1abaab445fb3d048b57037845526f9f35e14c89694e6b999120fbf9f39c4b052

Sharing

Copy URL

Twitter E-mail

General

Target

1abaab445fb3d048b57037845526f9f35e14c89694e6b999120fbf9f39c4b052
Size

492KB
MD5

0115c14ee674da96547f6c0b09773100
SHA1

0592dc474d19f1d5c953dd9ec421505600e43704
SHA256

1abaab445fb3d048b57037845526f9f35e14c89694e6b999120fbf9f39c4b052
SHA512

f6a94355d97b6506ac305d8e1a731e9c90bd7c9967b0449be29d2fb15b3586555987f7fd0ba005e9ac29d2a894685fe627478615942ab705b8c6a2a824614d52
SSDEEP

6144:1zT1QgnJ0PjZYY6GmOGZCqlUQWg3HJZu+ap6REo0qiYNFpU1Tyw6XkZ:x1QgJuCrGmOGZ/lUSsQ/hRUN

Score

N/A

Malware Config

Signatures

Files

1abaab445fb3d048b57037845526f9f35e14c89694e6b999120fbf9f39c4b052
.exe windows x86

3e49134cafd34a06c43242d4d8b5b12c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
WritePrivateProfileStringA
GetCPInfo
GetProcessVersion
GetTimeZoneInformation
GetSystemTime
GetLocalTime
HeapAlloc
HeapFree
TlsSetValue
RtlUnwind
TlsGetValue
CreateThread
ExitThread
TerminateProcess
GetACP
SetStdHandle
GetFileType
HeapSize
HeapReAlloc
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
LocalReAlloc
GetStartupInfoA
ExitProcess
GlobalReAlloc
RaiseException
TlsFree
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GlobalLock
GlobalUnlock
WriteFile
SetCommTimeouts
CreateEventA
ReadFile
GetLastError
GetOverlappedResult
Sleep
ResetEvent
GetProfileStringA
GlobalHandle
TlsAlloc
LocalAlloc
GlobalFlags
SetErrorMode
GetFileTime
GetFileSize
GetFileAttributesA
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrcmpA
GetCurrentThread
SizeofResource
GlobalAlloc
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
WaitForSingleObject
LocalFree
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GlobalFree
LockResource
FindResourceA
LoadResource
MulDiv
UnhandledExceptionFilter
GetModuleHandleA
GetTickCount
PurgeComm
GetModuleFileNameA
lstrcmpiA
GetVolumeInformationA
GetFullPathNameA
lstrcpynA
FindFirstFileA
FindClose
UnlockFile
SetEndOfFile
SetFilePointer
LockFile
FlushFileBuffers
DuplicateHandle
CreateFileA
GetCurrentProcess
FreeEnvironmentStringsA
InterlockedDecrement
SetLastError
MultiByteToWideChar
WideCharToMultiByte
GetCommProperties
InterlockedIncrement
GetProcAddress
lstrcatA
CloseHandle
GetUserDefaultLangID
lstrcpyA
lstrlenA
WinExec
FreeLibrary
GetWindowsDirectoryA
LoadLibraryA
GetVersionExA
GetSystemDirectoryA
GlobalMemoryStatus
FreeEnvironmentStringsW
GetCommandLineA
GetEnvironmentStrings
VirtualAlloc
IsBadWritePtr

user32

LoadStringA
GetFocus
MapWindowPoints
SendDlgItemMessageA
UpdateWindow
IsDialogMessageA
SetWindowTextA
ShowWindow
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
GetCursorPos
ValidateRect
GetMessageA
PostQuitMessage
WindowFromPoint
WaitMessage
KillTimer
AdjustWindowRectEx
SetFocus
GetClassNameA
GetSysColorBrush
DestroyMenu
IsWindowVisible
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
SetTimer
GetWindowTextLengthA
GetKeyState
DefWindowProcA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
ScreenToClient
GetSystemMetrics
CharUpperA
wsprintfA
DrawStateA
CopyRect
LoadCursorA
CopyIcon
GetParent
ReleaseDC
GetWindowRect
InflateRect
InvalidateRect
IsWindow
SetWindowLongA
SetCursor
SetCapture
PtInRect
ReleaseCapture
MessageBeep
DestroyCursor
LoadIconA
SendMessageA
SetRect
MessageBoxA
RedrawWindow
GetDC
GetSysColor
GetSubMenu
GetMenuItemID
GetWindowTextA
PostMessageA
PeekMessageA
TranslateMessage
DispatchMessageA
GetWindowLongA
GetClientRect
SetWindowRgn
EnableWindow
IsIconic
SystemParametersInfoA
GetDlgCtrlID
DrawFocusRect
DefDlgProcA
ExcludeUpdateRgn
IsWindowUnicode
UnregisterClassA
HideCaret
CharNextA
ShowCaret

gdi32

CreateRoundRectRgn
CreateSolidBrush
RoundRect
CreatePen
GetDeviceCaps
StartDocA
FrameRgn
EndPage
AbortDoc
StartPage
GetTextExtentPoint32A
GetTextMetricsA
EndDoc
GetObjectA
FillRgn
CreateFontIndirectA
DeleteDC
SaveDC
CombineRgn
SetBkColor
SelectObject
SetBkMode
SetTextColor
SetMapMode
OffsetViewportOrgEx
SetViewportExtEx
SetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetClipBox
SetWindowExtEx
IntersectClipRect
MoveToEx
LineTo
DeleteObject
ExtSelectClipRgn
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateBitmap
CreateCompatibleDC
BitBlt
GetTextExtentPointA
PatBlt
CreateDIBitmap
GetStockObject
RestoreDC

comdlg32

PrintDlgA
GetFileTitleA

winspool.drv

ClosePrinter
EnumPrintersA
DocumentPropertiesA
OpenPrinterA

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegCreateKeyExA
RegQueryValueA
RegSetValueExA

shell32

ShellExecuteA

comctl32

ord17

wsock32

accept
ioctlsocket
WSAGetLastError
htonl
closesocket
gethostbyname
send
WSAAsyncSelect
inet_ntoa
socket
recvfrom
sendto
connect
WSASetLastError
WSAStartup
WSACleanup
bind
htons
recv

Sections

.text
Size: 220KB - Virtual size: 218KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 104KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.uro
Size: - Virtual size: 1B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3e49134cafd34a06c43242d4d8b5b12c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

wsock32

Sections

.text Size: 220KB - Virtual size: 218KB

.rdata Size: 44KB - Virtual size: 42KB

.data Size: 104KB - Virtual size: 122KB

.rsrc Size: 60KB - Virtual size: 56KB

.uro Size: - Virtual size: 1B

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 220KB - Virtual size: 218KB

.rdata
Size: 44KB - Virtual size: 42KB

.data
Size: 104KB - Virtual size: 122KB

.rsrc
Size: 60KB - Virtual size: 56KB

.uro
Size: - Virtual size: 1B

.rmnet
Size: 60KB - Virtual size: 60KB