5eb4a68fd2b8064805f23ca1965ec6e806c8e26af7a9fc729cecdba962505ade

Sharing

Copy URL Twitter E-mail

General

Target

5eb4a68fd2b8064805f23ca1965ec6e806c8e26af7a9fc729cecdba962505ade
Size

884KB
MD5

4a4c95dee43795b1bad1151f27bf576b
SHA1

86fcaaafdf5a3a7c512965adf57c8c6bfbcf6c4e
SHA256

5eb4a68fd2b8064805f23ca1965ec6e806c8e26af7a9fc729cecdba962505ade
SHA512

ae7e9f505545509ae7e28a6e202806cac39a251f7dbe678087e178aa8e3f7e100658416cf2426b923ec769a59362b4fdf27b95c3f49be46fec06287e417e43ad
SSDEEP

24576:N+MixhMFFyF8J+hSPg0RzbXhMSm4Tcz79M46vf:N+MwOfFJBDhbXh5cfi46vf

Score

N/A

Malware Config

Signatures

Files

5eb4a68fd2b8064805f23ca1965ec6e806c8e26af7a9fc729cecdba962505ade
.exe windows x86

e5b0b8cd88dfadee04a78eb969d90dde

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TrackPopupMenu
CreateWindowExW
GetClientRect
GetMessagePos
RegisterClassW
ClientToScreen
EnableWindow
SetTimer
FrameRect
BeginPaint
DestroyMenu
MoveWindow
TranslateMessage
IsWindow
GetWindowTextLengthW
EndDialog
KillTimer
MapDialogRect
CheckMenuItem
CopyRect
GetWindowLongW
LoadIconW
DestroyAcceleratorTable
GetAsyncKeyState
EnableMenuItem
DestroyCaret
GetIconInfo
DeferWindowPos
RedrawWindow
SetScrollPos
UnhookWindowsHookEx
SetForegroundWindow
IsIconic
GetClassNameW
GetNextDlgGroupItem
ShowWindow
GetActiveWindow
GetFocus
UnpackDDElParam
DestroyIcon
SetActiveWindow
GetMenuItemCount
LoadBitmapW
LoadCursorW
DefWindowProcW
GetWindowDC
LoadMenuW
SetFocus
PostQuitMessage
GetMessageW
IsMenu
FillRect
TrackPopupMenuEx
RemoveMenu
SetRectEmpty
GetUpdateRect
SetWindowLongW
GetCapture
CallNextHookEx
CreateMenu
UpdateWindow
DestroyWindow
EnableScrollBar
DrawFocusRect
SetRect
InvalidateRect
IsWindowEnabled
CloseClipboard
GetSubMenu
GetDCEx
GetSystemMetrics
SetMenuDefaultItem
SetWindowPos
LockWindowUpdate
GetWindowRect
OpenClipboard
MessageBeep
SendMessageW
EndPaint
EqualRect
GetKeyState
SetMenu
IntersectRect
GetNextDlgTabItem
GetScrollPos
GetCursorPos
CreatePopupMenu
GetDlgItem
RegisterWindowMessageW
ReleaseDC
DestroyCursor
GetSysColorBrush
PtInRect
GetSysColor
GetDesktopWindow
GetMenuStringW
GetParent
DrawIconEx
MessageBoxW
AttachThreadInput
ShowScrollBar
SetCursor
GetDC
GetWindowThreadProcessId
TranslateAcceleratorW
SetMenuItemInfoW
InflateRect
DrawMenuBar
SetCapture
IsDialogMessageW
FlashWindow
GetTopWindow
InsertMenuItemW
ModifyMenuW
AdjustWindowRectEx
RegisterClassExW
LoadAcceleratorsW
ReleaseCapture
LoadImageW
DrawFrameControl
IsChild

