37cff247f392051847438473ef0d2a08926022c8c0ce8753610ef3298c9bc97f

Sharing

Copy URL Twitter E-mail

General

Target

37cff247f392051847438473ef0d2a08926022c8c0ce8753610ef3298c9bc97f
Size

484KB
MD5

16bc8881b90c4be13726717973d67ee0
SHA1

722946631ed3db15895ac582a6740ff8bf3bac1e
SHA256

37cff247f392051847438473ef0d2a08926022c8c0ce8753610ef3298c9bc97f
SHA512

d5163aa73e65307545cdd6690c70239552bab4504b37ce881c74719ed8df7849aba275741d89e579d43ccd1429ffff7f27a042a5e6ab775fa360264a9ec5434a
SSDEEP

12288:dBbkUxNmjsGVrUWKZZUnzwq5sLpVRs/AdNJrJX:fbvx0zjnMtLpo/AHD

Score

N/A

Malware Config

Signatures

Files

37cff247f392051847438473ef0d2a08926022c8c0ce8753610ef3298c9bc97f
.exe windows x86

dcc6af5c277ee1baffb198c960e9c19f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
LoadLibraryA
GetSystemDirectoryA
GetWindowsDirectoryA
GetModuleFileNameA
GetModuleHandleA
CompareStringA
GetProcessHeap
HeapFree
InterlockedDecrement
GetLastError
FreeLibrary
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
SetEnvironmentVariableA
EnumResourceLanguagesW
GetVersion
ConvertDefaultLocale
lstrcmpiA
lstrcmpA
GlobalDeleteAtom
GlobalAlloc
GlobalLock
GetCurrentThreadId
GetCurrentThread
LocalFree
GlobalUnlock
MulDiv
GlobalFree
CloseHandle
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FreeResource
GetTickCount
SetFileTime
GetFileTime
GetVersionExA
lstrlenA
InterlockedIncrement
GlobalFlags
LocalAlloc
LeaveCriticalSection
GlobalReAlloc
GlobalHandle
EnterCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
SystemTimeToFileTime
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
LocalFileTimeToFileTime
SetErrorMode
ExitProcess
RtlUnwind
HeapAlloc
TerminateProcess
HeapReAlloc
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
IsBadWritePtr
SetUnhandledExceptionFilter
GetTimeZoneInformation
GetOEMCP
GetStringTypeA
IsBadReadPtr
IsBadCodePtr
GetDriveTypeA
LCMapStringA
SetStdHandle

user32

SetWindowRgn
ClientToScreen
SetTimer
KillTimer
SetCapture
PtInRect
GetSystemMetrics
ReleaseCapture
ScreenToClient
GetWindowDC
BeginPaint
EndPaint
GetSysColor
CopyRect
GetWindowPlacement
SystemParametersInfoA
IntersectRect
SetScrollInfo
GetScrollInfo
DeferWindowPos
EqualRect
GetMenu
ShowScrollBar
SetForegroundWindow
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
TrackPopupMenu
ScrollWindow
MapWindowPoints
GetMessagePos
GetMessageTime
DestroyWindow
GetTopWindow
EndDeferWindowPos
BeginDeferWindowPos
SetActiveWindow
GetForegroundWindow
SendDlgItemMessageA
GetCapture
GetDesktopWindow
SetMenu
BringWindowToTop
SetRectEmpty
CreatePopupMenu
ReuseDDElParam
UnpackDDElParam
DestroyMenu
IsZoomed
DeleteMenu
GetSysColorBrush
DestroyIcon
SetRect
GetWindow
DrawIcon
GetNextDlgTabItem
MessageBeep
EndDialog
InflateRect
WindowFromPoint
GetDCEx
LockWindowUpdate
SetParent
SetWindowContextHelpId
MapDialogRect
SetWindowPos
SetFocus
ShowWindow
MoveWindow
GetDlgCtrlID
GetDlgItem
SetMenuItemBitmaps
GetFocus
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
CallNextHookEx
TranslateMessage
GetActiveWindow
IsWindowVisible
GetKeyState
GetCursorPos
ValidateRect
GetParent
GetLastActivePopup
IsWindowEnabled
ShowOwnedPopups
SetCursor
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
PostQuitMessage
OffsetRect
IsRectEmpty
UpdateWindow
FillRect
GetWindowRect
GetClientRect
GetDC
ReleaseDC
IsWindow
IsChild
InvalidateRect
IsIconic
GetNextDlgGroupItem
AdjustWindowRectEx
InvalidateRgn

comctl32

ImageList_Destroy
ImageList_GetImageInfo
ImageList_Draw
ord17

shlwapi

PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW

ole32

CoTaskMemAlloc
CoTaskMemFree
CoInitialize
CoUninitialize
CoCreateInstance
OleInitialize
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CLSIDFromProgID
CLSIDFromString
CoFreeUnusedLibraries
OleUninitialize

oleaut32

OleCreateFontIndirect
SysAllocString
VariantClear
SysAllocStringByteLen
SysStringByteLen
SysFreeString
SysStringLen
SysAllocStringLen
VariantChangeType
VariantInit
VariantCopy
SafeArrayDestroy
SystemTimeToVariantTime

advapi32

SetFileSecurityW
GetFileSecurityW
RegCloseKey

gdi32

SetTextColor
SetMapMode
GetClipBox
ExcludeClipRect
PatBlt
SetBkMode
SetBkColor
RestoreDC
SaveDC
Ellipse
LPtoDP
CreateEllipticRgn
CreateBitmap
GetDeviceCaps
IntersectClipRect
GetMapMode
CombineRgn
SetRectRgn
GetRgnBox
CreateRectRgnIndirect
GetTextColor
GetBkColor
StretchDIBits
CreateCompatibleBitmap
CreateSolidBrush
GetStockObject
CreateCompatibleDC
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
RectVisible
PtVisible
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
DeleteObject

shell32

DragFinish

winspool.drv

ClosePrinter

Sections

.text
Size: 236KB - Virtual size: 234KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dcc6af5c277ee1baffb198c960e9c19f

Headers

File Characteristics

Imports

kernel32

user32

comctl32

shlwapi

ole32

oleaut32

advapi32

gdi32

shell32

winspool.drv

Sections

.text Size: 236KB - Virtual size: 234KB

.rdata Size: 60KB - Virtual size: 59KB

.data Size: 12KB - Virtual size: 25KB

.rsrc Size: 28KB - Virtual size: 26KB

.text Size: 144KB - Virtual size: 144KB

.text
Size: 236KB - Virtual size: 234KB

.rdata
Size: 60KB - Virtual size: 59KB

.data
Size: 12KB - Virtual size: 25KB

.rsrc
Size: 28KB - Virtual size: 26KB

.text
Size: 144KB - Virtual size: 144KB