854d541feca4ec10c0bd7f1def066f2f911da698c382655cb621bddcd428d61e

Sharing

Copy URL

Twitter E-mail

General

Target

854d541feca4ec10c0bd7f1def066f2f911da698c382655cb621bddcd428d61e
Size

668KB
MD5

615fea203a3c0b5756441742fc549235
SHA1

6d0ffffb6f637cd63c87386f96c4b256d3e23cc1
SHA256

854d541feca4ec10c0bd7f1def066f2f911da698c382655cb621bddcd428d61e
SHA512

d38c5200656c87f75af8c4f07d46b503b4fb306a33ff3a323f285a9eab757169106fc98cc5aab0f1e00ef1e9f51f281549af45b13795bf782578df4c1b8bb225
SSDEEP

12288:CbJfinBswzxq9sp7QQfv60vXDrFjewQQVq2iYAhIVHGId9owcaCSB:CVJwzdpUaS0vnIwnSYuxIcraCSB

Score

N/A

Malware Config

Signatures

Files

854d541feca4ec10c0bd7f1def066f2f911da698c382655cb621bddcd428d61e
.exe windows x86

b868ac6f6c3e75b3d161e18cea5c6e74

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryInfoKeyW
RegOpenKeyExW
SetFileSecurityW
RegEnumKeyExW
RegCloseKey
RegCreateKeyExW
RegDeleteValueW
InitializeSecurityDescriptor
RegSetValueExW
RegQueryValueW
RegOpenKeyExA
GetUserNameW
OpenProcessToken
SetSecurityDescriptorDacl
RegEnumValueW
RegCreateKeyW
RegQueryValueExA
RegDeleteKeyW
RegOpenKeyW
GetFileSecurityW
RegQueryValueExW
RegEnumKeyW

comctl32

ord17
ImageList_Destroy

winspool.drv

DocumentPropertiesW
ord204
OpenPrinterW

kernel32

HeapDestroy
RaiseException
GetOEMCP
FreeLibrary
GetThreadLocale
CreateFileA
GetEnvironmentStringsW
GlobalHandle
SetEnvironmentVariableA
FileTimeToSystemTime
LeaveCriticalSection
GetStdHandle
ExitProcess
VirtualQuery
GetVersionExA
GetTimeFormatA
FormatMessageA
GlobalFree
DeleteFileA
IsValidCodePage
GetVersion
lstrlenA
CreateMutexA
DeleteCriticalSection
lstrcpynA
TlsSetValue
TlsGetValue
RtlUnwind
GetStringTypeW
GetTimeZoneInformation
SetStdHandle
GlobalLock
GetCommandLineA
GetFileAttributesA
GetCurrentThreadId
FindNextFileA
SetConsoleCtrlHandler
GetCurrentProcess
VirtualFree
LocalFree
GetLocalTime
EnumSystemLocalesA
TlsAlloc
InterlockedExchange
GetSystemTime
InterlockedIncrement
GetSystemTimeAsFileTime
DeleteFileW
SetThreadPriority
GetSystemInfo
InitializeCriticalSection
GetDriveTypeA
EnterCriticalSection
GetLastError
IsBadCodePtr
GetCurrentThread
GlobalDeleteAtom
GetFileSize
LocalReAlloc
SetFileAttributesA
IsValidLocale
GetProcAddress
FlushInstructionCache
MulDiv
IsBadReadPtr
GlobalAlloc
SystemTimeToFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
CompareStringA
LoadLibraryA
ReadFile
SetCurrentDirectoryA
LCMapStringA
FreeEnvironmentStringsA
VirtualProtect
GetModuleFileNameA
TlsFree
GetACP
GetFileType
GetUserDefaultLCID
VirtualAlloc
WaitForSingleObject
InterlockedDecrement
SetLastError
lstrlenW
WideCharToMultiByte
GetCPInfo
GetProcessHeap
LCMapStringW
TerminateProcess
GetModuleHandleA
GetSystemDefaultLangID
SetErrorMode
GlobalSize
QueryPerformanceCounter
CreateDirectoryA
GetCurrentProcessId
GetLocaleInfoW
GetEnvironmentStrings
HeapAlloc
GetLocaleInfoA
MultiByteToWideChar
GetModuleFileNameW
FreeEnvironmentStringsW
lstrcmpiA
FatalAppExitA
WriteFile
IsBadWritePtr
GetVolumeInformationA
GetFullPathNameA
GetStartupInfoA
CompareStringW
HeapCreate
CloseHandle
HeapSize
SetFilePointer
GetDateFormatA
HeapFree
Sleep
HeapReAlloc
GetTickCount
GetStringTypeA
FlushFileBuffers
SetHandleCount

oleaut32

LoadTypeLi

comdlg32

GetOpenFileNameA
GetFileTitleA
PageSetupDlgA
GetSaveFileNameA

user32

UnhookWindowsHookEx
GetClassNameA
GetSystemMenu
MoveWindow
GetWindowLongA
ValidateRect
CharNextA
GetWindowTextLengthA
WaitMessage
SendDlgItemMessageA
KillTimer
IsWindow
LoadStringA
SetActiveWindow
LoadAcceleratorsA
PostQuitMessage
MessageBeep
MsgWaitForMultipleObjects
SetCapture
SetTimer
TranslateMessage
GetWindowTextA
LoadIconA
GetSystemMetrics
ReleaseCapture
GetDlgItem
DeleteMenu
SystemParametersInfoA
GetCursorPos
ShowWindow
GetDC
CreateDialogParamA
RedrawWindow
GetSysColor
GetClientRect
TranslateAcceleratorA
MessageBoxA
UpdateWindow
OpenClipboard
IsWindowVisible
CreateWindowExA
wsprintfA
RegisterClassA
DefWindowProcA
ShowCaret
PtInRect
SetDlgItemTextA
GetActiveWindow
DispatchMessageA
DestroyWindow
GetParent
SetWindowTextA
CallWindowProcA
SetCursor
PostMessageA
RegisterClassExA
EndDialog
SetForegroundWindow

Sections

.text
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 456KB - Virtual size: 452KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b868ac6f6c3e75b3d161e18cea5c6e74

Headers

File Characteristics

Imports

advapi32

comctl32

winspool.drv

kernel32

oleaut32

comdlg32

user32

Sections

.text Size: 88KB - Virtual size: 85KB

.rdata Size: 456KB - Virtual size: 452KB

.data Size: 100KB - Virtual size: 98KB

.rsrc Size: 20KB - Virtual size: 17KB

.text
Size: 88KB - Virtual size: 85KB

.rdata
Size: 456KB - Virtual size: 452KB

.data
Size: 100KB - Virtual size: 98KB

.rsrc
Size: 20KB - Virtual size: 17KB