dffa6b812995fa1ef85ee8bd50d1c8171a988ac8f51fcf5b72daa01e83367b0e

Sharing

Copy URL Twitter E-mail

General

Target

dffa6b812995fa1ef85ee8bd50d1c8171a988ac8f51fcf5b72daa01e83367b0e
Size

788KB
MD5

7c678dd0548948540d8b2b527d6cb4f6
SHA1

c6e095fcc8f42964a8850bf46f7bd052a6fb29ce
SHA256

dffa6b812995fa1ef85ee8bd50d1c8171a988ac8f51fcf5b72daa01e83367b0e
SHA512

116e0e133f68cddb2b02950a296c3b9f02256dfa960ac18b31bec153f470f646dcb6f930a411558ee213acba6621a51a7eb0f2db97698f4042273863569e98ef
SSDEEP

12288:i6idwP4BaNJIwRv8Hs174nOGdNDbEZx2ySzv1WxiYYfKcr08Td4dGMaSWANvuPiK:i6iGP4BCIwInOGe0pzv1WxiYYfKch

Score

N/A

Malware Config

Signatures

Files

dffa6b812995fa1ef85ee8bd50d1c8171a988ac8f51fcf5b72daa01e83367b0e
.exe windows x86

948af21291645cea2b46f4c60c9845be

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsZoomed
GetSubMenu
InflateRect
PostQuitMessage
MessageBeep
ClientToScreen
PostThreadMessageA
GetSysColor
GetWindowPlacement
SetForegroundWindow
SetParent
GetParent
IsWindowEnabled
LoadIconA
GetDC
DrawTextExA
SetCursor
RegisterWindowMessageA
DestroyIcon
GetWindowTextLengthA
LoadAcceleratorsA
GetWindowThreadProcessId
DispatchMessageA
OffsetRect
GetMenuItemID
LoadStringA
SetRectEmpty
SetWindowTextA
DrawTextA
SetMenuItemBitmaps
GetNextDlgTabItem
InvalidateRect
DestroyAcceleratorTable
DrawFrameControl
DestroyWindow
IsWindow
GetDlgCtrlID
RegisterClassA
LoadBitmapA
MessageBoxA
EnableWindow
RedrawWindow
SetCapture
PeekMessageA
MoveWindow
CallWindowProcA
GetTopWindow
RegisterClassExA
IsMenu
GetFocus
DefWindowProcA
ShowWindow
CharNextA
CreateWindowExA
ReleaseCapture
DestroyCursor
TrackPopupMenu
OpenClipboard
FillRect
SetFocus

advapi32

RegSetValueExA
FreeSid
OpenServiceA
OpenProcessToken
RegCloseKey
GetSidSubAuthorityCount
RegQueryValueA
RegQueryInfoKeyA
GetTokenInformation

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter
EnumPrintersA
GetPrinterA
ord204

shell32

SHAppBarMessage
SHFileOperationA
ord155
ExtractIconA

shlwapi

PathFileExistsA
PathIsUNCA
PathRemoveFileSpecA
PathIsDirectoryA
PathFindFileNameA
PathFindExtensionA
PathAddBackslashA

gdi32

CreateBitmap
GetObjectA
OffsetViewportOrgEx
DeleteObject
PtVisible
CreateDCA
CombineRgn
DeleteDC
SelectObject
GetDeviceCaps
SetWindowExtEx

oleaut32

LoadTypeLi

kernel32

GetCurrentThreadId
GetProcAddress
SetEnvironmentVariableA
FreeEnvironmentStringsA
GetFileType
TlsAlloc
SetUnhandledExceptionFilter
GetVersionExA
RtlUnwind
GetDateFormatA
TlsFree
HeapAlloc
HeapFree
CreateMutexA
SetLastError
RaiseException
CompareStringA
VirtualQuery
GetSystemTimeAsFileTime
TerminateProcess
InterlockedExchange
LCMapStringW
QueryPerformanceCounter
GetEnvironmentStringsW
FlushFileBuffers
GetStringTypeW
GetStdHandle
DeleteCriticalSection
GetModuleFileNameA
LoadLibraryA
LeaveCriticalSection
HeapDestroy
TlsSetValue
HeapSize
GetSystemInfo
GetLastError
UnhandledExceptionFilter
SetFilePointer
GetCPInfo
VirtualProtect
GetEnvironmentStrings
LCMapStringA
GetCurrentProcess
HeapCreate
GetStartupInfoA
GetTimeZoneInformation
IsBadCodePtr
SetHandleCount
GetCommandLineA
SetStdHandle
GetCurrentProcessId
GetTickCount
WideCharToMultiByte
EnterCriticalSection
GetModuleHandleA
CloseHandle
TlsGetValue
CompareStringW
MultiByteToWideChar
WriteFile
ExitProcess
VirtualFree
GetLocaleInfoA
GetACP
InitializeCriticalSection
VirtualAlloc
FreeEnvironmentStringsW
GetTimeFormatA
GetStringTypeA
GetOEMCP
HeapReAlloc
ReadFile

comctl32

PropertySheetA
ImageList_Remove
ImageList_DragShowNolock
ImageList_Create
ImageList_ReplaceIcon
ImageList_BeginDrag
ImageList_Replace
ImageList_SetDragCursorImage
ImageList_EndDrag
ord17
ImageList_Destroy
ImageList_GetImageCount
ImageList_Add
ImageList_GetIcon
CreatePropertySheetPageA
ImageList_DragMove
ImageList_GetImageInfo
ImageList_Draw
DestroyPropertySheetPage
ImageList_DragLeave
ImageList_SetBkColor
ImageList_GetIconSize
ImageList_LoadImageA
ImageList_DragEnter
ImageList_AddMasked

Sections

.text
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 472KB - Virtual size: 471KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

948af21291645cea2b46f4c60c9845be

Headers

File Characteristics

Imports

user32

advapi32

winspool.drv

shell32

shlwapi

gdi32

oleaut32

kernel32

comctl32

Sections

.text Size: 100KB - Virtual size: 97KB

.rdata Size: 472KB - Virtual size: 471KB

.data Size: 108KB - Virtual size: 106KB

.rsrc Size: 104KB - Virtual size: 103KB

.text
Size: 100KB - Virtual size: 97KB

.rdata
Size: 472KB - Virtual size: 471KB

.data
Size: 108KB - Virtual size: 106KB

.rsrc
Size: 104KB - Virtual size: 103KB