de6035e96dac6ce207ab465a60e7e1c5b4ee3afe26909a419971cac503a663e2

Sharing

Copy URL Twitter E-mail

General

Target

de6035e96dac6ce207ab465a60e7e1c5b4ee3afe26909a419971cac503a663e2
Size

359KB
MD5

0a3f6b350a2bad30642c6211b06f9545
SHA1

380e48b0d66918b8ca7cf59cc3c81465de7d6756
SHA256

de6035e96dac6ce207ab465a60e7e1c5b4ee3afe26909a419971cac503a663e2
SHA512

9c8c29c656a1e29740af4b73e4f300835d10c10f4ed4f771dc9cfddbe3a3093ab98a4b3ef66f752153d0eca52276b3a75359af24468f30086c3e3f02c9f6b683
SSDEEP

6144:XmT8R3CG3LdTJb6U6JzbL83O/2LNzT3XI0:2i7Ayc2hvz

Score

N/A

Malware Config

Signatures

Files

de6035e96dac6ce207ab465a60e7e1c5b4ee3afe26909a419971cac503a663e2
.dll windows x86

f271cd2c513feb5ec2404c1a8ff46408

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHChangeNotify
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetPathFromIDListA
SHGetMalloc
SHGetFileInfoW
SHGetFileInfoA
SHGetDesktopFolder
SHFileOperationW
SHFileOperationA

ole32

HMENU_UserMarshal
OleCreateLinkToFileEx
StgOpenStorageEx

winspool.drv

EnumJobsW
WaitForPrinterChange
OpenPrinterW
ClosePrinter
DEVICECAPABILITIES
DocumentPropertiesW
DeviceCapabilitiesW
EnumPrintersW
GetPrinterDriverDirectoryA

dsound

ord9

gdi32

StartDocA
SetBkColor
SelectObject
RemoveFontResourceW
PlayEnhMetaFileRecord
OffsetViewportOrgEx
GetTextFaceA
GetStockObject
GetObjectA
GetMapMode
GetFontData
GetDeviceCaps
SetPixelV
AbortPath
AddFontResourceW
BitBlt
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCW
CreateDIBSection
CreateFontIndirectA
CreateScalableFontResourceW
DeleteDC
DeleteObject
EndDoc
EndPage
EnumEnhMetaFile
EnumFontFamiliesA
EnumFontFamiliesExA
Escape
ExtSelectClipRgn
FlattenPath
GdiFlush
GdiResetDCEMF
GetDIBits

user32

CharUpperA
CharUpperBuffA
GetDC
GetDesktopWindow
LoadStringA
LoadStringW
OemToCharBuffA
ReleaseDC
CharToOemBuffA

advapi32

SetSecurityDescriptorRMControl
RegQueryValueExW
RegQueryValueExA
RegCloseKey
QueryRecoveryAgentsOnEncryptedFile
GetSecurityDescriptorDacl
CryptReleaseContext
CryptGetHashParam
CryptGenRandom
CloseServiceHandle

kernel32

TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
SystemTimeToFileTime
SwitchToThread
Sleep
SizeofResource
SetUnhandledExceptionFilter
SetStdHandle
SetLastError
SetHandleCount
SetFilePointer
SetFileAttributesW
lstrcatA
lstrcatW
lstrcmpA
lstrcmpiA
lstrcpyA
lstrcpyW
lstrcpynA
lstrcpynW
lstrlenA
lstrlenW
GetCurrentProcess
CloseHandle
CompareFileTime
CompareStringA
CompareStringW
CreateDirectoryA
CreateDirectoryW
CreateEventA
CreateFileA
CreateFileW
DeleteCriticalSection
DeleteFileA
DeleteFileW
EnterCriticalSection
EnumSystemLocalesA
ExitProcess
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FindResourceA
FlushFileBuffers
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetCurrentDirectoryA
GetCurrentDirectoryW
GetCurrentProcessId
GetCurrentThreadId
GetDiskFreeSpaceExA
GetDiskFreeSpaceExW
GetDriveTypeA
GetDriveTypeW
GetEnvironmentStringsW
GetFileAttributesA
GetFileAttributesW
GetFileSize
GetFileType
GetFullPathNameA
GetFullPathNameW
GetLastError
GetLocaleInfoA
GetLocaleInfoW
GetLongPathNameW
GetModuleFileNameA
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetPrivateProfileIntA
GetProcAddress
GetShortPathNameW
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDefaultLangID
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTempFileNameW
GetTempPathA
GetTempPathW
GetTickCount
GetTimeZoneInformation
GetUserDefaultLCID
GetVersion
GetVersionExA
GlobalAlloc
GlobalFree
GlobalHandle
GlobalLock
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDBCSLeadByte
IsDBCSLeadByteEx
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LoadResource
LocalAlloc
LockResource
MoveFileA
MoveFileW
MultiByteToWideChar
QueryPerformanceCounter
RaiseException
ReadFile
RemoveDirectoryA
RemoveDirectoryW
ResetEvent
RtlUnwind
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableA
SetEvent

Sections

.text
Size: 239KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 49KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f271cd2c513feb5ec2404c1a8ff46408

Headers

File Characteristics

Imports

shell32

ole32

winspool.drv

dsound

gdi32

user32

advapi32

kernel32

Sections

.text Size: 239KB - Virtual size: 240KB

.rdata Size: 37KB - Virtual size: 39KB

.data Size: 26KB - Virtual size: 27KB

.idata Size: 6KB - Virtual size: 7KB

.rsrc Size: 49KB - Virtual size: 51KB

.text
Size: 239KB - Virtual size: 240KB

.rdata
Size: 37KB - Virtual size: 39KB

.data
Size: 26KB - Virtual size: 27KB

.idata
Size: 6KB - Virtual size: 7KB

.rsrc
Size: 49KB - Virtual size: 51KB