6e4d228af13ef9254f4fcb9a6323103f966792aa646b108062783ac8b12cff48

Sharing

Copy URL Twitter E-mail

General

Target

6e4d228af13ef9254f4fcb9a6323103f966792aa646b108062783ac8b12cff48
Size

788KB
MD5

5ac5a367b6f56dd8c644b6500af28015
SHA1

a64deeec48708606848fcee8906a3b86506ccf9b
SHA256

6e4d228af13ef9254f4fcb9a6323103f966792aa646b108062783ac8b12cff48
SHA512

812c02f4edb55f3d0e4129e925cadc685855b343f051c40f7be522ad01cb2c0fd827fc0c3a5664c110a9eb96706b6471c3a3431f9e4a3df38dbdc380e39c7dd1
SSDEEP

12288:ZaHrE+WY3jchoqDpApF9ByXSMdsk2nmckZs0HiONcRUBX6hh:ZaHrp3gxsyX10mcwJiONcRUBKhh

Score

N/A

Malware Config

Signatures

Files

6e4d228af13ef9254f4fcb9a6323103f966792aa646b108062783ac8b12cff48
.exe windows x86

30e6f138567eff22be3b9cc3c14f0526

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

UuidCreate
UuidToStringA
RpcStringFreeA

kernel32

GetFileAttributesW
GetFileTime
GetModuleHandleA
GetVersionExA
LoadLibraryA
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
GetLocaleInfoW
GetStartupInfoW
RtlUnwind
HeapFree
HeapReAlloc
HeapAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetSystemTimeAsFileTime
ExitProcess
GetOEMCP
GetCPInfo
HeapSize
TerminateProcess
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
GetTimeFormatA
GetDateFormatA
SetUnhandledExceptionFilter
IsBadWritePtr
LCMapStringA
LCMapStringW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
GetTickCount
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
CreateFileA
FileTimeToLocalFileTime
GlobalFlags
lstrcmpW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
FileTimeToSystemTime
lstrlenA
lstrcmpA
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
GetCurrentProcessId
WideCharToMultiByte
GetVersion
GetCurrentProcess
GetComputerNameW
CreateDirectoryW
GetTimeZoneInformation
SystemTimeToTzSpecificLocalTime
LocalFree
QueryPerformanceFrequency
QueryPerformanceCounter
CreateFileW
FindFirstFileW
FindClose
GetProcAddress
ReleaseMutex
CreateMutexW
FormatMessageW
LocalAlloc
GetCommandLineW
GetCurrentThreadId
Sleep
GetModuleHandleW
LoadLibraryExW
FreeLibrary
LeaveCriticalSection
EnterCriticalSection
lstrcatW
lstrcpynW
InterlockedIncrement
GetModuleFileNameW
CreateEventW
CreateThread
SetEvent
lstrcmpiW
GetLastError
WaitForSingleObject
CloseHandle
lstrcpyW
lstrlenW
DeleteCriticalSection
InitializeCriticalSection
RaiseException
InterlockedDecrement
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange

user32

SetMenuItemBitmaps
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapW
RegisterWindowMessageW
WinHelpW
GetCapture
CreateWindowExW
GetClassInfoExW
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
LoadIconW
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
PostMessageW
AdjustWindowRectEx
RegisterClassW
DefWindowProcW
CallWindowProcW
SystemParametersInfoA
IsIconic
GetWindowPlacement
CopyRect
SetWindowsHookExW
UnregisterClassW
CharNextW
PostThreadMessageW
DispatchMessageW
GetMessageW
wsprintfW
CallNextHookEx
GetKeyState
PeekMessageW
ValidateRect
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
SetWindowPos
SetWindowLongW
DestroyMenu
PostQuitMessage
GetClassInfoW
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
UnhookWindowsHookEx
GetWindowTextW
GetSystemMetrics
CharUpperW
GetSysColorBrush
GetSysColor
ReleaseDC
GetDC
LoadCursorW
EnableWindow
IsWindowEnabled
GetLastActivePopup
GetWindowLongW
GetParent
MessageBoxW
SendMessageW
GetDlgItem
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetFocus
SetWindowTextW
GetClassNameW

gdi32

GetStockObject
CreateBitmap
DeleteDC
SetTextColor
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetClipBox
SetMapMode
GetDeviceCaps
DeleteObject
SaveDC
RestoreDC
SetBkColor

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegEnumValueW
RegConnectRegistryW
RegDeleteKeyW
RegQueryValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW

shell32

SHGetFolderPathW

comctl32

ord17

shlwapi

PathStripToRootW
PathIsUNCW
PathFindFileNameW
PathFindExtensionW

ole32

CoCreateGuid
StringFromCLSID
OleRun
CoUninitialize
StringFromGUID2
CoCreateInstance
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
CoRegisterClassObject
CoRevokeClassObject
CoInitialize

oleaut32

SysFreeString
VarUdateFromDate
SysAllocString
SysAllocStringByteLen
SysStringByteLen
SysAllocStringLen
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
VarUI4FromStr
LoadRegTypeLi
SysStringLen
VariantClear
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetDim
SafeArrayGetElement
VariantInit
VariantChangeType
VariantCopy
GetErrorInfo

Sections

.text
Size: 496KB - Virtual size: 493KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 184KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.prdata
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

30e6f138567eff22be3b9cc3c14f0526

Headers

File Characteristics

Imports

rpcrt4

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

Sections

.text Size: 496KB - Virtual size: 493KB

.rdata Size: 184KB - Virtual size: 181KB

.data Size: 12KB - Virtual size: 26KB

.rsrc Size: 12KB - Virtual size: 8KB

.prdata Size: 80KB - Virtual size: 80KB

.text
Size: 496KB - Virtual size: 493KB

.rdata
Size: 184KB - Virtual size: 181KB

.data
Size: 12KB - Virtual size: 26KB

.rsrc
Size: 12KB - Virtual size: 8KB

.prdata
Size: 80KB - Virtual size: 80KB