005b72664b5fc3fe044b20fd282c100ae038d5a8f1bc688ef1663131eca21a18

Sharing

Copy URL Twitter E-mail

General

Target

005b72664b5fc3fe044b20fd282c100ae038d5a8f1bc688ef1663131eca21a18
Size

220KB
MD5

3b7e4d14c74affefd07d83a341d46450
SHA1

d45fcf88b10a1c2ea71b807c1638a058a16f15ac
SHA256

005b72664b5fc3fe044b20fd282c100ae038d5a8f1bc688ef1663131eca21a18
SHA512

abc00b02392afb7d4a7397f0d3db11f54a817f30e43f82b879eac26f42e942a3fece42a74776e6d684cfef0f44654ce2d505cf37400df006093b630d1f449fcc
SSDEEP

6144:/LEIW6EKW64TSuwbU3ebB7Efm+SOMvypiz:/LEI7l34WuAU3KREeN5Vz

Score

N/A

Malware Config

Signatures

Files

005b72664b5fc3fe044b20fd282c100ae038d5a8f1bc688ef1663131eca21a18
.exe windows x86

5545b8917ec2c6b55a5263f05d0d3a99

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadResource
FindResourceA
DeleteFileA
LockResource
LoadLibraryExA
FindNextFileW
DeleteFileW
FindFirstFileW
SetFileAttributesA
GetFileAttributesA
GetCommandLineA
FreeLibrary
CreateFileA
GetFileSize
SetFilePointer
ReadFile
CloseHandle
CreateFileMappingA
GetLastError
GlobalAlloc
GetSystemDirectoryA
SetCurrentDirectoryA
GetModuleHandleA
GetProcAddress
GetDiskFreeSpaceA
GlobalFree
GetCurrentProcess
lstrlenW
WideCharToMultiByte
GetPrivateProfileIntA
GetVersionExA
WritePrivateProfileStringA
MultiByteToWideChar
CreateDirectoryA
GetWindowsDirectoryA
GetSystemDefaultLangID
CreateDirectoryW
lstrcmpA
GetPrivateProfileStringA
lstrcpynA
FindClose
FindFirstFileA
FindNextFileA
SetEvent
GetModuleFileNameA
lstrcatA
WaitForSingleObject
CreateEventA
lstrcpyA
RemoveDirectoryW
GetOEMCP
LoadLibraryA
LCMapStringW
LCMapStringA
HeapReAlloc
VirtualAlloc
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
lstrlenA
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStringTypeW
GetStringTypeA
InterlockedIncrement
InterlockedDecrement
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetACP
GetCPInfo
RtlUnwind
UnhandledExceptionFilter
TerminateProcess
HeapAlloc
TlsGetValue
SetLastError
TlsAlloc
HeapFree
ExitProcess
GetVersion
GetStartupInfoA
ExitThread
TlsSetValue
GetCurrentThreadId
CreateThread

user32

KillTimer
DispatchMessageA
TranslateMessage
GetMessageA
InvalidateRect
EndDialog
GetDlgItem
SetWindowTextA
SendMessageA
DialogBoxParamA
CreateDialogParamA
SetWindowPos
ShowWindow
CreateWindowExA
RegisterClassExA
LoadCursorA
LoadIconA
wsprintfA
PostQuitMessage
DestroyWindow
DefWindowProcA
MoveWindow
GetWindowRect
GetDesktopWindow
EndPaint
OffsetRect
GetClientRect
BeginPaint
LoadBitmapA
SetTimer
MessageBoxA
ExitWindowsEx
LoadStringW
LoadStringA
SetFocus
SetForegroundWindow
GetSystemMetrics
SetWindowLongA
GetWindowLongA
GetDC
ReleaseDC

gdi32

GetStockObject
CreateSolidBrush
SelectObject
SetDIBitsToDevice
BitBlt
CreateCompatibleDC
DeleteDC
CreatePalette
GetPixel
GetObjectA
SelectPalette
RealizePalette
DeleteObject

winspool.drv

GetPrinterDriverDirectoryA

advapi32

OpenProcessToken
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
RegDeleteKeyA

shell32

SHGetSpecialFolderLocation
SHGetMalloc
SHGetPathFromIDListW
CommandLineToArgvW

ole32

CoUninitialize
CoCreateInstance
CoInitialize

comctl32

ord17
ImageList_Destroy
ImageList_Draw
ImageList_AddMasked
ImageList_Create

setupapi

SetupCloseInfFile
SetupOpenInfFileA
SetupGetLineTextA

Sections

.text
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5545b8917ec2c6b55a5263f05d0d3a99

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

comctl32

setupapi

Sections

.text Size: 48KB - Virtual size: 46KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 8KB - Virtual size: 6KB

.rsrc Size: 152KB - Virtual size: 152KB

.text
Size: 48KB - Virtual size: 46KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 8KB - Virtual size: 6KB

.rsrc
Size: 152KB - Virtual size: 152KB