9fe11d86ba283faf7be499cb67e4420bc7a34cd50541e11471b12bfe7326377e

Sharing

Copy URL Twitter E-mail

General

Target

9fe11d86ba283faf7be499cb67e4420bc7a34cd50541e11471b12bfe7326377e
Size

664KB
MD5

616d81dd5c77ed1bc7e7d766db959980
SHA1

673bbf247421fc7257d8fe3c8c112049481c164a
SHA256

9fe11d86ba283faf7be499cb67e4420bc7a34cd50541e11471b12bfe7326377e
SHA512

c9bbbf140efc9022bfed0e5ddf51feb846de27f39c9ca140314f234bc4d5c0f39af21842a2adbbbbb3d421532d8b7e452f84935ecaf330e5cbdb1651a09ae94e
SSDEEP

12288:yblVgfDDxp/LrAkpr42eNb14+8ec15XrX3Re7gw4lRkb7UrdJX:yb4LDnLfpr4e+uNg7gm8rdN

Score

N/A

Malware Config

Signatures

Files

9fe11d86ba283faf7be499cb67e4420bc7a34cd50541e11471b12bfe7326377e
.exe windows x86

046402dcdd780d8ee00d69b12d1b8be0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleUninitialize
CoInitialize
CoTaskMemFree
CoRevokeClassObject
StringFromCLSID
CreateStreamOnHGlobal
CoInitializeSecurity
CoTaskMemRealloc
OleLockRunning
CoGetClassObject
CoUninitialize
ReleaseStgMedium

advapi32

OpenSCManagerA
RegOpenKeyExA
QueryServiceStatus
RegCloseKey
RegDeleteKeyA
CloseServiceHandle
OpenProcessToken

kernel32

SetConsoleCtrlHandler
GetACP
GetModuleFileNameA
CreateProcessA
lstrcmpiA
TlsSetValue
FreeEnvironmentStringsA
VirtualProtect
SetStdHandle
CreateMutexA
GetVersionExA
FreeEnvironmentStringsW
FindNextFileA
SetHandleCount
GetCurrentProcessId
SuspendThread
EnterCriticalSection
ConvertDefaultLocale
GetCommandLineA
GetConsoleCP
LocalFileTimeToFileTime
ResumeThread
TerminateProcess
RtlUnwind
CopyFileA
GetStringTypeA
FlushFileBuffers
GetCurrentThread
WriteFile
GlobalSize
FatalAppExitA
IsDebuggerPresent
GetUserDefaultLCID
SetFileTime
GlobalFlags
GetFileAttributesA
ExitThread
LoadLibraryA
GetFileSize
GlobalAlloc
GetStringTypeW
IsValidLocale
FindClose
GetConsoleMode
GetModuleFileNameW
InitializeCriticalSection
LockFile
SetErrorMode
SetEnvironmentVariableA
lstrlenA
GetCurrentDirectoryA
GetStringTypeExA
GetStartupInfoA
LocalAlloc
CompareStringW
GetVolumeInformationA
GetSystemInfo
GetTempFileNameA
UnhandledExceptionFilter
GetShortPathNameA
GetModuleHandleA
LocalReAlloc
SetLastError
DeleteFileA
GetSystemTimeAsFileTime
TlsGetValue
GetEnvironmentStrings
InterlockedDecrement
GetEnvironmentVariableA
GetLocaleInfoA
CreateFileA
SetCurrentDirectoryA
GetVersion
GetFileTime
GetSystemDirectoryA
CreateFileMappingA
HeapDestroy
LCMapStringA
CreateEventA
WriteConsoleA
lstrlenW
GlobalDeleteAtom
LocalFree
GetLocaleInfoW
SetEndOfFile
GetPrivateProfileStringA
FindFirstFileA
GetFullPathNameA
GetConsoleOutputCP
HeapFree
FileTimeToLocalFileTime
LockResource
CompareStringA
GetEnvironmentStringsW
UnlockFile
MapViewOfFile
SetFileAttributesA
DeleteCriticalSection
IsValidCodePage
GetDateFormatA
WritePrivateProfileStringA
FindResourceExA
SetUnhandledExceptionFilter
GetSystemTime
MultiByteToWideChar
GetCurrentThreadId
FileTimeToSystemTime
SystemTimeToFileTime
SetEvent
HeapReAlloc
lstrcmpW
DosDateTimeToFileTime
lstrcmpA
CreateThread
UnmapViewOfFile
SizeofResource
GlobalAddAtomA
CloseHandle
QueryPerformanceCounter
GetPrivateProfileIntA
HeapCreate
EnumSystemLocalesA
HeapSize
CreateFileW
VirtualAlloc
HeapAlloc
GlobalLock
FreeLibrary
SetThreadPriority
lstrcpynA
TlsAlloc
LeaveCriticalSection
InterlockedExchange
GetTickCount
ReadFile
GlobalUnlock
VirtualQuery
InterlockedIncrement
GetExitCodeProcess
MoveFileA
lstrcpyA
GlobalReAlloc
GetLocalTime
GetThreadLocale
GetTempPathA
GetProcessHeap
lstrcmpiW
SetFilePointer
FindResourceA
IsBadWritePtr
MulDiv
GetStdHandle
CreateDirectoryA
VirtualFree
TlsFree
ExitProcess
GetLastError
WaitForSingleObject
Sleep
RaiseException
InterlockedCompareExchange
GetDriveTypeA
GlobalMemoryStatus
GlobalFindAtomA
GetTimeFormatA
GetTimeZoneInformation
GetCPInfo
FormatMessageA
GetFileType
EnumResourceLanguagesA
WriteConsoleW
LCMapStringW
GetOEMCP
GlobalFree
WideCharToMultiByte
GetCurrentProcess
LoadResource
GetProcAddress
GlobalHandle

