884de9273e952f5171abc09c84796dae[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

884de9273e952f5171abc09c84796dae.exe
Size

478KB
MD5

884de9273e952f5171abc09c84796dae
SHA1

fb9f2f8575e67b41ce0e18f1cb8e8b86f066e2c8
SHA256

e0233612d6f430952f891f3ca4d40ae4c825c428691a8bdff7b34f335beda674
SHA512

4b49669af8ec58920c80dc5831ee4cd277adaf6305d8947f29f2b08d2e9cf74ffab87aa59fdc42c10f3a8ebfdf46a36f6ebe2f07cf52ff11aec145810bf72ca9
SSDEEP

6144:MethZNvTbICmpn3SObr9VnlBRDRdt0Gh9L6Y4kxsl5QOc41zM4FpDJMxZs3:lhZN5unbnlRlhlhW5dDl

Score

N/A

Malware Config

Signatures

Files

884de9273e952f5171abc09c84796dae.exe
.exe windows x86

a22ae7ce35406a472da9cb3973bc2a94

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

advapi32

ChangeServiceConfig2W
ControlService
CloseEventLog
CloseServiceHandle
ClearEventLogA
CloseEncryptedFileRaw

shlwapi

PathFindFileNameW
PathRemoveFileSpecW
PathIsUNCW
PathFindExtensionW

winspool.drv

AddJobA
AddPortA

kernel32

LCMapStringW
GetProcessAffinityMask
WriteFile
GetModuleHandleA
GetACP
MulDiv
WriteConsoleW
FormatMessageW
LocalFree
UnlockFile
GlobalFlags
LoadResource
OutputDebugStringW
SetFilePointer
InterlockedIncrement
CreateTimerQueue
GetEnvironmentStringsW
InitializeSListHead
InitializeCriticalSection
GetStringTypeW
GlobalUnlock
LocalReAlloc
FreeEnvironmentStringsW
OutputDebugStringA
GlobalAlloc
HeapSize
GetThreadPriority
SetThreadPriority
FreeResource
SetFileTime
LoadLibraryA
FindResourceW
GetLongPathNameW
GetUserDefaultLCID
GetModuleFileNameA
CreateDirectoryW
SwitchToThread
GetStdHandle
GetFileSizeEx
GetLastError
LoadLibraryW
GetModuleHandleExW
DuplicateHandle
DeleteTimerQueueTimer
GetProcAddress
LocalAlloc
LocalFileTimeToFileTime
SetLastError
TlsGetValue
GetCommandLineA
SetUnhandledExceptionFilter
LockResource
ExitProcess
GetFileTime
HeapReAlloc
GetCurrentProcess
CreateEventW
ReadFile
CreateTimerQueueTimer
GlobalLock
EnumSystemLocalesW
GetSystemDirectoryW
SetStdHandle
LeaveCriticalSection
GetFileSize
VirtualProtect
TlsSetValue
QueryPerformanceCounter
RaiseException
GetProcessHeap
GlobalAddAtomW
Sleep
HeapAlloc
IsDBCSLeadByteEx
SetFileAttributesW
FindClose
CloseHandle
GetConsoleCP
AreFileApisANSI
SetEvent
CreateFileW
DeleteCriticalSection
IsDebuggerPresent
GetFileType
GetCurrentThreadId
RemoveDirectoryW
HeapFree
VirtualFree
WaitForSingleObject
GlobalReAlloc
GetCurrentThread
GetCPInfo
SystemTimeToFileTime
WaitForSingleObjectEx
TlsFree
SizeofResource
lstrcmpA
GetLocaleInfoW
SetEndOfFile
ReadConsoleW
MoveFileW
GetVolumeInformationW
CreateThread
GetModuleHandleW
FileTimeToLocalFileTime
FindNextFileW
GetFullPathNameW
IsDBCSLeadByte
DeleteFileW
EnterCriticalSection
GetModuleFileNameW

ole32

CoCreateGuid
CoUninitialize

shell32

SHCreateShellItem
RealShellExecuteExW
SHCreateDirectoryExA
SHFreeNameMappings

gdi32

GetStockObject
GetClipBox
SetViewportExtEx
SetMapMode
DeleteObject
ScaleViewportExtEx
SelectObject
SetBkMode
CreatePen
SetTextColor
SetBkColor
SetWindowExtEx
SaveDC
TranslateCharsetInfo
CreateBitmap
RestoreDC
SetViewportOrgEx
GetTextExtentPoint32W

user32

EndPaint
IsWindowEnabled
GetSystemMetrics
IntersectRect
DispatchMessageW
GetMessagePos
GetMenu
SetPropW
GetSubMenu
MonitorFromWindow
GetWindow
GetCapture
GetLastActivePopup
SetWindowPos
DestroyMenu
GetClassInfoExW
BeginPaint
CreatePopupMenu
PostQuitMessage
LoadCursorW
ShowWindow
GetDlgCtrlID
MessageBoxW
GetNextDlgTabItem
GetClientRect
RegisterClassW
SetActiveWindow
RemovePropW
EnableWindow
SetFocus
GetSysColorBrush
GetCursorPos
IsWindowVisible
LoadBitmapW
SetWindowsHookExW
GetKeyState
GetFocus
GrayStringW
LoadIconW
GetMenuItemCount
GetMenuCheckMarkDimensions
GetDlgItem
ClientToScreen
CopyRect
EnableMenuItem
UpdateWindow
SetWindowTextW
SetForegroundWindow
GetWindowThreadProcessId
GetDC
ScreenToClient
GetDesktopWindow
CharToOemA
GetMessageTime
TrackPopupMenu
GetWindowLongW
KillTimer
PeekMessageW
ValidateRect
GetForegroundWindow
GetParent
EndDialog
GetWindowRect
SetTimer
DestroyIcon
GetPropW
GetSysColor
SetCursor
RegisterWindowMessageW
MapWindowPoints
GetClassLongW
CreateWindowExW
ReleaseDC
InvalidateRect
GetClassNameW
GetTopWindow

Sections

.text
Size: 79KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 216KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 1024B - Virtual size: 768B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a22ae7ce35406a472da9cb3973bc2a94

Headers

File Characteristics

Imports

advapi32

shlwapi

winspool.drv

kernel32

ole32

shell32

gdi32

user32

Sections

.text Size: 79KB - Virtual size: 80KB

.data Size: 216KB - Virtual size: 216KB

.rdata Size: 152KB - Virtual size: 151KB

.bss Size: - Virtual size: 16KB

.idata Size: 16KB - Virtual size: 15KB

.CRT Size: 1024B - Virtual size: 768B

.tls Size: 512B - Virtual size: 32B

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 79KB - Virtual size: 80KB

.data
Size: 216KB - Virtual size: 216KB

.rdata
Size: 152KB - Virtual size: 151KB

.bss
Size: - Virtual size: 16KB

.idata
Size: 16KB - Virtual size: 15KB

.CRT
Size: 1024B - Virtual size: 768B

.tls
Size: 512B - Virtual size: 32B

.rsrc
Size: 12KB - Virtual size: 11KB