bfa6d9382298cb84d419ddcc2c6c6338623e4d575a5408f10ddcd8cac50c6925

Sharing

Copy URL Twitter E-mail

General

Target

bfa6d9382298cb84d419ddcc2c6c6338623e4d575a5408f10ddcd8cac50c6925
Size

219KB
MD5

7d58910aea72c2785046c86b3ca61a34
SHA1

4edbadba2cc2dd58c36ae8cf657b1d0ae4bb2850
SHA256

bfa6d9382298cb84d419ddcc2c6c6338623e4d575a5408f10ddcd8cac50c6925
SHA512

e5edc003aefda2e12da8ec294f8a98ad3c33bf85ab263b48b826d5ee93880c2e984d34a31aab4896d9bceef9f4e60773256086988e7a9237800744f1aa4cb6db
SSDEEP

6144:ot7+EDdBPS3nFmxf8xVNd6z5EKbFT6u8TA4ylLDxxvHJ:t0PPSXCf8XMV5Tz8SlHxBp

Score

N/A

Malware Config

Signatures

Files

bfa6d9382298cb84d419ddcc2c6c6338623e4d575a5408f10ddcd8cac50c6925
.exe windows x86

2f9b7e5b03ea0c5cc4542ba1aef7bfef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyW
RegQueryValueExA
RegOpenKeyExA
RegSetValueExW
RegCloseKey
RegQueryValueExW
IsTextUnicode

comdlg32

GetOpenFileNameW
CommDlgExtendedError
ReplaceTextW
PageSetupDlgW
PrintDlgExW
GetFileTitleW
FindTextW
GetSaveFileNameW
ChooseFontW

user32

SetScrollPos
GetDlgCtrlID
SetWindowTextW
LoadImageW
DestroyWindow
GetWindowTextW
GetMessagePos
MoveWindow
DialogBoxParamW
CharLowerW
CallWindowProcW
WindowFromPoint
GetMenu
GetWindowPlacement
GetSubMenu
SetWinEventHook
GetDlgItem
EnableWindow
GetWindowLongW
SendDlgItemMessageW
SetDlgItemTextW
GetLastActivePopup
OpenClipboard
CharNextW
WinHelpW
EnableMenuItem
GetCursorPos
CreateWindowExW
LoadIconW
SendMessageW
MessageBeep
GetMenuState
SetWindowLongW
PeekMessageW
RegisterClassExW
PostMessageW
DefWindowProcW
GetKeyboardLayout
DrawTextExW
ShowWindow
RegisterWindowMessageA
InflateRect
ReleaseCapture
LoadCursorW
CreateDialogParamW
ScreenToClient
TranslateAcceleratorW
EndPaint
LoadStringW
DispatchMessageW
LoadAcceleratorsW
GetSystemMetrics
UnhookWinEvent
GetParent
GetForegroundWindow
GetFocus
EndDialog
CloseClipboard
PostQuitMessage
IsWindow
GetMessageW
SetCursor
IsClipboardFormatAvailable
IsDialogMessageW
GetSystemMenu
TranslateMessage
GetMenuItemCount
ReleaseDC
GetDlgItemTextW
wsprintfW
SetActiveWindow
MessageBoxW
DrawEdge
CheckMenuItem
ChildWindowFromPoint
IsIconic
GetClientRect
CharUpperW
IsRectEmpty
GetDesktopWindow
UpdateWindow
GetNextDlgTabItem
GetDC
SetFocus
RegisterWindowMessageW
SetWindowPlacement
InvalidateRect

msvcrt

?terminate@@YAXXZ
memset
_controlfp
_acmdln
_adjust_fdiv
malloc
__setusermatherr
_cexit
__getmainargs
wcsncpy
__p__commode
exit
_wtol
__set_app_type
fflush
_callnewh
_XcptFilter
time
_wcsicmp
wcsncmp
_c_exit
_amsg_exit
__CxxFrameHandler
__p__fmode
_snwprintf
strncmp
_exit
localtime
_initterm
iswctype
_vsnwprintf

kernel32

lstrcmpA
UnmapViewOfFile
FindFirstFileW
InterlockedDecrement
WriteFile
lstrcpyW
GetUserDefaultLCID
GetTickCount
GetStringTypeA
InterlockedCompareExchange
HeapDestroy
lstrcatW
GetWindowsDirectoryW
GetModuleFileNameW
LocalFree
InterlockedIncrement
TlsSetValue
SetLastError
MulDiv
GetModuleHandleA
ReleaseMutex
SetHandleCount
lstrcmpW
LoadLibraryA
GetCurrentThreadId
GetFileAttributesW
GetLastError
GetUserDefaultUILanguage
lstrcpynW
GetStringTypeW
CreateFileMappingW
SetEvent
TlsAlloc
LocalAlloc
GetLocalTime
LocalReAlloc
CloseHandle
GetOEMCP
TerminateProcess
CompareStringW
RtlUnwind
GetCurrentProcess
CreateFileA
GetTimeZoneInformation
IsBadReadPtr
GetStartupInfoA
ReadFile
GetLocaleInfoW
GetLocaleInfoA
DeviceIoControl
GetProcAddress
GetFileType
CreateFileW
CreateProcessW
GetDateFormatW
FormatMessageW
CreateEventA
GetACP
VirtualAlloc
DeleteFileW
CreateMutexW
MoveFileW
GetCommandLineW
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
FreeLibrary
GetEnvironmentStrings
MapViewOfFile
GlobalLock
GetCurrentProcessId
GetSystemTimeAsFileTime
TlsGetValue
DeleteCriticalSection
VirtualProtect
SetStdHandle
SetUnhandledExceptionFilter
LocalUnlock
FoldStringW
Sleep
lstrcmpiW
SetEndOfFile
GetModuleFileNameA
lstrlenW
GetFileInformationByHandle
EnterCriticalSection
SetThreadPriority
QueryPerformanceCounter
TlsFree
VirtualFree
GlobalFree
LocalSize
IsDebuggerPresent
FlushFileBuffers
UnhandledExceptionFilter
GetTimeFormatW
HeapAlloc
GlobalUnlock
LocalLock
FindNextFileA
ExitProcess
FindClose

gdi32

GetDeviceCaps
AbortDoc
SetBkMode
CreateDCW
SetWindowExtEx
SetViewportExtEx
StartPage
GetTextMetricsW
GetTextFaceW
SetMapMode
EnumFontsW
DeleteDC
EndPage
TextOutW
SelectObject
StartDocW
LPtoDP
EndDoc
GetTextExtentPoint32W
SetAbortProc
CreateFontIndirectW
GetObjectW
GetStockObject
DeleteObject

shell32

DragAcceptFiles
DragQueryFileW
ShellAboutW
DragFinish

comctl32

CreateStatusWindowW

winspool.drv

ClosePrinter
OpenPrinterW
GetPrinterDriverW

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 181KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2f9b7e5b03ea0c5cc4542ba1aef7bfef

Headers

File Characteristics

Imports

advapi32

comdlg32

user32

msvcrt

kernel32

gdi32

shell32

comctl32

winspool.drv

Sections

.text Size: 1KB - Virtual size: 1KB

.rdata Size: 181KB - Virtual size: 180KB

.data Size: 30KB - Virtual size: 1.0MB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 181KB - Virtual size: 180KB

.data
Size: 30KB - Virtual size: 1.0MB

.rsrc
Size: 5KB - Virtual size: 5KB