3e0b5eae93fb680665bff6048405a5c709c8c5ecce7927f183f2240cd9dabb83

Sharing

Copy URL Twitter E-mail

General

Target

3e0b5eae93fb680665bff6048405a5c709c8c5ecce7927f183f2240cd9dabb83
Size

359KB
MD5

5895e2691e358e835b8e1654dd47c952
SHA1

5b5551fdad49940ccd17d55743b261e8b999a596
SHA256

3e0b5eae93fb680665bff6048405a5c709c8c5ecce7927f183f2240cd9dabb83
SHA512

a261b853f6dd589adec0646198614ef4197503c146909108dfdc544661c43868b97567b71b6f9c5aa07bcfd03a52ae506fe38fca702824a27ebca8a00e0bfb02
SSDEEP

6144:q3L9BKf/aul4WedEBmeFMbtXlNZb5bmqKUgnrFQfxaxgz+HVch:Iwf/auhWZXbtt1mfkoxgze

Score

N/A

Malware Config

Signatures

Files

3e0b5eae93fb680665bff6048405a5c709c8c5ecce7927f183f2240cd9dabb83
.exe windows x64

6a60962f25c95830b0ee8c61dd331ffb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

setupapi

SetupDiCallClassInstaller
SetupDiGetDeviceInstanceIdA
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiSetClassInstallParamsA
SetupDiChangeState
SetupDiDestroyDeviceInfoList

shlwapi

PathGetArgsA
PathRemoveArgsA
PathUnquoteSpacesA

kernel32

SetErrorMode
LocalAlloc
LeaveCriticalSection
GlobalReAlloc
GlobalHandle
EnterCriticalSection
TlsGetValue
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
WritePrivateProfileStringA
GetCurrentDirectoryA
GlobalFlags
GetProcessVersion
GetCPInfo
GetOEMCP
VirtualProtect
VirtualAlloc
VirtualQuery
RtlUnwindEx
HeapAlloc
GetProcessHeap
GetStartupInfoA
GetACP
RaiseException
RtlPcToFileHeader
ExitProcess
HeapReAlloc
HeapSize
LCMapStringA
LCMapStringW
Sleep
HeapSetInformation
HeapCreate
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
GetDriveTypeA
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
GetLocaleInfoA
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetFileTime
GetFileSize
GetFileAttributesA
MulDiv
GetVersion
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
FreeLibrary
lstrcatA
GlobalUnlock
GlobalFree
FindResourceA
LoadResource
LockResource
FreeResource
GetCurrentThread
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
SetLastError
FindNextFileA
GetFullPathNameA
FindFirstFileA
FindClose
lstrcpyA
lstrcpynA
LoadLibraryA
WriteFile
DuplicateHandle
lstrcmpiA
GetThreadLocale
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
CreateThread
FormatMessageA
GetSystemDefaultLangID
GetModuleHandleA
GetProcAddress
GetSystemInfo
GetPrivateProfileStringA
GetCurrentProcess
GetLastError
LocalFree
GetWindowsDirectoryA
GetSystemDirectoryA
SetFileAttributesA
DeleteFileA
GetVersionExA
CreateFileA
CloseHandle
GetModuleFileNameA
GetCommandLineA
GetVolumeInformationA
HeapFree

user32

GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatA
PostThreadMessageA
LoadCursorA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextA
TabbedTextOutA
DestroyMenu
LoadStringA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
GetCapture
WinHelpA
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
SetFocus
IsChild
GetWindowLongPtrA
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
SetWindowLongPtrA
GetTopWindow
GetForegroundWindow
SetForegroundWindow
MapWindowPoints
UpdateWindow
GetSysColor
CopyAcceleratorTableA
GetSubMenu
AdjustWindowRectEx
GetMenuItemID
GetMenuItemCount
GetClassInfoA
RegisterClassA
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
OffsetRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
CopyRect
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
EndDialog
IsWindow
SetMenuItemBitmaps
GetFocus
GetNextDlgTabItem
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowsHookExA
CallNextHookEx
GetActiveWindow
IsWindowVisible
GetMessageA
TranslateMessage
DispatchMessageA
GetKeyState
ValidateRect
PeekMessageA
SetRect
CharNextA
GetSysColorBrush
PtInRect
GetClassNameA
GetCursorPos
MessageBoxA
GetWindowLongA
GetParent
GetLastActivePopup
IsWindowEnabled
SetCursor
PostQuitMessage
PostMessageA
CharUpperA
wsprintfA
GetSystemMetrics
LoadIconA
EnableWindow
GetClientRect
IsIconic
GetSystemMenu
SendMessageA
AppendMenuA
DrawIcon
GetDesktopWindow
GetMenu
UnregisterClassA

gdi32

GetDeviceCaps
GetBkColor
DPtoLP
LPtoDP
GetMapMode
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetStockObject
SelectObject
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
SetMapMode
RestoreDC
SaveDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetTextColor
CreateBitmap
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegDeleteKeyA
GetNamedSecurityInfoA
BuildExplicitAccessWithNameA
SetEntriesInAclA
SetNamedSecurityInfoA
RegOpenKeyExA
RegEnumKeyA
RegCloseKey

shell32

SHFileOperationA

comctl32

ord17

oledlg

ord8

ole32

OleInitialize
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoTaskMemAlloc
CoGetClassObject
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
CoRevokeClassObject
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoFreeUnusedLibraries

oleaut32

SysStringLen
SysAllocStringByteLen
SysFreeString
VariantChangeType
VariantCopy
SysAllocString
VariantTimeToSystemTime
VariantClear
OleCreateFontIndirect
SysAllocStringLen

Sections

.text
Size: 206KB - Virtual size: 206KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 41KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6a60962f25c95830b0ee8c61dd331ffb

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

shlwapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

oleaut32

Sections

.text Size: 206KB - Virtual size: 206KB

.rdata Size: 81KB - Virtual size: 81KB

.data Size: 10KB - Virtual size: 33KB

.pdata Size: 18KB - Virtual size: 17KB

.rsrc Size: 41KB - Virtual size: 42KB

.text
Size: 206KB - Virtual size: 206KB

.rdata
Size: 81KB - Virtual size: 81KB

.data
Size: 10KB - Virtual size: 33KB

.pdata
Size: 18KB - Virtual size: 17KB

.rsrc
Size: 41KB - Virtual size: 42KB