ff4d6e18bdb0a38b5f4cd2634c478a0682b81f7a85e69d17cf890d986eb719ad

Sharing

Copy URL Twitter E-mail

General

Target

ff4d6e18bdb0a38b5f4cd2634c478a0682b81f7a85e69d17cf890d986eb719ad
Size

531KB
MD5

04220c0a613a900769ceebe6813243f0
SHA1

a74452d7663d334ec08fe850efc351ffcddf076c
SHA256

ff4d6e18bdb0a38b5f4cd2634c478a0682b81f7a85e69d17cf890d986eb719ad
SHA512

b9c7b87dd08facaad4ea1120145b5dec3395d011a44962e6f998c86e081442dd054821fe4a31738627c79a4c4712fbf45956e1b71db8b260f924fba4335df2c5
SSDEEP

12288:g9kiCrefTORMinF0fLJj4BUXMeyPWF5+ZLzD8c2i8S:DifVinF0j9J52P32i8S

Score

N/A

Malware Config

Signatures

Files

ff4d6e18bdb0a38b5f4cd2634c478a0682b81f7a85e69d17cf890d986eb719ad
.exe windows x86

f103cd44beeef85c73a20fabfe2cd96a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDefaultLangID
CreateHardLinkA

setupapi

SetupDiCreateDeviceInterfaceRegKeyW
SetupDiGetDeviceInstanceIdW
SetupDiCreateDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
SetupDiOpenDeviceInfoW
SetupDiOpenDeviceInterfaceRegKey
SetupDiOpenDevRegKey
SetupDiOpenDeviceInterfaceW
SetupDiGetDeviceRegistryPropertyW
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsW
SetupDiGetDeviceInterfaceAlias

rpcrt4

RpcRevertToSelf
RpcServerUseProtseqIfW
RpcBindingSetAuthInfoExW
RpcBindingFree
RpcServerRegisterIfEx
RpcServerInqBindings
NdrClientCall2
NdrServerCall2
RpcStringFreeW
RpcServerUnregisterIf
RpcStringBindingParseW
RpcBindingVectorFree
RpcBindingToStringBindingW
RpcImpersonateClient
I_RpcBindingInqTransportType
RpcBindingFromStringBindingW

shell32

DragAcceptFiles

winspool.drv

AddPrintProvidorA

ole32

CoInitialize
CLSIDFromString
CoCreateInstance
CoUninitialize

winsta

WinStationQueryInformationW

user32

MessageBoxW
GetSysColorBrush
GetWindowLongW
EndDialog
CreateWindowExW
ShowWindow
SetDlgItemTextW
DefWindowProcW
LoadBitmapW
PostMessageW
CallWindowProcW
SetWindowPos
GetMonitorInfoW
DestroyWindow
BroadcastSystemMessageW
GetSystemMetrics
TranslateMessage
DispatchMessageW
GetMessageW
LoadImageW
RegisterDeviceNotificationW
KillTimer
SetWindowTextW
SetWindowLongW
CloseDesktop
LoadStringW
MonitorFromRect
SystemParametersInfoW
UnregisterDeviceNotification
CharNextW
wsprintfW
FindWindowW
RegisterWindowMessageW
SendMessageW
GetClientRect
SetTimer
SetForegroundWindow
PostQuitMessage
SendDlgItemMessageW

ntdll

RtlAcquireResourceShared
NtDuplicateToken
wcstoul
_wcsicmp
RtlUnwind
RtlOpenCurrentUser
RtlInitializeResource
RtlAcquireResourceExclusive
RtlDeleteResource
RtlReleaseResource
NtQueryVirtualMemory
NtClose

comctl32

CreateStatusWindowW
ImageList_Create
ImageList_Destroy
ImageList_AddMasked

Sections

.text
Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 176KB - Virtual size: 580KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 150KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f103cd44beeef85c73a20fabfe2cd96a

Headers

File Characteristics

Imports

kernel32

setupapi

rpcrt4

shell32

winspool.drv

ole32

winsta

user32

ntdll

comctl32

Sections

.text Size: 177KB - Virtual size: 177KB

.data Size: 176KB - Virtual size: 580KB

.rdata Size: 26KB - Virtual size: 25KB

.rsrc Size: 150KB - Virtual size: 149KB

.text
Size: 177KB - Virtual size: 177KB

.data
Size: 176KB - Virtual size: 580KB

.rdata
Size: 26KB - Virtual size: 25KB

.rsrc
Size: 150KB - Virtual size: 149KB