dab34e1d52734c414413507fa823a47eed5efb4ca4d183d41203f1ebc90d3b15

Sharing

Copy URL Twitter E-mail

General

Target

dab34e1d52734c414413507fa823a47eed5efb4ca4d183d41203f1ebc90d3b15
Size

456KB
MD5

68b6468f32e2872d786925cc5df715c0
SHA1

a0da0ecaedc88cdb3e8f16b68de0ded98571764d
SHA256

dab34e1d52734c414413507fa823a47eed5efb4ca4d183d41203f1ebc90d3b15
SHA512

45ca09e795425892d7ffbe20224fbf996be5e8d97e5963261200c1bf580092c3a6bafd3de7a1e919cf132e6a2eaf1b9c3218c1718783ac242c3837dc816d732b
SSDEEP

12288:zWS0+J9jal7eMLBUeioZNAcWT82X2RE/SD4W6jPN:CS0+J9eBlL2ed/M82kkS0zB

Score

N/A

Malware Config

Signatures

Files

dab34e1d52734c414413507fa823a47eed5efb4ca4d183d41203f1ebc90d3b15
.exe windows x86

1f918f518467d9011ab01018489f70a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winspool.drv

GetJobA
ClosePrinter
DocumentPropertiesA

winmm

waveOutSetVolume
waveOutClose
mciSendStringA
mixerGetLineControlsA
mciGetErrorStringA
mixerSetControlDetails
timeGetTime
waveOutWrite
timeBeginPeriod
mixerGetControlDetailsA
timeSetEvent
timeEndPeriod
mixerOpen
waveOutOpen
mixerClose
waveOutPrepareHeader
waveOutReset
timeKillEvent
mciSendCommandA
waveOutUnprepareHeader
waveOutGetNumDevs
waveOutGetDevCapsA
mixerGetLineInfoA

gdi32

OffsetViewportOrgEx
CreatePatternBrush
LineTo

user32

CreateWindowExW
LoadIconW
LoadCursorW
DestroyWindow
DestroyIcon
RegisterClassExW
MessageBoxW
LoadStringW
DefWindowProcW
RegisterClassW
ShowWindow

comctl32

ImageList_LoadImageW
ImageList_GetIconSize
ImageList_GetImageInfo
ord17
InitCommonControlsEx
_TrackMouseEvent
ImageList_GetImageCount
ImageList_Draw
ImageList_Add
ImageList_AddMasked
ImageList_Create
CreateStatusWindowW
ImageList_GetIcon
ImageList_ReplaceIcon
DestroyPropertySheetPage
ImageList_Destroy

kernel32

UnhandledExceptionFilter
GetOEMCP
GetModuleHandleW
SetEnvironmentVariableA
DeleteCriticalSection
SetStdHandle
QueryPerformanceCounter
GetStartupInfoA
FlushFileBuffers
GetCurrentThreadId
RaiseException
GetLastError
VirtualFree
TlsAlloc
WideCharToMultiByte
HeapAlloc
GetSystemInfo
WriteFile
VirtualQuery
CloseHandle
CreateMutexW
FreeEnvironmentStringsW
TerminateProcess
SetHandleCount
TlsGetValue
GetDateFormatA
ExitProcess
GetModuleFileNameW
GetCurrentProcessId
HeapDestroy
CompareStringA
GetSystemTimeAsFileTime
RtlUnwind
SetFilePointer
GetLocaleInfoA
GetACP
LoadLibraryW
HeapFree
TlsFree
EnterCriticalSection
HeapCreate
SetUnhandledExceptionFilter
GetTimeFormatA
LoadLibraryA
GetCurrentProcess
ReadFile
GetEnvironmentStringsW
GetProcAddress
LCMapStringW
CompareStringW
TlsSetValue
InitializeCriticalSection
GetFileType
GetModuleHandleA
GetTickCount
GetEnvironmentStrings
GetStdHandle
VirtualAlloc
IsBadCodePtr
HeapReAlloc
GetVersionExA
HeapSize
InterlockedExchange
GetCPInfo
GetStringTypeA
GetStringTypeW
GetModuleFileNameA
GetCommandLineA
GetTimeZoneInformation
GetCommandLineW
VirtualProtect
SetLastError
LeaveCriticalSection
GetStartupInfoW
MultiByteToWideChar
FreeEnvironmentStringsA
LCMapStringA

advapi32

CloseServiceHandle
OpenProcessToken
FreeSid
RegQueryValueA
InitializeSecurityDescriptor
DeleteService
InitializeAcl
GetTokenInformation
RegCreateKeyExA
GetUserNameA
RegOpenKeyExA

ole32

OleIsCurrentClipboard
OleTranslateAccelerator
OleCreateLinkFromData
CreateStreamOnHGlobal
OleCreateFromFile
OleCreateLinkToFile
StgCreateDocfile
CreateOleAdviseHolder
CoRegisterMessageFilter
CLSIDFromProgID
CreateILockBytesOnHGlobal
OleGetIconOfClass
OleRegGetUserType
CreateBindCtx
CoGetMalloc
OleCreateMenuDescriptor
OleSetMenuDescriptor
OleDestroyMenuDescriptor
OleSave
StgCreateDocfileOnILockBytes
OleFlushClipboard
OleCreateFromData
OleUninitialize
OleCreate
DoDragDrop
IsAccelerator
CLSIDFromString
RegisterDragDrop

wininet

HttpEndRequestA
InternetGetConnectedState
InternetCrackUrlA
InternetQueryDataAvailable
InternetAttemptConnect
InternetWriteFile
InternetReadFile
InternetOpenA
InternetCanonicalizeUrlA
InternetConnectA
HttpAddRequestHeadersA
InternetSetFilePointer
HttpOpenRequestA

Sections

.text
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 248KB - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1f918f518467d9011ab01018489f70a1

Headers

File Characteristics

Imports

winspool.drv

winmm

gdi32

user32

comctl32

kernel32

advapi32

ole32

wininet

Sections

.text Size: 96KB - Virtual size: 93KB

.rdata Size: 248KB - Virtual size: 247KB

.data Size: 72KB - Virtual size: 94KB

.rsrc Size: 36KB - Virtual size: 33KB

.text
Size: 96KB - Virtual size: 93KB

.rdata
Size: 248KB - Virtual size: 247KB

.data
Size: 72KB - Virtual size: 94KB

.rsrc
Size: 36KB - Virtual size: 33KB