348c8817d7bfc24e9f7535ea0977a72b0eeef8e0cd6a37e3c4be51de9e544e63

Sharing

Copy URL Twitter E-mail

General

Target

348c8817d7bfc24e9f7535ea0977a72b0eeef8e0cd6a37e3c4be51de9e544e63
Size

333KB
MD5

4547c6a65cad8d03616e8ef108e5d6e4
SHA1

4ff91f51c89413b0a3df521bf4e1361defb58e10
SHA256

348c8817d7bfc24e9f7535ea0977a72b0eeef8e0cd6a37e3c4be51de9e544e63
SHA512

c3ba12814deab1e4ad65cc49a1efe65099fe4eff8331c4c3a31914497d78a5173517c64b73c08777861f00dd4ba43acd156048fcf9d142c774d1745fb41b0c24
SSDEEP

6144:D7YoTtCYOa9WTu0+v3Nb87V5oVWTJbIBbboV7UjGj:DbAJaLFbSYxAj

Score

N/A

Malware Config

Signatures

Files

348c8817d7bfc24e9f7535ea0977a72b0eeef8e0cd6a37e3c4be51de9e544e63
.exe windows x86

930754e4d6ad673167d128e2aabbde96

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsW

kernel32

GlobalFree
GlobalUnlock
GlobalHandle
GlobalLock
GlobalReAlloc
GlobalAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GetVersion
GetCurrentThreadId
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
lstrcatW
GetModuleHandleA
GetProcessVersion
lstrcmpiW
lstrcmpW
GlobalFlags
GetCurrentDirectoryW
FlushFileBuffers
SetEndOfFile
GetFullPathNameW
RtlUnwind
RaiseException
ExitProcess
TlsAlloc
GetStartupInfoA
GetCommandLineA
HeapAlloc
HeapFree
GetTimeZoneInformation
HeapSize
HeapReAlloc
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
GetCPInfo
SetStdHandle
CreateFileA
GetACP
GetOEMCP
GetDriveTypeA
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
SetEnvironmentVariableA
LocalAlloc
FileTimeToLocalFileTime
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrcpyW
SetLastError
lstrlenA
InterlockedDecrement
InterlockedIncrement
FindFirstFileW
FindNextFileW
FindClose
WideCharToMultiByte
UnmapViewOfFile
DuplicateHandle
CreateFileMappingW
MapViewOfFile
GetFileType
GetFileInformationByHandle
GetLocalTime
SystemTimeToFileTime
FileTimeToDosDateTime
FileTimeToSystemTime
WinExec
CreateMutexW
ReleaseMutex
CreateThread
GetCurrentProcessId
OutputDebugStringW
LoadLibraryA
lstrlenW
GetEnvironmentVariableW
GetShortPathNameW
GetCurrentProcess
SetPriorityClass
ResumeThread
GetModuleHandleW
EnumResourceNamesW
FindResourceW
LoadResource
SizeofResource
LockResource
FreeLibrary
BeginUpdateResourceW
UpdateResourceW
EndUpdateResourceW
GetSystemTime
SetFilePointer
LoadLibraryW
GetProcAddress
MultiByteToWideChar
ExpandEnvironmentStringsW
CreateProcessW
WaitForSingleObject
GetModuleFileNameW
GetModuleFileNameA
GetDiskFreeSpaceExW
GetTickCount
Sleep
GetDriveTypeW
GetVolumeInformationW
SetFileAttributesW
GetFileAttributesW
CopyFileW
lstrcpynW
CreateDirectoryW
DeleteFileW
GetLastError
RemoveDirectoryW
FormatMessageW
LocalFree
CreateFileW
GetFileSize
ReadFile
CloseHandle
WriteFile
TerminateProcess

user32

GetClientRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
PostMessageW
SetWindowTextW
GetSysColorBrush
ReleaseDC
GetDC
GetClassNameW
PtInRect
ClientToScreen
DestroyMenu
TabbedTextOutW
DrawTextW
GrayStringW
CopyRect
GetTopWindow
GetCapture
WinHelpW
GetClassInfoW
RegisterClassW
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextW
GetDlgCtrlID
DestroyWindow
SetPropW
GetPropW
CallWindowProcW
RemovePropW
GetMessageTime
GetMessagePos
SetForegroundWindow
GetWindow
SetWindowLongW
SetWindowPos
RegisterWindowMessageW
SystemParametersInfoW
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetMenuCheckMarkDimensions
LoadBitmapW
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetKeyState
CallNextHookEx
PeekMessageW
SetWindowsHookExW
GetParent
GetLastActivePopup
IsWindowEnabled
SendMessageW
EnableWindow
UnhookWindowsHookEx
PostQuitMessage
DefWindowProcW
GetForegroundWindow
GetWindowTextA
GetAsyncKeyState
CreateWindowExW
UpdateWindow
LoadIconW
LoadCursorW
RegisterClassExW
LoadStringW
LoadAcceleratorsW
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
wvsprintfW
wsprintfW
MessageBoxW
GetWindowLongW

gdi32

ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
SetViewportExtEx
SetViewportOrgEx
PtVisible
RectVisible
TextOutW
ExtTextOutW
DeleteObject
Escape
OffsetViewportOrgEx
GetDeviceCaps
GetObjectW
SetBkColor
SetTextColor
SetMapMode
GetStockObject
SelectObject
RestoreDC
SaveDC
CreateBitmap
GetClipBox
DeleteDC

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegSetValueExW
RegCreateKeyExW
RegCreateKeyA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shell32

ShellExecuteW
SHGetSpecialFolderLocation
SHGetPathFromIDListW

comctl32

ord17

ole32

CoCreateInstance
CoInitialize
CoTaskMemFree

Sections

.text
Size: 112KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

930754e4d6ad673167d128e2aabbde96

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

ole32

Sections

.text Size: 112KB - Virtual size: 110KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 16KB - Virtual size: 33KB

.rsrc Size: 140KB - Virtual size: 137KB

.text
Size: 112KB - Virtual size: 110KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 16KB - Virtual size: 33KB

.rsrc
Size: 140KB - Virtual size: 137KB