97ef0de123377b780886dc9958c02836009c60c46adcfa433e775f1f979e2ef0

Sharing

Copy URL Twitter E-mail

General

Target

97ef0de123377b780886dc9958c02836009c60c46adcfa433e775f1f979e2ef0
Size

300KB
MD5

112c119236e4459fd0bf614474c86b12
SHA1

15e5c2b999b30bc8cba8f380dab16117d86266ac
SHA256

97ef0de123377b780886dc9958c02836009c60c46adcfa433e775f1f979e2ef0
SHA512

c0b327e492ad8d74016f25651476313b9918a940a056067aef91a8fdb53c8959e119e5c1d03e82cdde5154ae9cbf799e2802e48dfd09778141d9caa2296f2ba8
SSDEEP

6144:0fBDCInGdGCrs+x8vfle+Uyx0fOIPMMoniak2Ejl4xklHUX:0JDCczkx8vf0K0fDMOaup4KCX

Score

N/A

Malware Config

Signatures

Files

97ef0de123377b780886dc9958c02836009c60c46adcfa433e775f1f979e2ef0
.exe windows x86

3d91daba392f40c2dca416702c1c3371

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsWindow
GetFocus
GetClientRect
GetKeyState
ClipCursor
TranslateMessage
SendMessageW
SetRect
InvalidateRect
SetWindowPos
CopyRect
ReleaseCapture
ReleaseDC
SetParent
EnableWindow
SetRectEmpty
CloseClipboard
UpdateWindow
CreatePopupMenu
EmptyClipboard
GetClipboardData
GetParent
TrackPopupMenuEx
UnionRect
PtInRect
DestroyMenu
IsRectEmpty
wsprintfW
ClientToScreen
GetWindowRect
GetDesktopWindow
SetCapture
RedrawWindow
GetDC
SetCursor
OpenClipboard
EnumWindowStationsW
LoadCursorW
OffsetRect
FillRect
SetClipboardData
IntersectRect
EqualRect
ScreenToClient

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

winmm

timeGetTime

kernel32

_llseek
InterlockedExchange
GetLastError
GetTempFileNameW
CloseHandle
DeleteCriticalSection
GetVersionExW
GetTickCount
InterlockedIncrement
FindFirstFileW
FreeLibrary
SetThreadAffinityMask
GetLocaleInfoA
InterlockedDecrement
LoadLibraryW
GetModuleFileNameA
lstrlenW
GetFullPathNameW
EnterCriticalSection
CopyFileW
GlobalUnlock
LocalFree
Sleep
TerminateProcess
FindClose
lstrlenA
DeleteFileW
LocalAlloc
GetThreadLocale
GetProcessIoCounters
GetCurrentThreadId
WideCharToMultiByte
GlobalLock
GlobalAlloc
GetTempPathW
InitializeCriticalSection
GetACP
ReadFile
DisableThreadLibraryCalls
SetFileAttributesW
GetModuleFileNameW
CreateDirectoryW
LeaveCriticalSection
RemoveDirectoryW
GetCurrentProcessId
ExitProcess
GetSystemTimeAsFileTime
GetProcAddress
OutputDebugStringW
GetVersionExA
FindNextFileW
QueryPerformanceCounter
CreateFileW
MultiByteToWideChar
GetFileAttributesExW

shlwapi

PathIsDirectoryW
PathAppendW
PathAddBackslashW
PathRenameExtensionW
PathRemoveBackslashW
PathIsRelativeW
PathRemoveFileSpecW
PathCombineW
PathFileExistsW

ole32

StringFromGUID2
CoInitialize
CoFreeUnusedLibraries
CoUninitialize
CoCreateInstance

Sections

.text
Size: 292KB - Virtual size: 292KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bomex
Size: 4KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3d91daba392f40c2dca416702c1c3371

Headers

File Characteristics

Imports

user32

winspool.drv

winmm

kernel32

shlwapi

ole32

Sections

.text Size: 292KB - Virtual size: 292KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 103KB - Virtual size: 103KB

.bomex Size: 4KB - Virtual size: 24KB

.text
Size: 292KB - Virtual size: 292KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 103KB - Virtual size: 103KB

.bomex
Size: 4KB - Virtual size: 24KB