8e5f0f80fae2ef928a32515b044331fe0fdfd27226466e25343cea5e0fea3c72

Sharing

Copy URL

Twitter E-mail

General

Target

8e5f0f80fae2ef928a32515b044331fe0fdfd27226466e25343cea5e0fea3c72
Size

212KB
MD5

91ddfd0fff8cfa8d843a917528e90890
SHA1

773d95bad0c953b7ba12eb04339963c1100275e6
SHA256

8e5f0f80fae2ef928a32515b044331fe0fdfd27226466e25343cea5e0fea3c72
SHA512

ce81918bb9e7f2b4bb1273296c67388774e472b229a8e86fc52e2ee5f236f0ae8dc66cfe958868e7be053aed09f3f209e9542594309d1550095cd1f394b8fb6a
SSDEEP

6144:ZdZXGeMlG4XZzQYFirJ8Y6GlD3PPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPd:3ZWeMlG4JdlyPPPPPPPPPPPPPPPPPPPd

Score

N/A

Malware Config

Signatures

Files

8e5f0f80fae2ef928a32515b044331fe0fdfd27226466e25343cea5e0fea3c72
.exe windows x86

8db8477ed6b6d6e56c054f188ed8ca13

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
GetOEMCP
HeapAlloc
HeapFree
RtlUnwind
GetCommandLineA
ExitProcess
TerminateProcess
RaiseException
HeapReAlloc
HeapSize
GetACP
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
VirtualFree
VirtualAlloc
IsBadWritePtr
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
Sleep
IsBadReadPtr
IsBadCodePtr
SetStdHandle
FlushFileBuffers
GetCurrentProcess
GetProcessVersion
LoadLibraryA
FreeLibrary
GetVersion
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
InterlockedIncrement
lstrcpyA
WritePrivateProfileStringA
InterlockedDecrement
GetModuleFileNameA
GlobalFlags
lstrlenA
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
GlobalHandle
GlobalUnlock
GlobalFree
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
InterlockedExchange
lstrcpynA
SetLastError
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
GetTempPathA
lstrcatA
GetModuleHandleA
DeleteFileA
lstrcpyW
OpenProcess
GetSystemInfo
VirtualQueryEx
ReadProcessMemory
GetCurrentDirectoryW
CreateFileW
GetFileSize
CreateMutexW
GetLastError
WriteFile
SetFileTime
GetFileAttributesA
CreateDirectoryA
LocalFileTimeToFileTime
GetCurrentDirectoryA
SystemTimeToFileTime
ReadFile
CloseHandle
CreateFileA
HeapCreate
SetFilePointer

user32

RegisterWindowMessageA
GetMessagePos
GetMessageTime
RemovePropA
GetPropA
SetPropA
GetClassLongA
DestroyWindow
GetDlgItem
GetMenuItemID
GetSubMenu
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
GetSysColorBrush
DestroyMenu
IsIconic
GetSystemMetrics
LoadStringA
GrayStringA
DrawTextA
TabbedTextOutA
GetMenuItemCount
UnhookWindowsHookEx
GetLastActivePopup
IsWindowEnabled
MessageBoxA
EnableWindow
GetWindowTextA
SetWindowTextA
ClientToScreen
GetDlgCtrlID
PtInRect
GetWindowLongA
GetClassNameA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetParent
SetCursor
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
PostMessageA
PostQuitMessage
LoadImageA
SetWindowLongA
GetForegroundWindow
GetWindow
GetClassNameW
GetWindowRect
GetWindowThreadProcessId
GetWindowPlacement
SetWindowPlacement
SetWindowPos
SetForegroundWindow
CallWindowProcA
GetWindowTextW
SetWindowTextW
SendMessageA
DefWindowProcA
wsprintfW
CreateWindowExA
ShowWindow
RegisterClassExA
SetTimer
GetMessageA
RegisterClassExW
LoadCursorA
LoadIconA
SystemParametersInfoA
TranslateMessage
DispatchMessageA
wsprintfA
UpdateWindow
GetDC
MoveWindow
SetWindowRgn
ReleaseDC
CreateWindowExW
GetNextDlgTabItem

gdi32

RestoreDC
GetStockObject
SetBkColor
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SaveDC
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
DeleteObject
CreateBitmap
CreateFontIndirectW
CreateFontIndirectA
GetObjectA
GetDeviceCaps
CreateRoundRectRgn
CreateCompatibleDC
SelectObject
DeleteDC
BitBlt

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegCreateKeyExA
RegCloseKey
RegSetValueExA
RegOpenKeyExA

comctl32

_TrackMouseEvent
ord17

wininet

InternetCrackUrlW
InternetOpenW
InternetConnectW
HttpOpenRequestW
InternetCloseHandle
HttpSendRequestW

Sections

.text
Size: 92KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.CODE
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8db8477ed6b6d6e56c054f188ed8ca13

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

wininet

Sections

.text Size: 92KB - Virtual size: 89KB

.CODE Size: 8KB - Virtual size: 5KB

.rdata Size: 28KB - Virtual size: 25KB

.data Size: 16KB - Virtual size: 81KB

.rsrc Size: 64KB - Virtual size: 64KB

.text
Size: 92KB - Virtual size: 89KB

.CODE
Size: 8KB - Virtual size: 5KB

.rdata
Size: 28KB - Virtual size: 25KB

.data
Size: 16KB - Virtual size: 81KB

.rsrc
Size: 64KB - Virtual size: 64KB