ef015e67b827be01e1aec8da82eaf3c39e7e79eaf2d3fed6df3359218c1ae3d6

Sharing

Copy URL Twitter E-mail

General

Target

ef015e67b827be01e1aec8da82eaf3c39e7e79eaf2d3fed6df3359218c1ae3d6
Size

752KB
MD5

6fe8a3e588a57ff57415001a31536500
SHA1

eb742a0a52b5531d7c923295ca3b6e3ad0822416
SHA256

ef015e67b827be01e1aec8da82eaf3c39e7e79eaf2d3fed6df3359218c1ae3d6
SHA512

28ff2b42fb1f6477511d782f5be1c643200d7644836710cb8ce1d01082341a9893a1819024f3d9429486117b2d03bbb41a45ae56dcd8514311cd09c732c9e96a
SSDEEP

12288:UgSaA7/Ok4s9kbL/Ai646N14JR28mb/11mjz4CtAC/OYT13P++nSsP1:UgSaZk4f/d64I4PRmL11mjz4CCC/BThR

Score

N/A

Malware Config

Signatures

Files

ef015e67b827be01e1aec8da82eaf3c39e7e79eaf2d3fed6df3359218c1ae3d6
.exe windows x86

9c52c9380be76336f2c535d85066b265

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableA
GetLocaleInfoW
SetStdHandle
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
IsBadCodePtr
IsBadReadPtr
GetTimeZoneInformation
LCMapStringW
LCMapStringA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
QueryPerformanceFrequency
GetStringTypeW
GetStringTypeA
SetUnhandledExceptionFilter
GetCurrentProcessId
QueryPerformanceCounter
IsBadWritePtr
VirtualFree
HeapCreate
HeapDestroy
HeapSize
HeapReAlloc
TerminateProcess
GetCommandLineA
GetStartupInfoA
GetSystemTimeAsFileTime
ExitProcess
RtlUnwind
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapFree
HeapAlloc
IsDBCSLeadByte
GetLocalTime
FreeConsole
AllocConsole
WriteConsoleA
SetErrorMode
GetOEMCP
GetCPInfo
GetFileTime
GetFileAttributesA
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GlobalFlags
WritePrivateProfileStringA
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
RaiseException
InterlockedIncrement
GlobalGetAtomNameA
GlobalFindAtomA
lstrcatA
lstrcmpW
FreeResource
GlobalAddAtomA
InterlockedDecrement
GetCurrentThread
GetCurrentThreadId
GlobalDeleteAtom
lstrcmpA
GetModuleFileNameA
GetModuleHandleA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
SetLastError
GlobalFree
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
lstrcpynA
LocalFree
GetProcAddress
CloseHandle
LoadLibraryA
FreeLibrary
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FindResourceA
LoadResource
LockResource
SizeofResource
GetTickCount
CompareStringW
CompareStringA
lstrlenA
lstrlenW
InterlockedExchange
lstrcmpiA
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
GetStdHandle

user32

GetClassNameA
SetPropA
GetPropA
RemovePropA
IsChild
SetActiveWindow
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
GetScrollRange
SetScrollPos
UpdateWindow
GetMenu
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
GetClassInfoA
RegisterClassA
UnregisterClassA
DefWindowProcA
CallWindowProcA
OffsetRect
IntersectRect
IsIconic
EndPaint
GetClassInfoExA
CharUpperA
IsWindowUnicode
GetCursor
RegisterClassExA
LoadIconA
SetWindowPos
GetSystemMetrics
GetWindowRect
SystemParametersInfoA
GetWindowPlacement
CopyRect
PtInRect
GetWindow
SetWindowContextHelpId
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
SetWindowsHookExA
CallNextHookEx
GetMessageA
GetClassLongA
GetCapture
WinHelpA
RegisterWindowMessageA
TabbedTextOutA
DrawTextA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
MessageBoxA
GetLastActivePopup
SetCursor
GetWindowTextLengthA
GetWindowTextA
DrawTextExA
GrayStringA
ClientToScreen
GetWindowDC
BeginPaint
LoadCursorA
SetForegroundWindow
GetForegroundWindow
DestroyWindow
IsWindow
CreateWindowExA
ShowWindow
PostMessageA
SendMessageA
LoadBitmapA
EnableWindow
FillRect
GetDC
ReleaseDC
InvalidateRect
ShowScrollBar
GetClientRect
BringWindowToTop
OpenIcon
SetTimer
KillTimer
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
PostQuitMessage
UnhookWindowsHookEx
GetDlgItem
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamA
GetDesktopWindow
CharNextA
GetSysColorBrush
wsprintfA
IsRectEmpty
SetRect
CopyAcceleratorTableA
InvalidateRgn
SetCapture
ReleaseCapture
GetNextDlgGroupItem
MessageBeep
DestroyMenu
RegisterClipboardFormatA
PostThreadMessageA
UnionRect
WindowFromPoint
MapDialogRect
SendDlgItemMessageA
IsDialogMessageA
GetWindowLongA
SetWindowTextA
GetDlgCtrlID
SetWindowLongA
MoveWindow
IsWindowEnabled
SetFocus
GetParent
GetFocus

gdi32

DeleteObject
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
GetTextMetricsA
SetMapMode
RestoreDC
SaveDC
GetClipBox
CreateBitmap
GetDeviceCaps
CreateFontA
GetObjectA
CreateFontIndirectA
CreatePatternBrush
CreateSolidBrush
BitBlt
SetDIBitsToDevice
GetGlyphOutlineA
CreateDIBSection
CreateCompatibleDC
SetTextColor
SetBkColor
SetBkMode
ExtSelectClipRgn
GetTextExtentPoint32A
GetStockObject

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

shell32

ShellExecuteA

comctl32

FlatSB_EnableScrollBar
InitializeFlatSB
ord17

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
OleUninitialize
OleInitialize
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoFreeUnusedLibraries
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoCreateInstance
CoInitialize

oleaut32

VariantCopy
SafeArrayCreate
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocString
SafeArrayDestroy
SystemTimeToVariantTime
OleCreateFontIndirect
VariantInit
VariantChangeType
VariantClear
SysAllocStringByteLen
SysStringLen
SysAllocStringLen
SysFreeString

ws2_32

WSACleanup
WSAStartup
bind
connect
sendto
recvfrom
closesocket
send
recv
ntohs
inet_addr
gethostbyname
htons
WSASetLastError
listen
WSAGetLastError
getpeername
accept
socket
select
WSAAsyncSelect
htonl

Sections

.text
Size: 520KB - Virtual size: 518KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 124KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9c52c9380be76336f2c535d85066b265

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

Sections

.text Size: 520KB - Virtual size: 518KB

.rdata Size: 124KB - Virtual size: 120KB

.data Size: 16KB - Virtual size: 45KB

.rsrc Size: 88KB - Virtual size: 85KB

.text
Size: 520KB - Virtual size: 518KB

.rdata
Size: 124KB - Virtual size: 120KB

.data
Size: 16KB - Virtual size: 45KB

.rsrc
Size: 88KB - Virtual size: 85KB