user32

SetFocus
BeginPaint
GetMenuItemCount
ReleaseCapture
ShowOwnedPopups
MsgWaitForMultipleObjects
FillRect
MessageBoxA
ShowWindow
HideCaret
OpenClipboard
ReleaseDC
RedrawWindow
RegisterClassA
InflateRect
GetWindowRect
GetDlgItemInt
CreateWindowExA
AdjustWindowRectEx
RegisterWindowMessageA
GetWindow
CharLowerA
GetActiveWindow
GetDC
RegisterClassExA
GetSystemMetrics
DestroyWindow
DrawIconEx
GetDesktopWindow
UnhookWindowsHookEx
EndPaint
DefWindowProcA
BringWindowToTop

version

GetFileVersionInfoA
GetFileVersionInfoSizeA

gdi32

RectInRegion
GetFontData
SetBkMode
GetGlyphOutlineA
Polygon
OffsetRgn
CreateHatchBrush
StartDocA
RestoreDC
Polyline
IntersectClipRect
ScaleViewportExtEx
ScaleWindowExtEx
SetBkColor
SetViewportOrgEx
SaveDC
StretchBlt
SetTextJustification
SetBrushOrgEx
SetTextAlign
SetWindowOrgEx
SelectObject
GetCharABCWidthsA
GetTextMetricsW
GetRgnBox
GetTextExtentPoint32W
Ellipse
ExcludeClipRect
CreateEllipticRgn
GetStockObject
CreatePen
CreateRoundRectRgn
DeleteDC
GetDIBits
CreateSolidBrush
LineTo
PaintRgn
RealizePalette
CreateDIBSection
SetPolyFillMode
EnumFontFamiliesExA
SetMapMode
GetViewportOrgEx
CreatePatternBrush
PtInRegion
GetViewportExtEx
GetClipRgn
CreateFontIndirectA
Rectangle
GetPixel
PolyBezier
ExtFloodFill
SetTextColor
OffsetViewportOrgEx
SetViewportExtEx
GetDeviceCaps
ExtCreatePen
ExtSelectClipRgn
GetBoundsRect
SetROP2
DPtoLP
CreatePalette
GetObjectA
CreateRectRgn
GetClipBox
SelectClipRgn
SelectPalette
CreateBitmap
CreateRectRgnIndirect
ExtTextOutW
GetMapMode
DeleteObject
SetStretchBltMode
PatBlt
CreateCompatibleBitmap
SetRectRgn

winspool.drv

OpenPrinterA
DocumentPropertiesA

comctl32

ord17
PropertySheetW
ImageList_ReplaceIcon
DestroyPropertySheetPage
ImageList_GetImageInfo
ImageList_DrawEx
ImageList_Draw
ImageList_GetIcon
ImageList_AddMasked
_TrackMouseEvent
ImageList_LoadImageW
ImageList_Destroy
InitCommonControlsEx
ImageList_Create
ImageList_GetIconSize
ImageList_GetImageCount

Sections

.text
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 452KB - Virtual size: 451KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

046402dcdd780d8ee00d69b12d1b8be0

Headers

File Characteristics

Imports

ole32

advapi32

kernel32

user32

version

gdi32

winspool.drv

comctl32

Sections

.text Size: 68KB - Virtual size: 65KB

.rdata Size: 452KB - Virtual size: 451KB

.data Size: 100KB - Virtual size: 98KB

.rsrc Size: 40KB - Virtual size: 36KB

.text
Size: 68KB - Virtual size: 65KB

.rdata
Size: 452KB - Virtual size: 451KB

.data
Size: 100KB - Virtual size: 98KB

.rsrc
Size: 40KB - Virtual size: 36KB