28c079df9f88e04f6fde392f7910c3fcae4eaa46dcac82bfbd841dabcc9475c7

Sharing

Copy URL Twitter E-mail

General

Target

28c079df9f88e04f6fde392f7910c3fcae4eaa46dcac82bfbd841dabcc9475c7
Size

209KB
MD5

6420abd935df14ff0bdeb462836b7e90
SHA1

c7a7a91b3ec4f0b3351d3d79018d0420ec4d88a9
SHA256

28c079df9f88e04f6fde392f7910c3fcae4eaa46dcac82bfbd841dabcc9475c7
SHA512

b73fae2e4b749715584f7ba1bd248c97d17b02e5bbc6331e0d6fda61dedfae434143990d4c01fc4206327a654cbca954073802c4f05b124d9b966729844a54ad
SSDEEP

3072:/nePM9oEZ9rn/yEo80JBnCH8ne3o7ISv0e:DoEXKz8dRqR

Score

N/A

Malware Config

Signatures

Files

28c079df9f88e04f6fde392f7910c3fcae4eaa46dcac82bfbd841dabcc9475c7
.exe windows x86

c2517b9d804a1d75ec8aaf42ba00c6a6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpA
GetModuleHandleA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
lstrcatA
GetVersion
LocalAlloc
TlsAlloc
GlobalFree
GlobalUnlock
GlobalHandle
GlobalLock
GlobalReAlloc
GlobalAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
GetProcessVersion
GetCPInfo
GetOEMCP
ExitProcess
TerminateProcess
RtlUnwind
GetCommandLineA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapAlloc
HeapFree
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetACP
RaiseException
HeapSize
HeapReAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
SetStdHandle
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetModuleFileNameA
lstrcmpiA
lstrcpynA
lstrcpyA
LoadLibraryA
GetProcAddress
CloseHandle
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentProcess
GetLastError
LocalFree
FreeLibrary
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetTickCount
Sleep
SetLastError

advapi32

RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA

comctl32

ord17

wsock32

WSAStartup
WSACleanup
gethostname
select
closesocket
recv
send
socket
WSASetLastError
connect
htons
ioctlsocket
gethostbyname

user32

GetMenuItemID
GetSubMenu
GetMenuItemCount
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetParent
MessageBoxA
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
SetFocus
GetFocus
GetSysColor
MapWindowPoints
LoadIconA
ClientToScreen
GetDC
ReleaseDC
TabbedTextOutA
DrawTextA
GrayStringA
SetWindowTextA
IsWindowEnabled
GetNextDlgTabItem
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
GetClassNameA
PtInRect
PostQuitMessage
LoadCursorA
GetSysColorBrush
DestroyMenu
GetDlgItem
GetWindowTextA
GetDlgCtrlID
GetKeyState
DefWindowProcA
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
SendMessageA
GetWindow
GetWindowLongA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
LoadStringA
GetSystemMetrics
EnableWindow
PeekMessageA
DispatchMessageA
PostMessageA
RegisterWindowMessageA

gdi32

SetTextColor
SaveDC
DeleteDC
GetClipBox
CreateBitmap
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetDeviceCaps
RestoreDC
SelectObject
GetStockObject
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
SetBkColor
DeleteObject
GetObjectA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

Sections

.text
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c2517b9d804a1d75ec8aaf42ba00c6a6

Headers

File Characteristics

Imports

kernel32

advapi32

comctl32

wsock32

user32

gdi32

winspool.drv

Sections

.text Size: 80KB - Virtual size: 78KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 8KB - Virtual size: 20KB

.rsrc Size: 4KB - Virtual size: 880B

.text Size: 93KB - Virtual size: 93KB

.text
Size: 80KB - Virtual size: 78KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 8KB - Virtual size: 20KB

.rsrc
Size: 4KB - Virtual size: 880B

.text
Size: 93KB - Virtual size: 93KB