c11a300b33b81c2668341025a8cee25d5b1d9fd29af16ad980c5fe47eebd8e3e

Sharing

Copy URL Twitter E-mail

General

Target

c11a300b33b81c2668341025a8cee25d5b1d9fd29af16ad980c5fe47eebd8e3e
Size

499KB
MD5

56c94dadf70d817f5b0466d57c7205e1
SHA1

26caa605c936ca76058a5bcc36ea57edf1b247fe
SHA256

c11a300b33b81c2668341025a8cee25d5b1d9fd29af16ad980c5fe47eebd8e3e
SHA512

c8bc83eb0979ff5d7fef2b924f931ef2f20a00ea8815d230eb3c27a49fab288b1bfe979a4825a8dece5ca6429a4e8b6474ac0093e3eb8fe8f810bbce6b3ed1c3
SSDEEP

12288:+qDWecMS5sl1fpyWkrcTtZhzhQTlC+MuP923h:XaJO1fphZYTlhB923h

Score

N/A

Malware Config

Signatures

Files

c11a300b33b81c2668341025a8cee25d5b1d9fd29af16ad980c5fe47eebd8e3e
.exe windows x86

b8b697528f0fcc495427f5ee172ef9d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

Imports

version

VerQueryValueW

kernel32

SetEndOfFile
CreateFileW
SetErrorMode
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoW
RtlUnwind
ExitProcess
GetSystemTimeAsFileTime
HeapReAlloc
RaiseException
HeapSize
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
VirtualFree
QueryPerformanceCounter
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
Sleep
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
VirtualAlloc
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetThreadLocale
lstrlenA
InterlockedIncrement
GlobalFlags
WritePrivateProfileStringW
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetCurrentProcessId
GetModuleHandleA
GlobalFindAtomW
LoadLibraryA
GetVersionExA
GlobalAddAtomW
GlobalFree
GlobalUnlock
FormatMessageW
LocalFree
lstrlenW
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
lstrcmpA
GetLocaleInfoW
WideCharToMultiByte
InterlockedExchange
GlobalLock
lstrcmpW
InterlockedDecrement
GetModuleHandleW
SetLastError
GetTickCount
GetModuleFileNameW
GetCurrentProcess
GetLongPathNameW
FreeLibrary
EnumResourceLanguagesW
FreeResource
GetCommandLineW
ReleaseMutex
WaitForSingleObject
MultiByteToWideChar
CreateMutexW
LockResource
LoadResource
CloseHandle
FindResourceW
SizeofResource
GetProcAddress
LoadLibraryW
GetVersion
GetLastError
GlobalAlloc
ExpandEnvironmentStringsW
HeapCreate

user32

DestroyMenu
GetSysColorBrush
UnregisterClassW
GetWindowThreadProcessId
EndPaint
BeginPaint
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
IsWindowEnabled
ShowWindow
SetWindowTextW
RegisterWindowMessageW
LoadIconW
WinHelpW
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetWindowTextW
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
UnregisterClassA
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetWindow
SetCursor
GetMenuItemID
GetMenuItemCount
GetSubMenu
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageW
GetLastActivePopup
GetCursorPos
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
PostMessageW
UnhookWindowsHookEx
SystemParametersInfoW
GetWindowLongW
SetWindowLongW
EnableWindow
PostQuitMessage
LoadCursorW
SetClassLongW
SendMessageW
KillTimer
ValidateRect
InvalidateRect
SetWindowRgn
FillRect
GetSysColor
ReleaseDC
GetDC
IsWindow
SetTimer
SetRect
MessageBoxW
GetMessageTime

gdi32

GetStockObject
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetDIBits
SetMapMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
CreateBitmap
StretchBlt
DeleteObject
SetBkMode
CreateSolidBrush
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
SelectObject
BitBlt
CombineRgn
CreateRectRgn

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegQueryValueW
RegEnumKeyW
RegOpenKeyW
RegDeleteKeyW
RegSetValueExW
RegDeleteValueW
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyExW
RegCloseKey

shell32

ShellExecuteExW

shlwapi

PathFindFileNameW
PathFindExtensionW

ole32

CreateStreamOnHGlobal

oleaut32

OleLoadPicture
VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 291KB - Virtual size: 291KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 15KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b8b697528f0fcc495427f5ee172ef9d4

Headers

File Characteristics

Imports

version

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

Sections

.text Size: 291KB - Virtual size: 291KB

.rdata Size: 90KB - Virtual size: 89KB

.data Size: 15KB - Virtual size: 31KB

.rsrc Size: 96KB - Virtual size: 100KB

.text
Size: 291KB - Virtual size: 291KB

.rdata
Size: 90KB - Virtual size: 89KB

.data
Size: 15KB - Virtual size: 31KB

.rsrc
Size: 96KB - Virtual size: 100KB