53f0e7dd4e0216b07737eb7b3aacccd145b8685d999a53af3e7e5675053e9676

Sharing

Copy URL Twitter E-mail

General

Target

53f0e7dd4e0216b07737eb7b3aacccd145b8685d999a53af3e7e5675053e9676
Size

253KB
MD5

91f2d6da13c31d0f3286d42fcfafe1d9
SHA1

32b85745bd0a2a95ef88f3ce4aa5fe3fc320515a
SHA256

53f0e7dd4e0216b07737eb7b3aacccd145b8685d999a53af3e7e5675053e9676
SHA512

c2dc5c8fdf62673f1a69e26e17e8b91ceb66d023834aadb11c839f4bd4084c6f35fa855593f43604350d313b32f221198b833ed99807cb27bf060b785f153fe3
SSDEEP

6144:Mj89h36jLTfrPXGxxkDal4jZUNesLT91omGSSG4u2WOMNOsPaU7:nyTjOxa0+ZdsLTLGJC2WNYrU7

Score

N/A

Malware Config

Signatures

Files

53f0e7dd4e0216b07737eb7b3aacccd145b8685d999a53af3e7e5675053e9676
.exe windows x86

5818cf524f5f065e7a752ad6cce84ce7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

ws2_32

ntohs
inet_ntoa

shlwapi

PathRemoveFileSpecA

wininet

InternetOpenA
InternetCloseHandle
HttpOpenRequestA
InternetSetOptionA
HttpAddRequestHeadersA
HttpSendRequestA
HttpQueryInfoA
InternetConnectA

kernel32

GetSystemTime
InitializeCriticalSection
FreeLibrary
GetCurrentProcess
GetVersionExA
GetModuleFileNameA
OpenMutexA
GetLastError
GetTickCount
GetLocaleInfoA
RaiseException
WaitForMultipleObjects
GetModuleFileNameW
LoadLibraryA
ExitProcess
LocalFree
MultiByteToWideChar
GetACP
LocalAlloc
lstrlenA
lstrcpynA
GetShortPathNameA
lstrcmpiA
GetComputerNameA
IsBadWritePtr
HeapCreate
SetUnhandledExceptionFilter
TlsAlloc
GetOEMCP
CreateMutexA
OpenEventA
SetEvent
GetModuleHandleA
GetCurrentProcessId
GetCurrentThreadId
CreateEventA
WaitForSingleObject
Sleep
GetStringTypeA
GetStringTypeW
QueryPerformanceCounter
IsBadReadPtr
IsBadCodePtr
GetSystemInfo
GetEnvironmentStringsW
GetCPInfo
GetFileAttributesA
GetStartupInfoA
BeginUpdateResourceW
GetProcAddress

user32

RegisterClassA
CreateWindowExA
ShowWindow
GetSystemMetrics
CharUpperA
DefWindowProcA
wsprintfA
CharPrevA
GetMessageA
PostQuitMessage

advapi32

ImpersonateSelf
GetTokenInformation
AllocateAndInitializeSid
GetLengthSid
InitializeAcl
AddAccessDeniedAce
AddAccessAllowedAce
FreeSid
RevertToSelf
ImpersonateLoggedOnUser
StartServiceCtrlDispatcherA
OpenProcessToken
RegisterServiceCtrlHandlerA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
LookupPrivilegeValueA
AdjustTokenPrivileges
SetServiceStatus
RegOpenKeyExW
RegQueryValueExW
StartServiceA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
QueryServiceStatus
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegDeleteValueA
RegCloseKey
GetUserNameA

ole32

CLSIDFromString
CoCreateGuid
CoInitializeEx
CoUninitialize
CoCreateInstance

oleaut32

SysFreeString
SysAllocStringByteLen

ntprint

PSetupEnumMonitor
PSetupDestroyPrinterDeviceInfoList
ServerInstallW
PSetupGetSelectedDriverInfo

dmocx

DllGetClassObject

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.WwVHa
Size: 1024B - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.iSKC
Size: 1024B - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 101KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.KQzjvU
Size: 3KB - Virtual size: 270KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 114KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RA
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5818cf524f5f065e7a752ad6cce84ce7

Headers

File Characteristics

Imports

version

ws2_32

shlwapi

wininet

kernel32

user32

advapi32

ole32

oleaut32

ntprint

dmocx

Sections

.text Size: 15KB - Virtual size: 15KB

.WwVHa Size: 1024B - Virtual size: 230KB

.rdata Size: 4KB - Virtual size: 6KB

.iSKC Size: 1024B - Virtual size: 60KB

.edata Size: 101KB - Virtual size: 161KB

.KQzjvU Size: 3KB - Virtual size: 270KB

.data Size: 7KB - Virtual size: 93KB

.edata Size: 114KB - Virtual size: 182KB

.RA Size: 512B - Virtual size: 3KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 15KB - Virtual size: 15KB

.WwVHa
Size: 1024B - Virtual size: 230KB

.rdata
Size: 4KB - Virtual size: 6KB

.iSKC
Size: 1024B - Virtual size: 60KB

.edata
Size: 101KB - Virtual size: 161KB

.KQzjvU
Size: 3KB - Virtual size: 270KB

.data
Size: 7KB - Virtual size: 93KB

.edata
Size: 114KB - Virtual size: 182KB

.RA
Size: 512B - Virtual size: 3KB

.rsrc
Size: 5KB - Virtual size: 4KB