GetCaretPos
RemoveMenu
SetDlgItemTextW
GetWindowTextA
DdeClientTransaction
CallNextHookEx
IsCharAlphaNumericW
DdeFreeStringHandle
GetWindowLongA
EnableWindow
IsWindowEnabled
CheckMenuRadioItem
IsDialogMessageA
ShowCaret
IsMenu
IsCharAlphaW
DialogBoxIndirectParamW
DdeDisconnect
SetFocus
CloseClipboard
DdeQueryNextServer
FindWindowW
ValidateRgn
GetUpdateRect
SetMenuItemBitmaps
PostThreadMessageW
MessageBoxA
UnregisterDeviceNotification
GetPropW
SubtractRect
GetScrollPos
DrawIconEx
GetMenu
MoveWindow

kernel32

IsBadWritePtr
GetModuleHandleA
SetHandleCount
GetWindowsDirectoryA
VirtualAlloc
GetVersionExA
GetThreadLocale
InterlockedIncrement
SetEnvironmentVariableA
GetCurrentProcess
GetLastError
GetACP
GetFileInformationByHandle
GetCurrentThread
SystemTimeToFileTime
GetDiskFreeSpaceExW
GetSystemDefaultUILanguage
GetProcessAffinityMask
ResumeThread
lstrcpynA
TransactNamedPipe
FindClose
GetComputerNameW
Sleep
GetEnvironmentStringsW
OutputDebugStringA
GetLocaleInfoA
CloseHandle
GetDriveTypeA
FreeLibrary
GetDateFormatA
GetUserDefaultLCID
ExitProcess
CreateSemaphoreW
DebugBreak
SetFileAttributesA
SwitchToThread
lstrcpyA
EnumResourceNamesW
HeapReAlloc
IsBadCodePtr
GetLogicalDriveStringsW
CompareStringW
MapViewOfFile
GetCurrentThreadId
DeleteFileA
CreateEventW
lstrcmpA
WriteConsoleW
DuplicateHandle
GetStringTypeA
WritePrivateProfileSectionA
GetNumberFormatW
GetExitCodeThread
GlobalReAlloc
GetFileAttributesExW
GetConsoleCP
GetTimeFormatW
AddAtomA
TerminateProcess
GetModuleHandleW
GetUserDefaultLangID
SetFileTime
GetStartupInfoW
Beep
ReleaseSemaphore
TerminateThread
CreateProcessW
ExpandEnvironmentStringsW
UnlockFile
OpenEventA
DeleteTimerQueueEx
GetCommandLineA
WritePrivateProfileStringA
GetShortPathNameA
EnumSystemLocalesA
GetDiskFreeSpaceA
GetProcessTimes
GetVersion
VirtualProtect
SetUnhandledExceptionFilter
GetStartupInfoA
CopyFileW
GetSystemDirectoryW
LocalLock
VerSetConditionMask
HeapFree
FindResourceExW
GetComputerNameA
GetSystemDefaultLCID

comctl32

ImageList_Read
InitCommonControlsEx
ImageList_GetImageInfo
ImageList_AddMasked
ImageList_Write

advapi32

ConvertSidToStringSidW
RegCreateKeyExW
GetSidIdentifierAuthority
AddAce
CheckTokenMembership
ReportEventA
RegQueryValueExA
RegEnumValueW
LookupAccountNameW
OpenSCManagerA
OpenProcessToken
LookupAccountSidA
ImpersonateSelf
CreateServiceW
SetFileSecurityA
DeregisterEventSource
GetAce
StartServiceW

shell32

ExtractIconA

ole32

CoGetTreatAsClass
OleCreate
OleLoad
CreateOleAdviseHolder

gdi32

StartDocA
ExtCreateRegion
GetTextMetricsA
ScaleViewportExtEx
SetAbortProc
GetClipRgn
Polyline
InvertRgn
SetBkColor
EnumFontFamiliesW
DeleteEnhMetaFile
GetTextExtentPointW
CreateDCW
CreateRectRgnIndirect
EndDoc
GetTextExtentPoint32A
CreateSolidBrush
GetDCOrgEx
SetEnhMetaFileBits
GetCharWidthA
PatBlt
DeleteObject
Polygon
CreateFontA
GetPixel
GetTextFaceA
IntersectClipRect
GetTextExtentPoint32W
GetTextColor
ExtEscape
SetWinMetaFileBits
GetTextMetricsW

version

VerQueryValueW
GetFileVersionInfoA
GetFileVersionInfoSizeA

msvcrt

__getmainargs
exit
_XcptFilter
_ecvt
wcscspn
free
towupper
wcstod
iswspace
strchr
wcspbrk
strrchr
wcscmp
time
_ltow
ctime
_splitpath
wcslen
_beginthreadex
strstr
_c_exit
_CxxThrowException
_iob
strncmp
bsearch
_controlfp
wcsncpy
_wtoi
_snwprintf
_wcsdup
_except_handler3
__set_app_type
_strlwr
wcschr
towlower
_exit
_wcsupr
_wcsicmp
swprintf
_wtoi64
setlocale
_mbsrchr
atol
_wtol
atoi
wcstol
iswdigit
_ismbblead
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_acmdln

Sections

.text
Size: 192KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

786b466137c45c4d6d1a764830c58677

Headers

File Characteristics

Imports

winspool.drv

user32

kernel32

comctl32

advapi32

shell32

ole32

gdi32

version

msvcrt

Sections

.text Size: 192KB - Virtual size: 192KB

.rdata Size: 43KB - Virtual size: 42KB

.data Size: 3KB - Virtual size: 3KB

.text
Size: 192KB - Virtual size: 192KB

.rdata
Size: 43KB - Virtual size: 42KB

.data
Size: 3KB - Virtual size: 3KB