b35d0d92b901a2a974090cab02addf474a1970ee55c90f369bd47c9e278c2c35

Sharing

Copy URL Twitter E-mail

General

Target

b35d0d92b901a2a974090cab02addf474a1970ee55c90f369bd47c9e278c2c35
Size

304KB
MD5

62b0dad54ab99026f9ce6d15714bf6c0
SHA1

d91a06a07936b6b5cde4a9c39265530c503d2627
SHA256

b35d0d92b901a2a974090cab02addf474a1970ee55c90f369bd47c9e278c2c35
SHA512

d06cb150edbf47a18d47995973e32e096d8479453855e6feed4941e920ece47350e38060239e7b1fc996ec2ef1cb6003ef5bd5784ecf93816aa14832dc3ac0ff
SSDEEP

6144:ibjlDuWgEADdCBw2N+sOdgX8G28C8vDjqu7H8U5:slDuWgvJaiyXocSuT8U5

Score

N/A

Malware Config

Signatures

Files

b35d0d92b901a2a974090cab02addf474a1970ee55c90f369bd47c9e278c2c35
.exe windows x86

96b8bbfddcd909d2638d20bfae4bb9b2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
Sleep
GetCurrentThreadId
GetTickCount
GlobalAlloc
GlobalFree
GetProcAddress
LoadLibraryA
GetModuleHandleA
ExitProcess
QueryPerformanceCounter
ExitThread
VirtualFree
CreateFileA
FreeLibrary
SetComputerNameA
GetOEMCP
SetThreadPriority
WaitForSingleObject
CloseHandle
TerminateThread
GetComputerNameA
GetModuleFileNameA
VirtualAlloc
VirtualProtect
GetProcessHeap
CreateThread
GetProcessVersion
FlushFileBuffers
GetProcessHeaps
GetStringTypeW
GetCommandLineA
GetVersionExA
GetStringTypeA
OpenSemaphoreA
CreateMutexA
CreateSemaphoreA
OpenMutexA
ReleaseMutex
CreateEventA
CreateRemoteThread
GetLocaleInfoA
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetCPInfo
GetACP
VirtualQuery
InterlockedExchange
RtlUnwind
SetStdHandle
GetSystemInfo
GetSystemTimeAsFileTime
GetCurrentProcessId
HeapReAlloc
WriteFile
SetFilePointer
GetCurrentProcess
TerminateProcess
GetStringTypeExA
LoadResource
GetPrivateProfileIntA
EnumCalendarInfoA
GetStdHandle
WideCharToMultiByte
HeapFree
HeapAlloc

gdi32

GetCharWidth32A
TextOutA
GdiFlush
GetCharWidthA
GetCharWidthFloatA
GetCharABCWidthsA
GetTextMetricsA

user32

GetWindowLongA
SetWindowLongA
RegisterWindowMessageA
FindWindowA
MsgWaitForMultipleObjects
MsgWaitForMultipleObjectsEx
GetClientRect
TranslateAcceleratorA
MessageBeep
SendMessageA
EndPaint
DrawTextA
DrawTextExA
BeginPaint
ReleaseDC
GetDC
SetRect
SetCaretPos
wsprintfA
MessageBoxA
PostQuitMessage
DefWindowProcA
MessageBoxW
ShowCaret
UnregisterHotKey
HideCaret
DestroyCaret

advapi32

GetAce

comctl32

ord17

ws2_32

WSAAddressToStringA

wldap32

ord143
ord20
ord25
ord10
ord11

winmm

timeBeginPeriod

ole32

GetClassFile
OleCreateMenuDescriptor

mprapi

MprAdminGetErrorString

winspool.drv

ClosePrinter
OpenPrinterA
AddPortA
EnumFormsA

Sections

.text
Size: 252KB - Virtual size: 250KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 243KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.udata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

96b8bbfddcd909d2638d20bfae4bb9b2

Headers

File Characteristics

Imports

kernel32

gdi32

user32

advapi32

comctl32

ws2_32

wldap32

winmm

ole32

mprapi

winspool.drv

Sections

.text Size: 252KB - Virtual size: 250KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 8KB - Virtual size: 243KB

.udata Size: 8KB - Virtual size: 5KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 252KB - Virtual size: 250KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 8KB - Virtual size: 243KB

.udata
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 4KB