aa94336402597b52d0b87c804bf45ac6b8f445aa513d34e87e481b33ca959d9c

Sharing

Copy URL Twitter E-mail

General

Target

aa94336402597b52d0b87c804bf45ac6b8f445aa513d34e87e481b33ca959d9c
Size

451KB
MD5

80b843fe730654b3dd5654d55166b196
SHA1

646e3351b9bd75a92f86ef157f690888de79fd32
SHA256

aa94336402597b52d0b87c804bf45ac6b8f445aa513d34e87e481b33ca959d9c
SHA512

921a75355cc5ad13382851f7f7c9d24d43096461f3c50722b2c51cf8c38d258f20075567da31caefdfd15a41be4a8e6c914597f05857de9dac8b4d73a4083c0f
SSDEEP

12288:1hjAy8rGiyrt33seggTRf8z7ttttttttIWgjxDM:pKMrzTRC7tttttttt9d

Score

N/A

Malware Config

Signatures

Files

aa94336402597b52d0b87c804bf45ac6b8f445aa513d34e87e481b33ca959d9c
.exe windows x86

81eba609f09f83ae8dff82a3ad01aaef

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_SYSTEM
IMAGE_FILE_UP_SYSTEM_ONLY

Imports

kernel32

GetStringTypeW
LCMapStringW
CreateFileA
LoadLibraryW
MultiByteToWideChar
WriteConsoleW
Sleep
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
lstrcatA
DeleteCriticalSection
SetHandleCount
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
RtlUnwind
HeapSize
HeapReAlloc
FlushFileBuffers
SetEndOfFile
GetProcessHeap
lstrcpyA
GetVersion
CloseHandle
GetModuleHandleA
GetModuleFileNameA
FreeEnvironmentStringsW
HeapCreate
LoadLibraryA
GetProcAddress
CreateFileW
FreeLibrary
GetLastError
SetFilePointer
GetModuleFileNameW
GetStdHandle
ExitProcess
GetModuleHandleW
IsProcessorFeaturePresent
HeapFree
GetConsoleMode
GetConsoleCP
HeapAlloc
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RaiseException
DecodePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TerminateProcess
GetCurrentProcess
SetStdHandle
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
GetFileType
WriteFile
WideCharToMultiByte
ReadFile

user32

DialogBoxParamA
LoadCursorA
UpdateWindow
EndPaint
SetWindowRgn
SetTimer
RegisterClassExA
GetWindowDC
FillRect
KillTimer
DrawTextA
LoadStringA
CopyImage
LoadIconA
GetClientRect
SendMessageA
BeginPaint
GetDC
SetDlgItemInt
SetWindowLongA
MessageBoxA
InvalidateRect
GetWindowLongA
CreateWindowExA
ReleaseDC
GetDlgItem
EndDialog
DefWindowProcA
GetCursorPos
ShowWindow
CreatePopupMenu
CheckRadioButton
SetWindowTextA

gdi32

DeleteDC
SetBkMode
DeleteObject
SelectObject
CreateCompatibleDC
CombineRgn
CreateCompatibleBitmap
FillRgn
GetObjectA
GetStockObject
CreateSolidBrush
TextOutA
CreateEllipticRgn

winspool.drv

EnumPrintersA

comdlg32

FindTextA

advapi32

AdjustTokenGroups

secur32

InitializeSecurityContextA
AcquireCredentialsHandleA
AcceptSecurityContext

wtsapi32

WTSEnumerateSessionsA

Sections

.text
Size: 288KB - Virtual size: 287KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

81eba609f09f83ae8dff82a3ad01aaef

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

secur32

wtsapi32

Sections

.text Size: 288KB - Virtual size: 287KB

.rdata Size: 45KB - Virtual size: 45KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 102KB - Virtual size: 101KB

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 288KB - Virtual size: 287KB

.rdata
Size: 45KB - Virtual size: 45KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 102KB - Virtual size: 101KB

.reloc
Size: 9KB - Virtual size: 9KB