158017e42beb511c1afadb431bd2587e2e64f0eaf93e542731f1848fb6787bd8

Sharing

Copy URL Twitter E-mail

General

Target

158017e42beb511c1afadb431bd2587e2e64f0eaf93e542731f1848fb6787bd8
Size

216KB
MD5

08cbf47b15feaf6b345237de9280dd5b
SHA1

955270783d39500734ab0e86bf3f18f5dacc5949
SHA256

158017e42beb511c1afadb431bd2587e2e64f0eaf93e542731f1848fb6787bd8
SHA512

3dcbc8252ebc70690514c91f2488461f2f60dad332c62e4b00824745b31ac342a6e560a248dba3cc6df154c275cb167b49c54ba5670a92f1ae58310dc2729479
SSDEEP

6144:KP3MFb2G+T0efHna40H5i2GDg9++hAuM2Qosn:Keb5efHuK2Qosn

Score

N/A

Malware Config

Signatures

Files

158017e42beb511c1afadb431bd2587e2e64f0eaf93e542731f1848fb6787bd8
.exe windows x86

c333c911bb5e657736e7660c3388e733

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
ReleaseMutex
MapViewOfFile
DeleteCriticalSection
UnmapViewOfFile
GetTickCount
HeapFree
CreateFileMappingA
CreateMutexA
GetProcessHeap
GetCurrentProcess
FreeLibrary
LoadLibraryA
GetFileAttributesA
GetProcAddress
GetPrivateProfileIntA
MulDiv
GetModuleFileNameA
EnterCriticalSection
LocalFree
SetEndOfFile
CreateFileA
GetFullPathNameA
WaitForMultipleObjects
FindNextChangeNotification
SetEvent
WaitForSingleObject
FindCloseChangeNotification
CreateEventA
GetWindowsDirectoryA
lstrcatA
FindFirstChangeNotificationA
ResumeThread
GetPrivateProfileStringA
GetLastError
OpenFile
GetUserDefaultLangID
GetSystemDirectoryA
CreateProcessA
CloseHandle
GetTempPathA
GetTempFileNameA
SetFilePointer
WriteFile
LeaveCriticalSection
LocalAlloc
InitializeCriticalSection
lstrcpyA
HeapAlloc
GetVersionExA
FlushFileBuffers
SetStdHandle
GetStringTypeA
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadCodePtr
VirtualAlloc
VirtualFree
IsBadWritePtr
HeapDestroy
GetEnvironmentVariableA
HeapCreate
GetStringTypeW
GetStdHandle
SetHandleCount
GetFileType
GetEnvironmentStrings
lstrlenA
GetEnvironmentStringsW
FreeEnvironmentStringsW
FreeEnvironmentStringsA
RaiseException
HeapSize
HeapReAlloc
InterlockedIncrement
InterlockedDecrement
UnhandledExceptionFilter
TerminateProcess
ReadFile
TlsAlloc
MultiByteToWideChar
WideCharToMultiByte
GetOEMCP
GetACP
GetCPInfo
TlsGetValue
SetLastError
RtlUnwind
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
ExitThread
TlsSetValue
LCMapStringA
LCMapStringW
GetCurrentThreadId
CreateThread

user32

ShowWindow
DdeConnect
GetWindowRect
PostMessageA
GetClientRect
DdeUninitialize
DdeAbandonTransaction
DdeFreeStringHandle
DdeClientTransaction
SetWindowPos
DdeDisconnect
DestroyMenu
CreatePopupMenu
InsertMenuItemA
TrackPopupMenu
DestroyIcon
DispatchMessageA
TranslateMessage
IsDialogMessageA
GetMessageA
LoadImageA
UpdateWindow
CreateWindowExA
RegisterClassA
LoadIconA
DefWindowProcA
SetTimer
PostQuitMessage
KillTimer
SendMessageA
DestroyWindow
DialogBoxParamA
FillRect
GetSysColorBrush
GetSysColor
ScreenToClient
DrawIconEx
DdeGetLastError
ReleaseDC
GetDC
DrawTextA
GetWindowTextA
SetFocus
SetForegroundWindow
EndDialog
GetDlgItem
EnableWindow
DdeInitializeA
CreateDialogParamA
DdeCreateStringHandleA
SetWindowTextA
GetCursorPos

gdi32

SelectObject
CreateFontIndirectA
GetDeviceCaps
GetObjectA
SetBkMode
SetBkColor
SetTextColor
DeleteObject
GetStockObject

winspool.drv

FindClosePrinterChangeNotification
EnumPrintersA
EnumJobsA
FindNextPrinterChangeNotification
GetPrinterA
OpenPrinterA
FindFirstPrinterChangeNotification
ClosePrinter
EnumPortsA

advapi32

InitializeAcl
RegCloseKey
RegOpenKeyExA
RegEnumKeyExA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
GetAce
AddAccessAllowedAce
GetLengthSid
CopySid
GetTokenInformation
OpenProcessToken
FreeSid
AllocateAndInitializeSid

shell32

ShellExecuteA
ExtractIconA
Shell_NotifyIconA

Sections

.text
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 20KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c333c911bb5e657736e7660c3388e733

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

Sections

.text Size: 84KB - Virtual size: 80KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 20KB - Virtual size: 25KB

.rsrc Size: 96KB - Virtual size: 96KB

.text
Size: 84KB - Virtual size: 80KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 20KB - Virtual size: 25KB

.rsrc
Size: 96KB - Virtual size: 96KB