0fbb8d7edafaeb19f4e4f94312ccd39a84dc04accfd78b8c9c6bea333cdf0e50

Sharing

Copy URL Twitter E-mail

General

Target

0fbb8d7edafaeb19f4e4f94312ccd39a84dc04accfd78b8c9c6bea333cdf0e50
Size

456KB
MD5

1f78beea96380ca0d773cee70f035ce6
SHA1

3c5b14f53c8930647a0dc876bacc85752e817b27
SHA256

0fbb8d7edafaeb19f4e4f94312ccd39a84dc04accfd78b8c9c6bea333cdf0e50
SHA512

e7d9f8b3fd4277b461d89ebab2c200f6e6e4fb02dfc171e12b89ae3d8378aee75ca0b5ea89629a30eccd2f074ab9e484115849cf37e5fa4ad4deab7ddbd49727
SSDEEP

6144:Pg2ZHb/clPg4tdlWFyf/0HniY3TLTYLzE5hyi1+2Gd:BZYBdQFs7Y3TLTYLzKhyi1m

Score

N/A

Malware Config

Signatures

Files

0fbb8d7edafaeb19f4e4f94312ccd39a84dc04accfd78b8c9c6bea333cdf0e50
.exe windows x86

cf2ff0c0fe9306f4558525d21eb2e402

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

hpgreg32

ord5

ipeapi12

?Set@IPE@@UAEHHABVEVALUE@@@Z
?Cancel@IPE@@UAEHXZ
?Name@IPE@@UBEPBDXZ
?ClassID@IPE@@UBE?AW4CLASS_ID@@XZ
?IsA@IPE@@UBEEW4CLASS_ID@@@Z
?AttachSource@IPE@@QAEHPAVESOURCE@@@Z
?QuerySources@IPE@@QAEHPAPAPAVESOURCE@@@Z
??0IPE@@QAE@XZ
??1IPE@@UAE@XZ
?SetRect@EREGION@@QAEHPAVERECTANGLE@@@Z
?MakeNewRegion@IPE@@QAEPAVEREGION@@W4CLASS_ID@@@Z
?GetRect@EREGION@@QAEHPAPBVERECTANGLE@@@Z
?QueryRegions@IPE@@QAEHPAPAVEREGION@@@Z
?AttachDestination@IPE@@QAEHPAVEDESTINATION@@@Z
?QueryDestinations@IPE@@QAEHPAPAPAVEDESTINATION@@@Z
?ReleaseLabel@IPE@@QAEXH@Z
?Sink@IPE@@QAEHHPAVPROGRESSINFO@@@Z
?DeleteRegion@IPE@@QAEHPAVEREGION@@@Z
?AllocateNewLabel@IPE@@QAEHXZ
?PrepareToAcquire@IPE@@QAEHXZ
?DocDone@IPE@@QAEHXZ
?DocSetup@IPE@@QAEHXZ
?Done@IPE@@UAEHXZ

ipebase12

??BEVALUE@@QBEHXZ
?Setup@EOBJECT@@UAEHXZ
?Get@EOBJECT@@UAEHHPAVEVALUE@@@Z
??0EVALUE@@QAE@XZ
??0EVALUE@@QAE@HPAVEVALUE_BOUNDS@@@Z
?SetWidth@ERECTANGLE@@QAEXM@Z
??0EVALUE@@QAE@PAXPAVEVALUE_BOUNDS@@@Z
??1EVALUE@@QAE@XZ
??0ERESOLUTION@@QAE@M@Z
??0EPOINT@@QAE@MM@Z
??0EVALUE@@QAE@NPAVEVALUE_BOUNDS@@@Z
?Prepare@ESTRATEGY@@MAEXXZ
??_7ESTRATEGY@@6B@
??0EOBJECT@@QAE@XZ
??_7PROGRESSINFO@@6B@
?Set@ERECTANGLE@@QAEXMMMM@Z
?Top@ERECTANGLE@@QBEMXZ
?Left@ERECTANGLE@@QBEMXZ
?SetResolution@ECOORDXLATOR@@QAEXABVERESOLUTION@@@Z
?GetResolution@ECOORDXLATOR@@QBEXPAVERESOLUTION@@@Z
??0ERESOLUTION@@QAE@XZ
?SetBottom@ERECTANGLE@@QAEXM@Z
?Bottom@ERECTANGLE@@QBEMXZ
?SetRight@ERECTANGLE@@QAEXM@Z
?Right@ERECTANGLE@@QBEMXZ
??0ERECTANGLE@@QAE@PBVECOORDXLATOR@@@Z
?MakeVisible@PROGRESSINFO@@UAEXE@Z
?SetWeight@PROGRESSINFO@@UAEXPBVEBASEOBJECT@@F@Z
?Name@PROGRESSINFO@@UBEPBDXZ
?ClassID@PROGRESSINFO@@UBE?AW4CLASS_ID@@XZ
?IsA@PROGRESSINFO@@UBEEW4CLASS_ID@@@Z
??1ESTRATEGY@@UAE@XZ
??1EOBJECT@@UAE@XZ
??_7EOBJECT@@6B@
?SetHeight@ERECTANGLE@@QAEXM@Z
?SetCoordinateSpace@ECOORDXLATOR@@QAEXABVERESOLUTION@@ABVEPOINT@@@Z
??0EVALUE@@QAE@EPAVEVALUE_BOUNDS@@@Z
?Set@ESTRATEGY@@UAEHHAAVEVALUE@@@Z
??0EBASEOBJECT@@QAE@XZ

