bd42660446e59976c0cc4264fdd163b7f7008505843f07000a61d6eae52095f1

Sharing

Copy URL Twitter E-mail

General

Target

bd42660446e59976c0cc4264fdd163b7f7008505843f07000a61d6eae52095f1
Size

222KB
MD5

63f209651cd77da5949988b178789390
SHA1

a9eae20ef22494588a835953c6294507f4d81e24
SHA256

bd42660446e59976c0cc4264fdd163b7f7008505843f07000a61d6eae52095f1
SHA512

357ec31e8422d43b488f288106508dd83f22f0989f9a393f313aa6277f4bf0588c096eabbb4ee581b4bb1c8e178ec92f1f9787003a4df37749d25a8ad746da69
SSDEEP

3072:6AaKynRHMCgi/zqYgAMRW47nA6meG4X2n5NlwS6OO2xm+6nGrN+sEU5cEhS/z3:BatHMCgVrZ7noeGwQHnOsEuc5/j

Score

N/A

Malware Config

Signatures

Files

bd42660446e59976c0cc4264fdd163b7f7008505843f07000a61d6eae52095f1
.exe windows x86

84d62e4cba33049842d3d1bc3943f1a9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_BIND

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushFileBuffers
IsProcessorFeaturePresent
HeapReAlloc
GetStringTypeW
LCMapStringW
WriteConsoleW
SetStdHandle
HeapSize
RtlUnwind
Sleep
IsValidCodePage
GetOEMCP
GetCPInfo
GetConsoleMode
GetConsoleCP
SetFilePointer
GetLastError
RaiseException
GetPrivateProfileStringA
GetCurrentProcessId
lstrcpyA
GetVersion
CloseHandle
GetCPInfoExA
FindNextFileA
GetACP
QueryPerformanceCounter
FindFirstFileA
InterlockedExchange
MultiByteToWideChar
lstrcatA
CreateFileW
HeapCreate
InitializeCriticalSection
GetProcessHeap
GetTickCount
HeapFree
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
DeleteCriticalSection
FindClose
EnumSystemCodePagesW
GetSystemTimeAsFileTime
lstrcmpiA
LoadLibraryW
HeapAlloc
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
LeaveCriticalSection
EnterCriticalSection
GetCurrentProcess
TerminateProcess
IsDebuggerPresent
GetCommandLineA
HeapSetInformation
GetStartupInfoW
GetProcAddress
GetModuleHandleW
ExitProcess
DecodePointer
WriteFile
GetStdHandle
GetModuleFileNameW
EncodePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter

user32

LoadCursorA
UpdateWindow
SetWindowTextA
GetDlgItemTextA
IsDlgButtonChecked
ShowWindow
CheckDlgButton
SetDlgItemTextA
GetWindow
MoveWindow
IsWindow
EndDialog
GetDlgItem
MessageBoxA
GetWindowPlacement
SetDlgItemInt
IsDialogMessageA
GetDC
DestroyWindow
SetWindowPlacement
SetCursor
SendDlgItemMessageA
wsprintfA
GetClientRect
SendMessageA
BeginPaint
wsprintfW

gdi32

TextOutA
MoveToEx
LineTo
GetDeviceCaps
CreateDCA
GetDCOrgEx
SetMapMode
SaveDC
GetBkColor
RestoreDC

winspool.drv

EnumPrintersA

advapi32

CryptEncrypt
RegCloseKey
RegOpenKeyA
CryptDestroyKey
CryptSetKeyParam
CryptImportKey
CryptAcquireContextA
CryptReleaseContext
RegQueryValueExA

ole32

CoInitialize
CoCreateInstance
CLSIDFromProgID
CoUninitialize

oleaut32

VariantInit
SysAllocStringLen
SysFreeString
SysAllocString

crypt32

CertFreeCertificateContext
CertCreateCertificateContext
CryptImportPublicKeyInfo

comctl32

ImageList_Draw

wintrust

CryptCATAdminReleaseContext
CryptCATAdminReleaseCatalogContext
CryptCATAdminAcquireContext
WinVerifyTrust
CryptCATAdminCalcHashFromFileHandle
CryptCATCatalogInfoFromContext
CryptCATAdminEnumCatalogFromHash

wtsapi32

WTSQuerySessionInformationA

uxtheme

IsAppThemed

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

84d62e4cba33049842d3d1bc3943f1a9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

ole32

oleaut32

crypt32

comctl32

wintrust

wtsapi32

uxtheme

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 15KB - Virtual size: 15KB

.data Size: 140KB - Virtual size: 147KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 20KB - Virtual size: 20KB

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 15KB - Virtual size: 15KB

.data
Size: 140KB - Virtual size: 147KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 20KB - Virtual size: 20KB