e6bdff4ef288c14b44fd401d7d7d692f106bc456eb844d95fd292c3a2fe5ecf0

Sharing

Copy URL Twitter E-mail

General

Target

e6bdff4ef288c14b44fd401d7d7d692f106bc456eb844d95fd292c3a2fe5ecf0
Size

232KB
MD5

1e7bef546f26ec86af85159b82cb56d0
SHA1

714463491968cb631b18968f6ea97b8e29e5484a
SHA256

e6bdff4ef288c14b44fd401d7d7d692f106bc456eb844d95fd292c3a2fe5ecf0
SHA512

695aad0726e9ab784309088a83519f9870c0186b5441bacbdf4d49ff09a94128c3d240e2b32be3030866eaab7e87cec736c973bd0c03cd15508b90b842be6704
SSDEEP

6144:JzbVOev+UTPffVT1ydAthbjPhc1H2yCXm:Bb2Uz9T1+AtNha2t

Score

N/A

Malware Config

Signatures

Files

e6bdff4ef288c14b44fd401d7d7d692f106bc456eb844d95fd292c3a2fe5ecf0
.exe windows x86

beb3480ac1cd26fa20c801931469af33

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wtsapi32

WTSQueryUserToken

advapi32

RegSetValueExW
RegCreateKeyExW
CloseServiceHandle
CreateServiceW
OpenSCManagerW
DeleteService
OpenServiceW
StartServiceW
ControlService
RegisterServiceCtrlHandlerW
StartServiceCtrlDispatcherW
SetServiceStatus
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
DuplicateTokenEx
CreateProcessAsUserW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor

userenv

DestroyEnvironmentBlock
CreateEnvironmentBlock

kernel32

GetCurrentProcess
SetFilePointer
FlushFileBuffers
FindFirstFileW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetStartupInfoW
RtlUnwind
HeapFree
HeapAlloc
RaiseException
TerminateProcess
HeapReAlloc
HeapSize
GetTimeZoneInformation
WritePrivateProfileStringW
SetErrorMode
GetEnvironmentStrings
GetCommandLineA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetStringTypeA
GetStringTypeW
SetStdHandle
CompareStringA
CompareStringW
GetACP
GetOEMCP
SetEnvironmentVariableA
GetProcessVersion
SizeofResource
TlsGetValue
GlobalFlags
lstrcmpiW
GlobalReAlloc
LocalReAlloc
TlsSetValue
TlsAlloc
TlsFree
GlobalHandle
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
SetLastError
InitializeCriticalSection
MulDiv
lstrcmpW
lstrcmpiA
GlobalAlloc
lstrcmpA
GetModuleHandleA
GetCurrentThread
GlobalFree
UnhandledExceptionFilter
FreeEnvironmentStringsA
LoadResource
GetCommandLineW
LoadLibraryA
CreateWaitableTimerW
FindResourceW
GlobalFindAtomW
LockResource
GetCurrentThreadId
lstrcatW
GlobalDeleteAtom
GetModuleHandleW
lstrcpynW
lstrcpyW
GlobalLock
GlobalAddAtomW
GlobalUnlock
GlobalGetAtomNameW
WideCharToMultiByte
GetVersion
MultiByteToWideChar
InterlockedIncrement
lstrlenA
InterlockedDecrement
GetPrivateProfileStringW
lstrlenW
GetModuleFileNameW
FormatMessageW
CreateNamedPipeW
ConnectNamedPipe
GetProcAddress
WriteFile
LoadLibraryW
CreateThread
FreeLibrary
TerminateThread
LocalFree
Sleep
LocalAlloc
WaitForSingleObject
ExitProcess
SetWaitableTimer
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetLastError
CloseHandle
GetProfileStringA
GlobalAddAtomA
FindResourceA

