3f64b4b1694bf179f5698754aa067b7cf6a1f4e51b19034e80fe3f3e415adc08

Sharing

Copy URL Twitter E-mail

General

Target

3f64b4b1694bf179f5698754aa067b7cf6a1f4e51b19034e80fe3f3e415adc08
Size

293KB
MD5

6ff01a7f07e9aeacd9a2240d4ce05880
SHA1

30665071e248e2dd5cee92f89f569970d2861e16
SHA256

3f64b4b1694bf179f5698754aa067b7cf6a1f4e51b19034e80fe3f3e415adc08
SHA512

470b66072846f37da5cf2adf62a9c74c2c7e5f20393e62a4217fe079e361c813584345ddd8c66c465f8cedfcdda2c2f16e17c0b588128f15a4c3654e851f3258
SSDEEP

6144:HIlWOrSyL891+7bY1cgnN/wN1JvENd+5Jn4ME958d5YQLzF:ol9rSyL89151d+3n4X8V

Score

N/A

Malware Config

Signatures

Files

3f64b4b1694bf179f5698754aa067b7cf6a1f4e51b19034e80fe3f3e415adc08
.exe windows x86

6934a7bb5c0fee2101919555f26cba5a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleCP
SetFilePointer
RaiseException
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
SetHandleCount
GetConsoleMode
CloseHandle
FreeEnvironmentStringsW
GetModuleFileNameA
LoadLibraryW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
Sleep
MultiByteToWideChar
RtlUnwind
IsProcessorFeaturePresent
HeapSize
SetStdHandle
WriteConsoleW
LCMapStringW
GetStringTypeW
HeapReAlloc
FlushFileBuffers
GetEnvironmentStringsW
LocalFree
DeleteCriticalSection
SetConsoleWindowInfo
GetModuleHandleA
GetConsoleScreenBufferInfo
GetProcAddress
GetLastError
GetStdHandle
GetTickCount
HeapAlloc
GetModuleHandleW
GetCurrentProcess
WideCharToMultiByte
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
HeapFree
ExitProcess
DecodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TerminateProcess
HeapCreate
WriteFile
GetModuleFileNameW
CreateFileW

user32

GetMenu
GetScrollPos
DialogBoxParamA
DestroyWindow
LoadMenuIndirectA
PostQuitMessage
SetCapture
SetMenuItemBitmaps
LoadBitmapA
LoadMenuA
GetClientRect
SetMenuItemInfoA
GetDC
CheckMenuRadioItem
MessageBoxA
InvalidateRect
CreateWindowExA
ReleaseDC
EnableMenuItem
DefWindowProcA
GetDesktopWindow
GetMenuItemInfoA
CheckDlgButton
DrawMenuBar
MessageBoxW
GetSystemMetrics
CloseWindow
UpdateWindow

gdi32

PatBlt
LineTo
DeleteDC
SetPixel
CreateBitmap
DeleteObject
SelectObject
CreateCompatibleDC
Rectangle
Ellipse
CreatePen
GetTextMetricsA
GetStockObject
MoveToEx

winspool.drv

ClosePrinter

comdlg32

PrintDlgA

advapi32

FreeSid
RegCloseKey
RegOpenKeyExW
AllocateAndInitializeSid
SetNamedSecurityInfoA
SetEntriesInAclA
OpenProcessToken

oleaut32

GetErrorInfo

ws2_32

WSAStartup

mpr

WNetGetUniversalNameA
WNetEnumResourceA
WNetCloseEnum

Sections

.text
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 190KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6934a7bb5c0fee2101919555f26cba5a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

oleaut32

ws2_32

mpr

Sections

.text Size: 74KB - Virtual size: 73KB

.rdata Size: 14KB - Virtual size: 14KB

.data Size: 190KB - Virtual size: 220KB

.rsrc Size: 14KB - Virtual size: 13KB

.text
Size: 74KB - Virtual size: 73KB

.rdata
Size: 14KB - Virtual size: 14KB

.data
Size: 190KB - Virtual size: 220KB

.rsrc
Size: 14KB - Virtual size: 13KB