e1bc960a4b60be0bdbaa77b1674be04fd07b4363f07d5043eea9cd4516c3c82c

Sharing

Copy URL Twitter E-mail

General

Target

e1bc960a4b60be0bdbaa77b1674be04fd07b4363f07d5043eea9cd4516c3c82c
Size

698KB
MD5

4808cf2f8ece533090010210e52e52d0
SHA1

271c8f77c96fa6e36eb6799dae5bb3347ea65984
SHA256

e1bc960a4b60be0bdbaa77b1674be04fd07b4363f07d5043eea9cd4516c3c82c
SHA512

b2833b50a8f45bae3cbd03683309a84df81bab4856080c38d3dfe411aa699c0a25a4e5577666727811dfe6fb4c360e513095073e354b94a60ca88b647e2d993c
SSDEEP

12288:an//vg/4wxETQfNzyPamfjXsCNvwKuCmeIJ0Jx/mru+c+R8JdbcxQKXaPKXoIwNQ:an3vg/U8f9ytsCNuy+c+R8JdbcxQKXa2

Score

N/A

Malware Config

Signatures

Files

e1bc960a4b60be0bdbaa77b1674be04fd07b4363f07d5043eea9cd4516c3c82c
.exe windows x86

da635818df7cae83354f1c9d86093df4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
GetEnvironmentStringsW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
SetUnhandledExceptionFilter
HeapSize
SizeofResource
ExitProcess
HeapReAlloc
RtlUnwind
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapAlloc
GetStartupInfoW
GetFileTime
GetFileSizeEx
GetFileAttributesW
FileTimeToLocalFileTime
SetErrorMode
CreateFileW
GetFullPathNameW
GetVolumeInformationW
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
WritePrivateProfileStringW
FileTimeToSystemTime
GetThreadLocale
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalFlags
GetCurrentProcessId
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
WideCharToMultiByte
GlobalAlloc
MulDiv
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
lstrcmpW
GetVersionExA
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
GetProcessHeap
HeapFree
SetLastError
GetModuleHandleA
InterlockedExchange
CompareStringA
LoadLibraryA
Sleep
LocalFree
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
RaiseException
LeaveCriticalSection
lstrlenA
FreeLibrary
GetUserDefaultLCID
GetUserDefaultLangID
CloseHandle
GetLastError
GetCurrentProcess
GetTickCount
VerifyVersionInfoW
VerSetConditionMask
InterlockedDecrement
LoadResource
LockResource
InitializeCriticalSectionAndSpinCount

user32

CharUpperW
MessageBeep
GetNextDlgGroupItem
PostThreadMessageW
UnregisterClassW
ReleaseCapture
SetCapture
InvalidateRgn
InvalidateRect
SetRect
IsRectEmpty
CopyAcceleratorTableW
LoadCursorW
GetSysColorBrush
GetWindowThreadProcessId
SetCursor
SetWindowContextHelpId
MapDialogRect
GetCursorPos
ValidateRect
RegisterClipboardFormatW
PostQuitMessage
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
ReleaseDC
GetDC
DestroyMenu
GetMenuStringW
MoveWindow
IsDialogMessageW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetMenuState
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
GetTopWindow
UnhookWindowsHookEx
AllowSetForegroundWindow
ExitWindowsEx
GetWindowTextA
GetMenuItemCount
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
GetKeyState
SetMenu
IsWindowVisible
UpdateWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
GetMenuItemID
GetClientRect
GetSystemMetrics
SetLayeredWindowAttributes
SetTimer
GetLayeredWindowAttributes
KillTimer
IsIconic
ShowWindow
SetForegroundWindow
SetProcessDefaultLayout
TranslateMessage
GetSubMenu
EndDialog
GetNextDlgTabItem
GetParent
IsWindowEnabled
GetDlgItem
GetWindowLongW
IsWindow
DestroyWindow
CreateDialogIndirectParamW
SetActiveWindow
GetActiveWindow
GetDesktopWindow
GetWindow
GetWindowRect
GetWindowPlacement
SystemParametersInfoA
IntersectRect
OffsetRect
SetWindowPos
SetWindowLongW
GetMenu
CallWindowProcW
DefWindowProcW
GetDlgCtrlID
PtInRect
CopyRect
EqualRect

gdi32

GetRgnBox
GetBkColor
GetMapMode
GetStockObject
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
GetTextColor
TextOutW
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject
SetMapMode
RestoreDC
SaveDC
CreateRectRgnIndirect
ExtTextOutW
GetDeviceCaps
CreateBitmap
GetObjectW
SetBkColor
SetTextColor
GetClipBox
Escape

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

CloseServiceHandle
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
StartServiceW
ChangeServiceConfigW
QueryServiceStatusEx
RegCloseKey
OpenServiceW
OpenSCManagerW
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken

shell32

SHGetSpecialFolderLocation

comctl32

ord17

shlwapi

PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFindExtensionW

oledlg

OleUIBusyW

ole32

OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoRegisterMessageFilter
CoInitialize
CoUninitialize
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree

oleaut32

SysFreeString
SysAllocString
SysAllocStringLen
VariantInit
VariantClear
SysStringLen
VarUI4FromStr
SysAllocStringByteLen
SysStringByteLen
VarBstrCmp
LoadRegTypeLi
LoadTypeLi
DispCallFunc
VariantChangeType
VariantCopy
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetElemsize
SafeArrayCreate
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect

Sections

.text
Size: 259KB - Virtual size: 258KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 13KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 343KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

da635818df7cae83354f1c9d86093df4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 259KB - Virtual size: 258KB

.rdata Size: 76KB - Virtual size: 75KB

.data Size: 13KB - Virtual size: 28KB

.rsrc Size: 343KB - Virtual size: 344KB

.text
Size: 259KB - Virtual size: 258KB

.rdata
Size: 76KB - Virtual size: 75KB

.data
Size: 13KB - Virtual size: 28KB

.rsrc
Size: 343KB - Virtual size: 344KB