user32

EndDeferWindowPos
BeginDeferWindowPos
DeferWindowPos
ScreenToClient
AdjustWindowRectEx
DispatchMessageW
GetSysColor
MapWindowPoints
SendDlgItemMessageA
SendDlgItemMessageW
IsDialogMessageW
SetWindowTextW
GetNextDlgTabItem
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuW
GetMenuState
LoadBitmapW
GetMenuCheckMarkDimensions
PostQuitMessage
ShowOwnedPopups
GetCursorPos
ValidateRect
TranslateMessage
GetMessageW
ClientToScreen
GetDC
ReleaseDC
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutW
DrawTextW
GrayStringW
GetClassNameW
PtInRect
GetSysColorBrush
RegisterClassW
CreateDialogIndirectParamW
EndDialog
LoadStringW
SetWindowsHookExW
CallNextHookEx
SetPropW
GetPropW
CallWindowProcW
RemovePropW
DefWindowProcW
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
OffsetRect
IntersectRect
SystemParametersInfoW
GetWindowPlacement
GetWindowRect
GetLastActivePopup
BringWindowToTop
IsWindowVisible
GetFocus
EqualRect
CopyRect
GetDlgItem
InvalidateRect
SetWindowLongW
GetKeyState
GetDlgCtrlID
UpdateWindow
GetMenuItemCount
GetSubMenu
GetMenuItemID
UnpackDDElParam
SetMenu
GetMenu
GetClassInfoW
LoadMenuW
DestroyMenu
SetFocus
GetParent
GetActiveWindow
GetWindowLongW
IsWindow
GetDesktopWindow
GetWindow
IsWindowEnabled
SetCursor
PeekMessageW
GetCapture
ReleaseCapture
TranslateAcceleratorW
LoadAcceleratorsW
SetRectEmpty
RegisterWindowMessageW
UnhookWindowsHookEx
EnableWindow
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
FindWindowW
LoadIconW
LoadCursorW
wsprintfW
GetTopWindow
MessageBoxW
SendMessageW
PostMessageW
CreateWindowExW
GetWindowTextW
DestroyWindow
ReuseDDElParam
WinHelpW
SetActiveWindow
ShowWindow
SetWindowPos
InflateRect
DefWindowProcA
CharNextA
SetWindowsHookExA
UnregisterClassW
RemovePropA
GetPropA
SetPropA
SetWindowLongA
GetClassNameA
IsWindowUnicode
SendMessageA
GetWindowLongA
ExcludeUpdateRgn
DefDlgProcA
CallWindowProcA
GetWindowTextLengthA
HideCaret
ShowCaret
GetClassInfoA
DrawFocusRect
DrawTextA
GetWindowTextA

gdi32

CreateCompatibleDC
GetClipBox
SetTextColor
GetObjectW
CreateBitmap
SetBkColor
SaveDC
DeleteDC
SelectObject
GetStockObject
RestoreDC
SetBkMode
SetMapMode
OffsetViewportOrgEx
SetViewportExtEx
SetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
SetWindowExtEx
IntersectClipRect
ExtTextOutA
DeleteObject
CreateDIBitmap
GetDeviceCaps
CreateSolidBrush
PtVisible
RectVisible
ExtTextOutW
Escape
TextOutW
PatBlt
GetTextExtentPointA
BitBlt

winspool.drv

GetPrinterW
ClosePrinter
OpenPrinterW
DocumentPropertiesW

shell32

DragFinish
DragQueryFileW

comctl32

ord17

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

beb3480ac1cd26fa20c801931469af33

Headers

File Characteristics

Imports

wtsapi32

advapi32

userenv

kernel32

user32

gdi32

winspool.drv

shell32

comctl32

Sections

.text Size: 108KB - Virtual size: 107KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 20KB - Virtual size: 37KB

.rsrc Size: 16KB - Virtual size: 13KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 108KB - Virtual size: 107KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 20KB - Virtual size: 37KB

.rsrc
Size: 16KB - Virtual size: 13KB

.rmnet
Size: 60KB - Virtual size: 60KB