6854db53fe4e04ab9eed489d3289f7a458f7d723cbf60b0550774324d0eafe44

Sharing

Copy URL Twitter E-mail

General

Target

6854db53fe4e04ab9eed489d3289f7a458f7d723cbf60b0550774324d0eafe44
Size

476KB
MD5

830867b390e0f13933fbef57c0773649
SHA1

de3c0df4b2a966b7cae41178baa321001197f363
SHA256

6854db53fe4e04ab9eed489d3289f7a458f7d723cbf60b0550774324d0eafe44
SHA512

c38af46b61139a34ea6b731c345347b5f48097ecd287503785768d9c72b91f1ec1e30e3ec54a3162c59d229e3e387614fd9d22a620beb8430b2cc83429eeaadc
SSDEEP

6144:aBmZiw053AcjdhvukHmeBDlIek2YF3cPGSHAXjqkmZAzkWR8bcgBT:kaiwMBdHmeMe7l2f3kWR/

Score

N/A

Malware Config

Signatures

Files

6854db53fe4e04ab9eed489d3289f7a458f7d723cbf60b0550774324d0eafe44
.exe windows x86

228546c431feae5da111a857c91dc82e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
HeapAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
HeapReAlloc
ExitProcess
RtlUnwind
HeapSize
TerminateProcess
HeapDestroy
HeapCreate
VirtualFree
GetCurrentProcess
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
FlushFileBuffers
WriteFile
GetOEMCP
GetCPInfo
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcatA
lstrcmpW
GetModuleHandleA
GetProcAddress
GetCurrentThreadId
lstrcpyA
GlobalFlags
InterlockedIncrement
InterlockedDecrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
GetModuleFileNameA
lstrcmpA
FindResourceA
LoadResource
LockResource
SizeofResource
GlobalUnlock
FormatMessageA
LocalFree
SetLastError
lstrcpynA
GetVersion
CloseHandle
GetVersionExA
DeleteCriticalSection
CreatePipe
OpenMutexA
GlobalFree
VirtualProtectEx
GetThreadLocale
lstrcmpiA
GetLastError
InterlockedExchange
RaiseException
MultiByteToWideChar
GetACP
ReadFile
FileTimeToSystemTime
CreateEventA
WideCharToMultiByte
GlobalAlloc
InitializeCriticalSection
GetDriveTypeA
SetTapeParameters
GlobalLock
GetLocaleInfoA
lstrlenA
SetFilePointer
GetFileSize
CreateFileA
IsBadWritePtr

user32

GetClassInfoA
CallWindowProcA
IsIconic
GetWindowPlacement
CopyRect
GrayStringA
DrawTextExA
TabbedTextOutA
SetWindowsHookExA
PeekMessageA
ValidateRect
SetWindowPos
SetWindowLongA
GetDlgItem
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetFocus
SetWindowTextA
GetSystemMetrics
GetDC
GetSysColorBrush
UnhookWindowsHookEx
SendMessageA
MessageBoxA
GetLastActivePopup
EnableWindow
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
EndPaint
ClientToScreen
GetMessageA
GetClassNameA
RegisterClassExA
PostQuitMessage
GetClassInfoExA
DrawTextA
LoadIconA
CallNextHookEx
IsWindowEnabled
DrawIcon
GetWindowTextLengthA
BeginPaint
EnumWindows
RegisterClassA
RegisterHotKey
SetScrollInfo
DestroyMenu
SetMenuItemBitmaps
ModifyMenuA
TranslateMessage
GetMenu
CheckMenuRadioItem
UnregisterClassA
GetWindowLongA
CreateWindowExA
ReleaseDC
DefWindowProcA
GetSysColor
ShowWindow
FrameRect
IsWindow
DispatchMessageA
SystemParametersInfoA
LoadImageA
UpdateWindow
DialogBoxIndirectParamA
SetMenuItemInfoA
LoadCursorA
GetWindowTextA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
RegisterWindowMessageA
WinHelpA
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetClientRect
PostMessageA
AdjustWindowRectEx
GetParent
GetKeyState

gdi32

PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
CreateBitmap
GetClipBox
SetMapMode
DeleteObject
SetTextColor
SetBkColor
RestoreDC
SaveDC
GetDeviceCaps
BitBlt
DeleteDC
ScaleWindowExtEx
GetStockObject
DPtoLP
CreatePen
GetObjectA
CreateDCA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

GetSidSubAuthority
GetLengthSid
InitializeSid
GetSidLengthRequired
IsValidSid
CopySid

comctl32

ord17

ole32

CoRevokeClassObject
CoInitialize
OleUninitialize
OleInitialize
OleSetContainedObject
CoUninitialize

oleaut32

VariantClear
VariantChangeType
VariantInit

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 216KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 772KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 148KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

228546c431feae5da111a857c91dc82e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

ole32

oleaut32

oleacc

Sections

.text Size: 216KB - Virtual size: 212KB

.rdata Size: 100KB - Virtual size: 99KB

.data Size: 8KB - Virtual size: 772KB

.rsrc Size: 148KB - Virtual size: 146KB

.text
Size: 216KB - Virtual size: 212KB

.rdata
Size: 100KB - Virtual size: 99KB

.data
Size: 8KB - Virtual size: 772KB

.rsrc
Size: 148KB - Virtual size: 146KB