ole32

StringFromGUID2
OleUninitialize
OleRegEnumVerbs
CoInitialize
CoGetClassObject
OleLockRunning
OleSetClipboard
CoTaskMemRealloc
CoLockObjectExternal
StringFromCLSID
OleIsCurrentClipboard
CreateILockBytesOnHGlobal
OleDuplicateData
OleRegGetUserType
DoDragDrop
CoInitializeSecurity
CreateStreamOnHGlobal
OleRegGetMiscStatus
CoTaskMemAlloc
RevokeDragDrop
StgCreateDocfile
OleRun
RegisterDragDrop
StgCreateDocfileOnILockBytes
ReleaseStgMedium
CreateOleAdviseHolder
StgOpenStorageOnILockBytes
CLSIDFromProgID
CoGetMalloc
CoTaskMemFree
CoCreateInstance
CoRegisterClassObject
OleFlushClipboard
CLSIDFromString
OleGetClipboard
OleInitialize
CoCreateGuid
CoFreeUnusedLibraries
CoRevokeClassObject
CoUninitialize

winmm

waveOutWrite
timeGetTime
mmioDescend
waveOutReset
mmioRead
waveOutPrepareHeader

winspool.drv

EnumPrintersA
GetPrinterDriverDirectoryA
EnumJobsA
ClosePrinter
DocumentPropertiesA
ord204
DeviceCapabilitiesA
AddPrinterDriverA
AddPrinterA
OpenPrinterA
EnumPrinterDriversA

kernel32

GetProcAddress
GetCPInfo
SetEnvironmentVariableA
GetModuleFileNameA
TlsGetValue
TlsFree
GetOEMCP
ReadFile
LCMapStringA
TlsAlloc
QueryPerformanceCounter
InterlockedExchange
GetTickCount
VirtualQuery
SetUnhandledExceptionFilter
HeapReAlloc
LeaveCriticalSection
HeapFree
GetStringTypeW
LoadLibraryA
FlushFileBuffers
TerminateProcess
HeapAlloc
VirtualFree
GetTimeZoneInformation
HeapDestroy
EnterCriticalSection
HeapCreate
GetModuleHandleA
RaiseException
LCMapStringW
CreateMutexW
GetCommandLineW
OutputDebugStringW
DeleteCriticalSection
IsBadReadPtr
WideCharToMultiByte
FreeEnvironmentStringsW
DebugBreak
HeapValidate
GetCurrentProcessId
SetLastError
GetConsoleCP
GetCurrentProcess
HeapSize
ExitProcess
CompareStringW
GetConsoleOutputCP
SetStdHandle
RtlUnwind
GetCurrentThreadId
GetStdHandle
GetFileType
InterlockedDecrement
WriteConsoleA
WriteFile
GetACP
GetStartupInfoA
SetHandleCount
LoadLibraryW
GetModuleHandleW
WriteConsoleW
TlsSetValue
GetEnvironmentStringsW
GetLastError
Sleep
SetConsoleCtrlHandler
OutputDebugStringA
SetFilePointer
GetDateFormatA
CloseHandle
UnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
CompareStringA
IsValidCodePage
CreateFileA
GetModuleFileNameW
GetStartupInfoW
GetTimeFormatA
VirtualAlloc
GetConsoleMode
GetLocaleInfoA
GetStringTypeA
InterlockedIncrement
GetSystemTimeAsFileTime
MultiByteToWideChar
IsDebuggerPresent

comdlg32

CommDlgExtendedError
GetSaveFileNameA
GetOpenFileNameA
ChooseColorA
PageSetupDlgA

comctl32

InitCommonControlsEx
ImageList_AddMasked
ord17
ImageList_GetIcon
ImageList_Draw
ImageList_ReplaceIcon
ImageList_GetImageCount
_TrackMouseEvent

gdi32

EnumFontFamiliesExW
DeleteObject
SelectObject
StretchDIBits
GetObjectW
GetDeviceCaps
CreateDCW
GetTextColor
DeleteDC

Sections

.text
Size: 220KB - Virtual size: 218KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 500KB - Virtual size: 499KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e5b0b8cd88dfadee04a78eb969d90dde

Headers

File Characteristics

Imports

user32

ole32

winmm

winspool.drv

kernel32

comdlg32

comctl32

gdi32

Sections

.text Size: 220KB - Virtual size: 218KB

.rdata Size: 500KB - Virtual size: 499KB

.data Size: 100KB - Virtual size: 97KB

.rsrc Size: 60KB - Virtual size: 57KB

.text
Size: 220KB - Virtual size: 218KB

.rdata
Size: 500KB - Virtual size: 499KB

.data
Size: 100KB - Virtual size: 97KB

.rsrc
Size: 60KB - Virtual size: 57KB