360383ecc371e99a5b4e62147a76933ed2b286f75c74d8c0e413f1c79e8bec59

Sharing

Copy URL Twitter E-mail

General

Target

360383ecc371e99a5b4e62147a76933ed2b286f75c74d8c0e413f1c79e8bec59
Size

786KB
MD5

64d6245be686565eb198a78a673fb2e0
SHA1

b1a8ad9bfceb02626dbda88797d414560794502b
SHA256

360383ecc371e99a5b4e62147a76933ed2b286f75c74d8c0e413f1c79e8bec59
SHA512

f63ed5d2b22407ae4cfc75110a8c77855c646c97dfed71395848eb11f97b31a9bc66460e2d9d11b01c8a6757c7c2c98c3bcf28a9e378f418d047bdc6abdb60f7
SSDEEP

12288:bsLSOAUSAW33J+2jgeJFHMq8J77N79rvzDNz:baSO16JpbJFHd8J77N79zzDNz

Score

N/A

Malware Config

Signatures

Files

360383ecc371e99a5b4e62147a76933ed2b286f75c74d8c0e413f1c79e8bec59
.exe windows x86

86e118a51cfe5f4dd9f39a66734a0660

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSACleanup
inet_ntoa
WSAGetLastError
WSAStartup
gethostbyname

shell32

SHParseDisplayName
SHChangeNotify
SHGetFolderPathA

kernel32

UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetLastError
CreateFileA
CreateMutexA
CreateDirectoryA
GetFileAttributesA
GetModuleHandleA
MoveFileExA
GetTempPathA
GetSystemDirectoryA
WaitForMultipleObjects
GlobalFree
GlobalUnlock
GlobalLock
ExpandEnvironmentStringsA
DeleteFileW
GetCommandLineW
SetCurrentDirectoryA
GlobalAlloc
SetEvent
GetCurrentThreadId
lstrcmpiA
DeleteFileA
FindFirstFileA
FindClose
lstrlenA
CreateProcessA
CloseHandle
WaitForSingleObject
GetModuleFileNameA
GetSystemDefaultLCID
GetPrivateProfileStringA
GetCurrentDirectoryA
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
CreateFileW
GetLocaleInfoW
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
Sleep
CreateEventA
LoadLibraryA
GetProcAddress
FreeLibrary
GetDiskFreeSpaceExA
WriteConsoleA
ReadFile
SetConsoleCtrlHandler
IsValidCodePage
FormatMessageA
WideCharToMultiByte
MultiByteToWideChar
GetWindowsDirectoryA
GetTickCount
WriteFile
SetFilePointer
GetFileSize
GetCurrentProcessId
GetLocalTime
GetCurrentProcess
GetVersionExA
ReleaseMutex
OpenMutexA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLocaleInfoA
LocalFree
LocalAlloc
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
InterlockedCompareExchange
RaiseException
RtlUnwind
HeapFree
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
HeapAlloc
GetProcessHeap
GetStartupInfoA
GetTimeFormatA
GetDateFormatA
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetCPInfo
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThread
HeapSize
GetACP
GetOEMCP
HeapDestroy
HeapCreate
VirtualFree
FatalAppExitA
VirtualAlloc
HeapReAlloc
SetHandleCount
GetStdHandle
GetFileType
GetConsoleCP
GetConsoleMode
FlushFileBuffers
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale

user32

DestroyWindow
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
PostMessageA
IsWindow
RegisterClassExA
WaitForInputIdle
MessageBoxA
LoadStringA
SetWindowPos
SetForegroundWindow
GetParent
AttachThreadInput
GetWindowThreadProcessId
CreateWindowExA
DefWindowProcA
FindWindowA
BringWindowToTop
GetForegroundWindow

comdlg32

GetSaveFileNameA

advapi32

RegCreateKeyA
SetEntriesInAclA
SetKernelObjectSecurity
GetSecurityDescriptorDacl
SetSecurityInfo
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
IsValidSid
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegFlushKey
RegDeleteValueA
RegSetValueExA
RegDeleteKeyA
RegEnumKeyExA
RegCreateKeyExA
RegEnumValueA
FreeSid
InitializeSecurityDescriptor
AllocateAndInitializeSid
GetAce
GetLengthSid

ole32

CoUninitialize
CoInitialize

winspool.drv

EnumPrintersA
DocumentPropertiesA
OpenPrinterA
GetPrinterA
ClosePrinter
GetPrinterDriverDirectoryA

Sections

.text
Size: 556KB - Virtual size: 555KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

86e118a51cfe5f4dd9f39a66734a0660

Headers

File Characteristics

Imports

ws2_32

shell32

kernel32

user32

comdlg32

advapi32

ole32

winspool.drv

Sections

.text Size: 556KB - Virtual size: 555KB

.rdata Size: 72KB - Virtual size: 69KB

.data Size: 12KB - Virtual size: 23KB

.idata Size: 8KB - Virtual size: 6KB

.rsrc Size: 128KB - Virtual size: 128KB

.text
Size: 556KB - Virtual size: 555KB

.rdata
Size: 72KB - Virtual size: 69KB

.data
Size: 12KB - Virtual size: 23KB

.idata
Size: 8KB - Virtual size: 6KB

.rsrc
Size: 128KB - Virtual size: 128KB