a31dfc873f8a40fb523cc1441bb976ecc836f6ef50e728d17dc97466911b5701

Sharing

Copy URL

Twitter E-mail

General

Target

a31dfc873f8a40fb523cc1441bb976ecc836f6ef50e728d17dc97466911b5701
Size

253KB
MD5

815a5a5835c022436095f490ee5c2cdd
SHA1

75baecab18d71c4edf4ec808a9ffe0c759af17d5
SHA256

a31dfc873f8a40fb523cc1441bb976ecc836f6ef50e728d17dc97466911b5701
SHA512

b8998e4dcca78a7b33b6a046952c32855d1b5ff8d2cf80feef846ec8dbd9547168f841a7cfaf31c120b899814625097c4a3fd9775868dadd8ad91f9a18a0c30a
SSDEEP

6144:7j89h36jLTfrPXGxxkDal4jZUNesLT91omGSSG4u2WOMNOsPaU7:UyTjOxa0+ZdsLTLGJC2WNYrU7

Score

N/A

Malware Config

Signatures

Files

a31dfc873f8a40fb523cc1441bb976ecc836f6ef50e728d17dc97466911b5701
.exe windows x86

5818cf524f5f065e7a752ad6cce84ce7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

ws2_32

ntohs
inet_ntoa

shlwapi

PathRemoveFileSpecA

wininet

InternetOpenA
InternetCloseHandle
HttpOpenRequestA
InternetSetOptionA
HttpAddRequestHeadersA
HttpSendRequestA
HttpQueryInfoA
InternetConnectA

kernel32

GetSystemTime
InitializeCriticalSection
FreeLibrary
GetCurrentProcess
GetVersionExA
GetModuleFileNameA
OpenMutexA
GetLastError
GetTickCount
GetLocaleInfoA
RaiseException
WaitForMultipleObjects
GetModuleFileNameW
LoadLibraryA
ExitProcess
LocalFree
MultiByteToWideChar
GetACP
LocalAlloc
lstrlenA
lstrcpynA
GetShortPathNameA
lstrcmpiA
GetComputerNameA
IsBadWritePtr
HeapCreate
SetUnhandledExceptionFilter
TlsAlloc
GetOEMCP
CreateMutexA
OpenEventA
SetEvent
GetModuleHandleA
GetCurrentProcessId
GetCurrentThreadId
CreateEventA
WaitForSingleObject
Sleep
GetStringTypeA
GetStringTypeW
QueryPerformanceCounter
IsBadReadPtr
IsBadCodePtr
GetSystemInfo
GetEnvironmentStringsW
GetCPInfo
GetFileAttributesA
GetStartupInfoA
BeginUpdateResourceW
GetProcAddress

user32

RegisterClassA
CreateWindowExA
ShowWindow
GetSystemMetrics
CharUpperA
DefWindowProcA
wsprintfA
CharPrevA
GetMessageA
PostQuitMessage

advapi32

ImpersonateSelf
GetTokenInformation
AllocateAndInitializeSid
GetLengthSid
InitializeAcl
AddAccessDeniedAce
AddAccessAllowedAce
FreeSid
RevertToSelf
ImpersonateLoggedOnUser
StartServiceCtrlDispatcherA
OpenProcessToken
RegisterServiceCtrlHandlerA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
LookupPrivilegeValueA
AdjustTokenPrivileges
SetServiceStatus
RegOpenKeyExW
RegQueryValueExW
StartServiceA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
QueryServiceStatus
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegDeleteValueA
RegCloseKey
GetUserNameA

ole32

CLSIDFromString
CoCreateGuid
CoInitializeEx
CoUninitialize
CoCreateInstance

oleaut32

SysFreeString
SysAllocStringByteLen

ntprint

PSetupEnumMonitor
PSetupDestroyPrinterDeviceInfoList
ServerInstallW
PSetupGetSelectedDriverInfo

dmocx

DllGetClassObject

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.WwVHa
Size: 1024B - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.iSKC
Size: 1024B - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 101KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.KQzjvU
Size: 3KB - Virtual size: 270KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 114KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RA
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5818cf524f5f065e7a752ad6cce84ce7

Headers

File Characteristics

Imports

version

ws2_32

shlwapi

wininet

kernel32

user32

advapi32

ole32

oleaut32

ntprint

dmocx

Sections

.text Size: 15KB - Virtual size: 15KB

.WwVHa Size: 1024B - Virtual size: 230KB

.rdata Size: 4KB - Virtual size: 6KB

.iSKC Size: 1024B - Virtual size: 60KB

.edata Size: 101KB - Virtual size: 161KB

.KQzjvU Size: 3KB - Virtual size: 270KB

.data Size: 7KB - Virtual size: 93KB

.edata Size: 114KB - Virtual size: 182KB

.RA Size: 512B - Virtual size: 3KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 15KB - Virtual size: 15KB

.WwVHa
Size: 1024B - Virtual size: 230KB

.rdata
Size: 4KB - Virtual size: 6KB

.iSKC
Size: 1024B - Virtual size: 60KB

.edata
Size: 101KB - Virtual size: 161KB

.KQzjvU
Size: 3KB - Virtual size: 270KB

.data
Size: 7KB - Virtual size: 93KB

.edata
Size: 114KB - Virtual size: 182KB

.RA
Size: 512B - Virtual size: 3KB

.rsrc
Size: 5KB - Virtual size: 4KB