b0f02c308b220b621182f0ff3353a3d8ca19ce4203fe31ceaf19ab62c12590c9

Sharing

Copy URL Twitter E-mail

General

Target

b0f02c308b220b621182f0ff3353a3d8ca19ce4203fe31ceaf19ab62c12590c9
Size

672KB
MD5

a16346c823a741a97446597d4feae8a7
SHA1

7847115c3a8206714953ffed8fda3c97f8bda3e1
SHA256

b0f02c308b220b621182f0ff3353a3d8ca19ce4203fe31ceaf19ab62c12590c9
SHA512

e8aa6126cac2baa482a850dea428b81870ac01676e78b4bf868b3360e7f4bef8f16cfd9e72e6ab666966d1e17a06e4da336bc57aece19493d048a94f2bcc239d
SSDEEP

12288:19MbPlEuKyD+bTdSu0/9X8/jwVJsOVvbiLEn8S+uTopSqI5M21cFoHWW:HMbtrEdStS/jSOOQLEn8S+6okt1cFoH

Score

N/A

Malware Config

Signatures

Files

b0f02c308b220b621182f0ff3353a3d8ca19ce4203fe31ceaf19ab62c12590c9
.exe windows x86

2ec403812b368f6fb4e5e94beca1eff6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

OffsetRect
GetSystemMenu
CreatePopupMenu
GetClassInfoA
EnableWindow
WinHelpA
SetWindowTextA
LoadBitmapA
DestroyWindow
CopyRect
DrawTextExA
EmptyClipboard
ShowWindow
RegisterWindowMessageA
GetUpdateRect
EqualRect
CreateWindowExA
SendDlgItemMessageA
SetWindowLongA
SetWindowPos
IsIconic
WaitMessage
SetForegroundWindow
GetMessageA
GetKeyboardLayout
UnhookWindowsHookEx
TrackPopupMenu
ToAsciiEx
GetActiveWindow
RegisterClassA
RegisterClassExA
GetMenu
IsZoomed
DestroyCursor
DefWindowProcA
wsprintfA
UnregisterClassA
EndDialog
ReleaseDC
GetAsyncKeyState
MessageBoxA
GetSystemMetrics
keybd_event
TabbedTextOutA
GetMenuItemID
CharNextA
VkKeyScanA
KillTimer
BringWindowToTop
SetCapture
SetFocus
UpdateWindow
GetMessageTime
SetScrollInfo
GetWindowLongA

kernel32

RtlUnwind
GetTimeZoneInformation
GetProcAddress
CloseHandle
GetCurrentProcess
GetEnvironmentStrings
GetCurrentThreadId
DeleteCriticalSection
TerminateProcess
WriteFile
GetLocalTime
CreateMutexA
MultiByteToWideChar
HeapDestroy
HeapReAlloc
FreeEnvironmentStringsW
InterlockedExchange
LoadLibraryA
IsBadWritePtr
TlsSetValue
GetLastError
ExitProcess
FlushFileBuffers
WideCharToMultiByte
GetCommandLineA
GetModuleFileNameA
TlsGetValue
CompareStringW
LeaveCriticalSection
LCMapStringW
GetCPInfo
VirtualQuery
SetLastError
GetModuleHandleA
ReadFile
FreeEnvironmentStringsA
HeapCreate
GetACP
TlsAlloc
GetStdHandle
GetSystemTimeAsFileTime
SetEnvironmentVariableA
EnterCriticalSection
GetOEMCP
InterlockedIncrement
FatalAppExitA
VirtualFree
GetCurrentThread
SetHandleCount
GetFileType
CompareStringA
HeapFree
SetFilePointer
InitializeCriticalSection
GetStringTypeW
HeapAlloc
GetVersion
UnhandledExceptionFilter
InterlockedDecrement
VirtualAlloc
QueryPerformanceCounter
GetStringTypeA
LCMapStringA
SetStdHandle
TlsFree
GetStartupInfoA
GetTickCount
GetSystemTime
GetEnvironmentStringsW
GetCurrentProcessId

mfc42

ord1576

winspool.drv

ClosePrinter
ord204

advapi32

RegDeleteValueA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegSetValueA
RegCreateKeyA

gdi32

EqualRgn
Escape
GetPixel
GetTextCharacterExtra
PlayMetaFile
CreateHalftonePalette
ScaleViewportExtEx
CloseFigure
CreateDCA
ScaleWindowExtEx
SetRectRgn
DeleteDC
CreatePalette
StretchDIBits
GetCurrentObject
GetDeviceCaps
GetMapMode
PathToRegion
InvertRgn
CreateCompatibleDC
GetTextExtentPoint32A
GetCharABCWidthsA
GetStretchBltMode
CreateEnhMetaFileA
SetBitmapDimensionEx
DeleteObject
GetBitmapDimensionEx
GetBitmapBits
GetPolyFillMode
GetViewportExtEx
GetCharWidthA
GetOutlineTextMetricsA
SetStretchBltMode
GetObjectA
CloseEnhMetaFile

ole32

CoTaskMemFree
OleSetContainedObject
CoInitialize
CoRegisterMessageFilter
CLSIDFromString
CoRevokeClassObject
CoGetClassObject
OleTranslateAccelerator
OleFlushClipboard
OleDestroyMenuDescriptor
OleDuplicateData
OleGetClipboard
OleCreateMenuDescriptor
IsAccelerator
OleSetClipboard
DoDragDrop
StringFromCLSID
OleLockRunning
CoCreateInstance
GetRunningObjectTable
OleInitialize
CoTaskMemAlloc
OleIsCurrentClipboard
CreateStreamOnHGlobal
CLSIDFromProgID

comdlg32

GetOpenFileNameA
GetSaveFileNameA

Sections

.text
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 448KB - Virtual size: 444KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ec403812b368f6fb4e5e94beca1eff6

Headers

File Characteristics

Imports

user32

kernel32

mfc42

winspool.drv

advapi32

gdi32

ole32

comdlg32

Sections

.text Size: 84KB - Virtual size: 80KB

.rdata Size: 448KB - Virtual size: 444KB

.data Size: 100KB - Virtual size: 96KB

.rsrc Size: 36KB - Virtual size: 35KB

.text
Size: 84KB - Virtual size: 80KB

.rdata
Size: 448KB - Virtual size: 444KB

.data
Size: 100KB - Virtual size: 96KB

.rsrc
Size: 36KB - Virtual size: 35KB