02906957a1a61416965502ee47d163b84f804741adb462426a37076620220ba3

Sharing

Copy URL Twitter E-mail

General

Target

02906957a1a61416965502ee47d163b84f804741adb462426a37076620220ba3
Size

472KB
MD5

5fffa9c3df192f50ad0227db3535a1f0
SHA1

f270c9c8f56fff788c5f0f7826342646c646dbd9
SHA256

02906957a1a61416965502ee47d163b84f804741adb462426a37076620220ba3
SHA512

7bedf8d3c28ddb5f8859289604cbb215db676b6cde388eef1d13e1b075d540d2fc3061eede1675aef4ac411c1928265600113828713578433000c671c7b568b8
SSDEEP

6144:kdLu6VuGCOuXFIKfaQKRE/E8Wb4T3GyZ46mziI006mE4eJlm:kdyguZNX7ajFb4TJuh0gLW

Score

N/A

Malware Config

Signatures

Files

02906957a1a61416965502ee47d163b84f804741adb462426a37076620220ba3
.exe windows x86

ac882b44a471f564ac085ba3a665eb74

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winspool.drv

GetPrinterDriverA
GetPrinterA
OpenPrinterA
GetPrinterDriverDirectoryA
EndDocPrinter
EndPagePrinter
WritePrinter
StartPagePrinter
SetPrinterA
SetJobA
EnumPrintersA
EnumPortsA
ClosePrinter
DocumentPropertiesA
SetPrinterDataA
GetPrinterDataA
EnumJobsA
StartDocPrinterA

kernel32

LocalReAlloc
TlsGetValue
GetProcessVersion
GetCPInfo
GetOEMCP
WritePrivateProfileStringA
SetErrorMode
GetCurrentProcess
SetFilePointer
FlushFileBuffers
SetEndOfFile
RtlUnwind
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
ExitProcess
TerminateProcess
RaiseException
TlsSetValue
HeapReAlloc
HeapSize
GetACP
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadCodePtr
SetStdHandle
FreeLibrary
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
SizeofResource
GlobalFlags
lstrcpynA
GetModuleFileNameA
GetCurrentThread
MulDiv
SuspendThread
SetThreadPriority
ResumeThread
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GlobalLock
LoadLibraryA
CloseHandle
GlobalUnlock
LockResource
FindResourceA
LoadResource
lstrcmpA
GetVersion
lstrcmpiA
lstrcpyA
lstrcatA
GlobalAlloc
OpenEventA
GlobalFree
DeviceIoControl
WriteFile
ReadFile
CreateFileA
CreateProcessA
GetModuleHandleA
GetFileAttributesA
GetExitCodeThread
SetLastError
CreateThread
TerminateThread
LocalFree
ReleaseSemaphore
CreateSemaphoreA
InterlockedDecrement
InterlockedIncrement
GetProfileStringA
IsBadWritePtr
IsBadReadPtr
LocalAlloc
lstrlenA
GetProcAddress
OutputDebugStringA
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
WaitForMultipleObjects
GetComputerNameA
WaitForSingleObject
CreateMutexA
ResetEvent
SetEvent
CreateEventA
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
Sleep
GetLastError
GetVersionExA
GetSystemDirectoryA
GetPrivateProfileStringA
ExitThread

user32

SetDlgItemInt
SetDlgItemTextA
IsDlgButtonChecked
IsDialogMessageA
SetWindowTextA
ShowWindow
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
GetMenuCheckMarkDimensions
wvsprintfA
GetCursorPos
ValidateRect
TranslateMessage
GetMessageA
ClientToScreen
GetDC
ReleaseDC
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
SetCursor
DestroyMenu
GetClassNameA
PtInRect
LoadCursorA
GetSysColorBrush
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
GetFocus
AdjustWindowRectEx
ScreenToClient
CopyRect
IsWindowVisible
GetCapture
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DefWindowProcA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
SystemParametersInfoA
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetParent
GetWindowLongA
GetDlgItem
IsWindowEnabled
LoadStringA
wsprintfA
MessageBoxA
GetClientRect
IsIconic
DrawIcon
GetSystemMetrics
PostQuitMessage
GetSystemMenu
LoadMenuA
GetSubMenu
AppendMenuA
SetFocus
IsWindow
KillTimer
PostMessageA
InvalidateRect
LoadBitmapA
SetTimer
GetTopWindow
FindWindowA
SendMessageA
SetForegroundWindow
GetDesktopWindow
SetActiveWindow
GetWindowRect
GetDlgItemInt
WinHelpA
CheckDlgButton
LoadIconA
EnableWindow
GetSysColor
IsWindowUnicode
CharNextA
InflateRect
DefDlgProcA
DrawFocusRect
ExcludeUpdateRgn
ShowCaret
HideCaret
UnregisterClassA
IntersectRect

gdi32

RestoreDC
GetStockObject
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
SaveDC
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetTextColor
GetClipBox
GetPixel
GetDeviceCaps
CreateBitmap
SetBkColor
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
GetObjectA
CreateFontIndirectA
DeleteObject
PatBlt
GetTextExtentPointA
CreateDIBitmap
CreateSolidBrush

advapi32

RegEnumKeyW
RegDeleteValueA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegFlushKey
RegEnumValueW
RegEnumValueA
RegQueryValueExA
RegEnumKeyA
RegQueryInfoKeyA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegCloseKey
RegOpenKeyA

shell32

ShellExecuteA

comctl32

ord17

ole32

CoCreateGuid
CoUninitialize
CoTaskMemFree
CoCreateInstance
CoInitialize

oleaut32

SafeArrayUnaccessData
SysAllocStringByteLen
SysAllocString
SafeArrayAccessData
LoadRegTypeLi
SafeArrayGetUBound
SafeArrayGetLBound
VariantInit
SafeArrayCreate
SysFreeString
VariantClear
SafeArrayPutElement
SysStringLen
SysAllocStringLen

Exports

Exports

GetEventIdList

Sections

.text
Size: 300KB - Virtual size: 296KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 124KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ac882b44a471f564ac085ba3a665eb74

Headers

File Characteristics

Imports

winspool.drv

kernel32

user32

gdi32

advapi32

shell32

comctl32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 300KB - Virtual size: 296KB

.rdata Size: 40KB - Virtual size: 38KB

.data Size: 124KB - Virtual size: 145KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 300KB - Virtual size: 296KB

.rdata
Size: 40KB - Virtual size: 38KB

.data
Size: 124KB - Virtual size: 145KB

.rsrc
Size: 4KB - Virtual size: 2KB