154fb9a2820e31ab9b7184254e74180b5b0eae7b29734495c0cc8076139cd5a6

Sharing

Copy URL Twitter E-mail

General

Target

154fb9a2820e31ab9b7184254e74180b5b0eae7b29734495c0cc8076139cd5a6
Size

496KB
MD5

71904bbdcb429ebdb97b4bd9012dea70
SHA1

a7ff132d8d75d5cd0632afe7c11734efc9894d37
SHA256

154fb9a2820e31ab9b7184254e74180b5b0eae7b29734495c0cc8076139cd5a6
SHA512

049c278ef10d9509fa0a7cbf8e4d95db8ad5107d6b8d7921c833d334447664c15c68e8019fa17acca0cfd6c37722f6c2128b9fd9efe8abb91de05b0e7b3fa5f3
SSDEEP

12288:m+javpVkZGTbn7q1odeMIJ1OgZtb+eDuUl7pShGaLFV6:dmpnnYoMMEOgn+aYhGaLX6

Score

N/A

Malware Config

Signatures

Files

154fb9a2820e31ab9b7184254e74180b5b0eae7b29734495c0cc8076139cd5a6
.exe windows x86

1a0f471c6adfda700ae7753b8e90f737

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

kernel32

ReadFile
SetFilePointer
SetEndOfFile
GetModuleHandleW
InterlockedIncrement
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
GetCPInfo
GetOEMCP
SetErrorMode
RtlUnwind
RaiseException
UnhandledExceptionFilter
SetUnhandledExceptionFilter
ExitProcess
GetTimeFormatA
GetDateFormatA
GetSystemTimeAsFileTime
VirtualAlloc
HeapReAlloc
HeapSize
SetStdHandle
GetFileType
GetACP
IsValidCodePage
LCMapStringA
LCMapStringW
GetStdHandle
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
VirtualFree
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
GetCurrentProcessId
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
LoadLibraryExA
InterlockedExchange
InterlockedDecrement
GetModuleFileNameW
GlobalGetAtomNameA
GlobalFindAtomA
CompareStringA
lstrcmpW
OpenMutexA
CreateMutexA
GetStartupInfoA
CreateProcessA
GetExitCodeProcess
WaitForSingleObject
TerminateProcess
CreateDirectoryA
FlushFileBuffers
GlobalFree
HeapFree
GetProcessHeap
HeapAlloc
GetFileTime
CompareFileTime
WritePrivateProfileStringA
lstrcmpA
GetDriveTypeA
Sleep
GetSystemDirectoryA
GetShortPathNameA
GetEnvironmentVariableA
GetTempPathA
GetLocaleInfoA
GetLocalTime
FormatMessageA
LocalFree
GetSystemDefaultLangID
GetVersionExA
GetUserDefaultLangID
InitializeCriticalSection
GetFileSize
DeleteCriticalSection
QueryPerformanceCounter
QueryPerformanceFrequency
WriteFile
OutputDebugStringA
CreateFileA
FindResourceExA
SetLastError
WideCharToMultiByte
GetWindowsDirectoryA
FindFirstFileA
FindNextFileA
FindClose
CloseHandle
LocalAlloc
GetPrivateProfileStringA
GetCurrentDirectoryA
lstrlenA
FindResourceA
LoadResource
LockResource
SizeofResource
GlobalAlloc
FreeResource
GlobalLock
GlobalUnlock
MulDiv
GetProcAddress
GetCurrentProcess
LoadLibraryA
GlobalAddAtomA
GlobalDeleteAtom
GetCurrentThreadId
GetTickCount
GetModuleFileNameA
MultiByteToWideChar
GetCommandLineA
GetFullPathNameA
GetFileAttributesA
FreeLibrary
GetLastError
GetModuleHandleA
EnterCriticalSection
LeaveCriticalSection
IsDebuggerPresent

user32

UnregisterClassA
DestroyMenu
LoadCursorA
GetSysColorBrush
EndPaint
BeginPaint
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
SetCursor
GetMessageA
GetCursorPos
ValidateRect
ShowWindow
IsDialogMessageA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
EnableMenuItem
CheckMenuItem
SendDlgItemMessageA
WinHelpA
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
GetKeyState
SetMenu
IsWindowVisible
GetClientRect
CreateWindowExA
GetClassInfoExA
GetClassInfoA
GetSysColor
AdjustWindowRectEx
ScreenToClient
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
GetWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
IsWindow
WaitForInputIdle
MsgWaitForMultipleObjects
PostQuitMessage
SetWindowTextA
GetSystemMetrics
MessageBoxA
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
SetForegroundWindow
GetDesktopWindow
GetLastActivePopup
UpdateWindow
GetWindowRect
IsIconic
LoadBitmapA
GetWindowLongA
GetDC
SetWindowLongA
ReleaseDC
PeekMessageA
TranslateMessage
DispatchMessageA
PostMessageA
LoadImageA
LoadIconA
EnableWindow
SendMessageA
RegisterWindowMessageA
RegisterClassA

gdi32

CreateSolidBrush
DeleteObject
SetMapMode
GetStockObject
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateFontA
GetLayout
SetLayout
GetDeviceCaps
CreateCompatibleDC
CreateCompatibleBitmap
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
StretchBlt
BitBlt
GetObjectA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegQueryValueA
RegEnumKeyA
RegCloseKey
RegSetValueExA
OpenProcessToken
GetTokenInformation
EqualSid
LookupAccountSidA
FreeSid
RegCreateKeyExA
RegOpenKeyA
RegOpenKeyExA
RegDeleteKeyA
AllocateAndInitializeSid
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegQueryValueExA

shlwapi

PathFindFileNameA
PathFindExtensionA
PathRemoveFileSpecW

ole32

CoTaskMemFree
CoUninitialize
CoInitializeEx
CoCreateInstance

oleaut32

VariantInit
VariantChangeType
VariantClear
OleLoadPicturePath

Sections

.text
Size: 272KB - Virtual size: 271KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 142KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1a0f471c6adfda700ae7753b8e90f737

Headers

DLL Characteristics

File Characteristics

Imports

version

kernel32

user32

gdi32

winspool.drv

advapi32

shlwapi

ole32

oleaut32

Sections

.text Size: 272KB - Virtual size: 271KB

.rdata Size: 66KB - Virtual size: 66KB

.data Size: 9KB - Virtual size: 90KB

.rsrc Size: 142KB - Virtual size: 144KB

.text
Size: 272KB - Virtual size: 271KB

.rdata
Size: 66KB - Virtual size: 66KB

.data
Size: 9KB - Virtual size: 90KB

.rsrc
Size: 142KB - Virtual size: 144KB