c39195a08ec9ec73fb51ead6d7b962075373e9e06ceddeb95486e10d1752a394

Sharing

Copy URL Twitter E-mail

General

Target

c39195a08ec9ec73fb51ead6d7b962075373e9e06ceddeb95486e10d1752a394
Size

1.4MB
MD5

05ec7c689bb204f708a0cda822ff43b4
SHA1

279ed1f51b7f634038cb4e891d18c3b65a897f55
SHA256

c39195a08ec9ec73fb51ead6d7b962075373e9e06ceddeb95486e10d1752a394
SHA512

3d3d1298256be4a296d5f1471a7e8924b5d0bb23dd041322697fea2aa1b91261624e5d3e294730e173744d5a11b605fb14bd32cb4421e13acb4ab5b6cb671e22
SSDEEP

24576:MYZuSSGIDCdkwoes2o5BQyIoaRwXPzOO29L7C3609mLd:70hCRoes2o5BQyIoaRwXPzDYPT

Score

N/A

Malware Config

Signatures

Files

c39195a08ec9ec73fb51ead6d7b962075373e9e06ceddeb95486e10d1752a394
.exe windows x86

9da56803b0013d7687c08558bc21e4fb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

crypt32

CertFreeCertificateContext
CertCloseStore
CertEnumCertificatesInStore
CertOpenStore
CryptStringToBinaryA
CertGetNameStringA
CertAddCertificateContextToStore
CertOpenSystemStoreA
CertGetCertificateContextProperty
PFXIsPFXBlob
CertCreateCertificateContext

kernel32

IsBadWritePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
VirtualAlloc
SetStdHandle
GetLastError
OutputDebugStringA
GetModuleFileNameA
GetModuleHandleA
FreeLibrary
GetProcAddress
LoadLibraryA
GetSystemDirectoryA
LocalFree
FormatMessageA
SetLastError
MultiByteToWideChar
lstrcpyA
lstrlenA
lstrcmpA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
Sleep
WinExec
LoadResource
FindResourceA
LockResource
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
lstrcmpiA
GlobalGetAtomNameA
GetCurrentThreadId
lstrcatA
GetVersion
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
InterlockedExchange
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetACP
HeapSize
HeapReAlloc
TerminateProcess
RaiseException
ExitProcess
GetCommandLineA
GetStartupInfoA
GetLocalTime
GetSystemTime
GetTimeZoneInformation
HeapAlloc
HeapFree
RtlUnwind
FileTimeToLocalFileTime
FileTimeToSystemTime
SetErrorMode
GetOEMCP
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
GetProfileStringA
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
SizeofResource
GlobalFlags
WritePrivateProfileStringA
MulDiv
GetThreadLocale
GetFullPathNameA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentProcess
DuplicateHandle
GetTickCount
GetCurrentThread
CreateFileA
CloseHandle
FindFirstFileA
FindClose
GetFileTime
GetFileSize
GetFileAttributesA
lstrcpynA

user32

PostThreadMessageA
MessageBeep
GetNextDlgGroupItem
SetRect
CopyAcceleratorTableA
CharNextA
InflateRect
GetSysColorBrush
LoadCursorA
GetDesktopWindow
PtInRect
GetClassNameA
CharUpperA
DestroyMenu
LoadStringA
RegisterClipboardFormatA
MapDialogRect
SetWindowContextHelpId
GetMessageA
TranslateMessage
ValidateRect
GetCursorPos
SetCursor
PostQuitMessage
GrayStringA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
ShowWindow
MoveWindow
SetWindowTextA
PostMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
SetFocus
AdjustWindowRectEx
ScreenToClient
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode
IsWindowVisible
GetTopWindow
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
IsDialogMessageA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetParent
GetWindowLongA
GetDlgItem
IsWindowEnabled
CopyRect
GetSysColor
DrawTextA
InvalidateRect
IsIconic
GetSystemMetrics
DrawIcon
GetSystemMenu
AppendMenuA
GetClientRect
LoadIconA
MessageBoxA
SendMessageA
UnregisterClassA
EnableWindow
GetFocus

gdi32

DeleteObject
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
PtVisible
RectVisible
TextOutA
Escape
PatBlt
GetMapMode
DPtoLP
GetTextColor
GetBkColor
LPtoDP
SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
IntersectClipRect
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
ExtTextOutA
GetTextExtentPointA
BitBlt
CreateCompatibleDC
CreateDIBitmap
CreateFontA

comdlg32

GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey

comctl32

ord17
ImageList_Destroy

oledlg

ord8

ole32

OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CoRegisterMessageFilter
CoTaskMemAlloc
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
CreateILockBytesOnHGlobal
CoTaskMemFree

olepro32

ord253

oleaut32

SysStringLen
SysAllocStringByteLen
SysAllocString
VariantChangeType
VariantCopy
VariantTimeToSystemTime
VariantClear
SysFreeString
SysAllocStringLen

Sections

.text
Size: 196KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

oxtbmp
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9da56803b0013d7687c08558bc21e4fb

Headers

File Characteristics

Imports

version

crypt32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 196KB - Virtual size: 193KB

.rdata Size: 44KB - Virtual size: 42KB

.data Size: 20KB - Virtual size: 36KB

.rsrc Size: 12KB - Virtual size: 10KB

oxtbmp Size: 8KB - Virtual size: 4KB

.text
Size: 196KB - Virtual size: 193KB

.rdata
Size: 44KB - Virtual size: 42KB

.data
Size: 20KB - Virtual size: 36KB

.rsrc
Size: 12KB - Virtual size: 10KB

oxtbmp
Size: 8KB - Virtual size: 4KB