213ad5da702301273b048335ef6556e7c9c24b4e867689d461854774ed3a2a99

Sharing

Copy URL Twitter E-mail

General

Target

213ad5da702301273b048335ef6556e7c9c24b4e867689d461854774ed3a2a99
Size

376KB
MD5

96c9890bbb27889bed42a3115b18c3c0
SHA1

9fc98e70cd1fe4276455b7c1e96e8884f5ca0944
SHA256

213ad5da702301273b048335ef6556e7c9c24b4e867689d461854774ed3a2a99
SHA512

dc3d7ba4e5e77195956f9a7495fee31366a94013ec10c01204f1076ce29e94372ce7d79f1970c6224da10c4c59335cdd719fd5a0be6b806c700110b4eb268842
SSDEEP

6144:dgy6TL94zvImI+mQt4WRGYsxpDOS7lieC4V4C2URs0w:dgyyCzv77ttRGTp/J2U

Score

N/A

Malware Config

Signatures

Files

213ad5da702301273b048335ef6556e7c9c24b4e867689d461854774ed3a2a99
.exe windows x64

eddb3672bd2e0d1f6e147a0980672cb2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

setupapi

SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiSetClassInstallParamsA
SetupDiChangeState
SetupDiCallClassInstaller
SetupDiDestroyDeviceInfoList

shlwapi

PathGetArgsA
PathRemoveArgsA
PathUnquoteSpacesA

kernel32

SetErrorMode
LocalAlloc
LeaveCriticalSection
GlobalReAlloc
GlobalHandle
EnterCriticalSection
TlsGetValue
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GetProcessVersion
WritePrivateProfileStringA
GlobalFlags
GetCPInfo
GetOEMCP
VirtualProtect
VirtualAlloc
VirtualQuery
RtlUnwindEx
HeapAlloc
GetProcessHeap
GetStartupInfoA
GetACP
RaiseException
RtlPcToFileHeader
ExitProcess
HeapSize
HeapReAlloc
LCMapStringA
LCMapStringW
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapSetInformation
HeapCreate
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
GetDriveTypeA
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
GetLocaleInfoA
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetFileTime
GetFileSize
MulDiv
GetVersion
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalUnlock
GlobalFree
FindResourceA
LoadResource
LockResource
FreeResource
GetCurrentThread
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
SetLastError
FindNextFileA
GetFullPathNameA
FindFirstFileA
FindClose
lstrcpynA
WriteFile
DuplicateHandle
GetThreadLocale
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrlenA
WideCharToMultiByte
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
CreateThread
Sleep
GetCommandLineA
GetVolumeInformationA
CreateDirectoryA
LoadLibraryA
FreeLibrary
FormatMessageA
LocalFree
GetSystemDirectoryA
DeleteFileA
CopyFileA
GetCurrentDirectoryA
ReadFile
GetModuleFileNameA
CreateFileA
GetCurrentProcess
GetLastError
CloseHandle
GetModuleHandleA
GetProcAddress
GetSystemInfo
lstrcmpiA
GetVersionExA
lstrcpyA
lstrcatA
GetWindowsDirectoryA
MultiByteToWideChar
GetFileAttributesA
SetFileAttributesA
HeapFree

user32

SetRect
CopyAcceleratorTableA
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatA
PostThreadMessageA
GetSysColorBrush
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextA
TabbedTextOutA
DestroyMenu
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
GetCapture
WinHelpA
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
SetFocus
IsChild
GetWindowLongPtrA
GetMessageTime
GetMessagePos
SetWindowLongPtrA
GetTopWindow
GetForegroundWindow
SetForegroundWindow
MapWindowPoints
UpdateWindow
GetSysColor
GetMenu
GetSubMenu
CharNextA
GetMenuItemID
GetMenuItemCount
GetClassInfoA
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
OffsetRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
CopyRect
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
EndDialog
IsWindow
SetMenuItemBitmaps
GetFocus
GetNextDlgTabItem
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetCursor
PostQuitMessage
PostMessageA
LoadStringA
SetWindowsHookExA
CallNextHookEx
GetActiveWindow
IsWindowVisible
GetMessageA
TranslateMessage
DispatchMessageA
GetKeyState
PtInRect
GetClassNameA
ValidateRect
PeekMessageA
GetCursorPos
UnhookWindowsHookEx
GetWindowLongA
GetParent
GetLastActivePopup
IsWindowEnabled
CharUpperA
wsprintfA
ExitWindowsEx
GetSystemMetrics
LoadIconA
EnableWindow
GetClientRect
IsIconic
GetSystemMenu
SendMessageA
AppendMenuA
DrawIcon
MessageBoxA
GetDesktopWindow
AdjustWindowRectEx
LoadCursorA
RegisterClassA
UnregisterClassA

gdi32

GetDeviceCaps
ScaleViewportExtEx
GetBkColor
DPtoLP
LPtoDP
GetMapMode
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetStockObject
SelectObject
DeleteDC
Escape
ScaleWindowExtEx
SetWindowExtEx
SetMapMode
RestoreDC
SaveDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetTextColor
CreateBitmap
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

SetNamedSecurityInfoA
GetNamedSecurityInfoA
BuildExplicitAccessWithNameA
SetEntriesInAclA
RegCloseKey
RegDeleteKeyA
RegEnumKeyA
RegCreateKeyExA
RegSetValueExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
RegQueryValueExA

shell32

SHFileOperationA

comctl32

ord17

oledlg

ord8

ole32

OleInitialize
CoFreeUnusedLibraries
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoTaskMemAlloc
CoGetClassObject
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
OleUninitialize
CoRevokeClassObject

oleaut32

SysStringLen
SysAllocStringByteLen
SysFreeString
VariantChangeType
VariantCopy
SysAllocString
VariantTimeToSystemTime
VariantClear
OleCreateFontIndirect
SysAllocStringLen

Sections

.text
Size: 218KB - Virtual size: 217KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 41KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

eddb3672bd2e0d1f6e147a0980672cb2

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

shlwapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

oleaut32

Sections

.text Size: 218KB - Virtual size: 217KB

.rdata Size: 86KB - Virtual size: 86KB

.data Size: 10KB - Virtual size: 33KB

.pdata Size: 19KB - Virtual size: 18KB

.rsrc Size: 41KB - Virtual size: 42KB

.text
Size: 218KB - Virtual size: 217KB

.rdata
Size: 86KB - Virtual size: 86KB

.data
Size: 10KB - Virtual size: 33KB

.pdata
Size: 19KB - Virtual size: 18KB

.rsrc
Size: 41KB - Virtual size: 42KB