kernel32

MultiByteToWideChar
LocalFree
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
WideCharToMultiByte
lstrcpynA
GetCurrentThread
lstrcmpA
GlobalFlags
LocalAlloc
InitializeCriticalSection
TlsAlloc
DeleteCriticalSection
InterlockedIncrement
MulDiv
LeaveCriticalSection
GlobalReAlloc
EnterCriticalSection
TlsSetValue
LocalReAlloc
TlsGetValue
GetProcessVersion
GetCPInfo
GetOEMCP
SetLastError
GetCurrentProcess
WriteFile
SetFilePointer
FlushFileBuffers
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
HeapFree
RaiseException
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapAlloc
InterlockedDecrement
HeapReAlloc
HeapSize
GetACP
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
GetVersion
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
LockResource
FindResourceA
LoadResource
OutputDebugStringA
GetLastError
GetProcAddress
GlobalAlloc
lstrlenA
GetProfileStringA
GlobalFree
ReleaseSemaphore
WaitForSingleObject
GetCurrentProcessId
CloseHandle
CreateSemaphoreA
GlobalLock
GlobalUnlock
lstrcpyA
Sleep
GetSystemDefaultLangID
FreeLibrary
GetModuleFileNameA
FindFirstFileA
TerminateProcess
LoadLibraryA
SetErrorMode
GlobalHandle
TlsFree

user32

SetWindowPos
IsWindow
SetActiveWindow
EndDialog
GetNextDlgTabItem
GetWindowPlacement
SystemParametersInfoA
DestroyWindow
CreateDialogIndirectParamA
SetWindowLongA
GetWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
DefWindowProcA
GetDlgCtrlID
GetWindowTextA
GetWindowTextLengthA
GetMenuItemID
GetSubMenu
GetMenuItemCount
GetMenu
RegisterClassA
GetClassInfoA
UnhookWindowsHookEx
wsprintfA
GetCapture
GetTopWindow
IsWindowVisible
CopyRect
ScreenToClient
AdjustWindowRectEx
SetFocus
GetFocus
GetSysColor
MapWindowPoints
SendDlgItemMessageA
UpdateWindow
CheckDlgButton
CheckRadioButton
IsDlgButtonChecked
IsDialogMessageA
SetWindowTextA
MoveWindow
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
WinHelpA
IsWindowEnabled
ClientToScreen
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
LoadStringA
WindowFromPoint
GetCursorPos
ValidateRect
GetMessageA
GetClassNameA
GetSysColorBrush
DestroyMenu
TranslateMessage
DispatchMessageA
SetCursor
GetActiveWindow
PeekMessageA
GetLastActivePopup
SetForegroundWindow
GetDC
LoadBitmapA
ReleaseDC
OffsetRect
GetKeyState
PtInRect
MessageBoxA
GetScrollPos
GetScrollRange
SetScrollRange
SetScrollPos
GetDesktopWindow
InvalidateRect
GetSystemMetrics
GetClientRect
DrawIcon
RegisterWindowMessageA
IsIconic
IsZoomed
FindWindowA
ShowWindow
PostMessageA
LoadIconA
PostQuitMessage
GetWindowRect
SendMessageA
KillTimer
SetTimer
EnableWindow
GetParent
GetWindowLongA
GetMenuState
LoadCursorA
GetMenuCheckMarkDimensions
GetDlgItem
UnregisterClassA

gdi32

CreateCompatibleDC
CreateDCA
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateSolidBrush
DeleteObject
DeleteDC
CreateCompatibleBitmap
Rectangle
GetClipBox
SetTextColor
SetBkColor
GetObjectA
CreateBitmap
SaveDC
RestoreDC
SelectObject
GetStockObject
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetDeviceCaps
BitBlt

comdlg32

CommDlgExtendedError
PrintDlgA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegQueryValueExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA

comctl32

ord17

ole32

CoInitialize
CoCreateInstance
CoUninitialize

Sections

.text
Size: 112KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 296KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cf2ff0c0fe9306f4558525d21eb2e402

Headers

File Characteristics

Imports

hpgreg32

ipeapi12

ipebase12

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

ole32

Sections

.text Size: 112KB - Virtual size: 109KB

.rdata Size: 32KB - Virtual size: 29KB

.data Size: 12KB - Virtual size: 24KB

.rsrc Size: 296KB - Virtual size: 296KB

.text
Size: 112KB - Virtual size: 109KB

.rdata
Size: 32KB - Virtual size: 29KB

.data
Size: 12KB - Virtual size: 24KB

.rsrc
Size: 296KB - Virtual size: 296KB