521e1b4d38561ff38d27f7027c9d607383d50970e1fa8821df2ef63720e62f49

Sharing

Copy URL Twitter E-mail

General

Target

521e1b4d38561ff38d27f7027c9d607383d50970e1fa8821df2ef63720e62f49
Size

269KB
MD5

4ddce8ab9a773d4a769e4f2131aff409
SHA1

d31ec4f60f71263c6a102d46ad798566544f2138
SHA256

521e1b4d38561ff38d27f7027c9d607383d50970e1fa8821df2ef63720e62f49
SHA512

e457f84cf0570dc7b6e16d1da98de477620c80652574ad3ce2b4eab806f6ce73562cb819d5d25ff10878e39b6bfef711676fe2ee07522295eeea174b3c85bb8e
SSDEEP

6144:cNbWosCBfAFm7evyAspDr3IQTbmLculjUf6/XTYGJ9:kyoBBYwfB/4QOAgjUz

Score

N/A

Malware Config

Signatures

Files

521e1b4d38561ff38d27f7027c9d607383d50970e1fa8821df2ef63720e62f49
.exe windows x86

6806c74324e25f1726959b00e448fb3a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winspool.drv

DocumentPropertiesA
StartPagePrinter
ClosePrinter
EndDocPrinter
DeletePrinterIC
PlayGdiScriptOnPrinterIC
OpenPrinterA
WritePrinter
ConnectToPrinterDlg

gdi32

CreateBitmap
RestoreDC
SetBkColor
GetStockObject
ExtTextOutA
GetObjectA
PtVisible
DeleteDC
SetMapMode
SaveDC
SetViewportOrgEx
CreateEllipticRgn
GetRelAbs
OffsetViewportOrgEx
GdiPlayDCScript
RectVisible
RoundRect
PtInRegion
GetClipBox
CreateDIBitmap
SetWindowExtEx
ScaleViewportExtEx
gdiPlaySpoolStream
DeleteObject
SetTextColor
SetViewportExtEx
SelectObject
Escape
TextOutA
GetDCPenColor
ScaleWindowExtEx
EnumEnhMetaFile
SelectClipRgn
GetDeviceCaps

advapi32

GetAclInformation
SetSecurityDescriptorControl
SystemFunction030
DestroyPrivateObjectSecurity
RegDeleteValueA
LsaEnumeratePrivileges
RegSetValueExA
ElfCloseEventLog
AddUsersToEncryptedFile
RegOpenKeyExA
RegCreateKeyExA
LsaICLookupNamesWithCreds
AddAccessDeniedAceEx
ElfOldestRecord
RegCloseKey
MSChapSrvChangePassword
LockServiceDatabase
SystemFunction016

comdlg32

dwOKSubclass
GetFileTitleA
LoadAlterBitmap

kernel32

InitializeSListHead
SetTimeZoneInformation
FlushInstructionCache
lstrcmpiA
SetConsoleCursorInfo
GlobalLock
SetFilePointer
SetConsoleScreenBufferSize
GetFileTime
GetOEMCP
GetDriveTypeA
LocalFree
SetCurrentDirectoryA
LoadLibraryA
IsBadCodePtr
FreeEnvironmentStringsW
CompareStringW
IsBadReadPtr
SetLastError
SetHandleCount
FreeLibrary
LocalAlloc
GetModuleFileNameA
GetCommandLineA
GetCurrentThread
ExitProcess
LoadResource
FindFirstFileA
CloseHandle
Toolhelp32ReadProcessMemory
GlobalFlags
HeapAlloc
FindClose
SystemTimeToTzSpecificLocalTime
MapUserPhysicalPages
GetFullPathNameA
GetVolumeInformationA
GetLastError
LCMapStringW
IsDebuggerPresent
FlushFileBuffers
GetVersionExA
GetProcessVersion
WriteFile
GetStdHandle
EnterCriticalSection
DosDateTimeToFileTime
HeapReAlloc
DuplicateHandle
HeapCreate
InterlockedDecrement
GetVersion
LeaveCriticalSection
LockResource
ClearCommError
Beep
GetACP
LCMapStringA
GetFileType
SetConsoleTextAttribute
GlobalFindAtomA
GetFileAttributesA
lstrcpyA
lstrcmpA
GetFileSize
SetEnvironmentVariableA
WritePrivateProfileStringA
ReleaseActCtx
DeleteFileA
TlsGetValue
GetThreadLocale
SetEndOfFile
InterlockedIncrement
GetStringTypeW
FileTimeToLocalFileTime
CompareStringA
LocalFileTimeToFileTime
VirtualFree
GlobalGetAtomNameA
GetTimeZoneInformation
RtlUnwind
UnhandledExceptionFilter
FindNextFileA
GetEnvironmentVariableA
GetSystemDirectoryA
TlsAlloc
GlobalUnlock
LocalReAlloc
FatalExit
GlobalReAlloc
GetStringTypeA
lstrcpynA
ReadFile
GetWindowsDirectoryA
CreateFileA
GetEnvironmentStringsW
SystemTimeToFileTime
RaiseException
TlsFree
FindResourceA
DeleteCriticalSection
SetUnhandledExceptionFilter
MulDiv
GetProcAddress
TlsSetValue
GlobalFree
MultiByteToWideChar
GetCurrentThreadId
SetSystemTime
HeapFree
GetModuleHandleA
FileTimeToSystemTime
HeapSize
SetConsoleCursorPosition
UnlockFile
GlobalHandle
GetStartupInfoA
SetStdHandle
GetCPInfo
SetFileAttributesA
IsBadWritePtr
HeapDestroy
FreeEnvironmentStringsA
SetFileTime
TerminateProcess
IsValidLocale
InitializeCriticalSection
LocalUnlock
lstrlenA
GetEnvironmentStringsA
GlobalAddAtomA
WideCharToMultiByte
GlobalAlloc
Sleep
GetCurrentProcess
SetErrorMode
VirtualAlloc
lstrcatA
GetCurrentDirectoryA
LockFile
GlobalDeleteAtom

user32

BeginPaint
CreateDialogIndirectParamA
GetParent
GetWindowRect
DrawTextA
GetClassLongA
SendDlgItemMessageA
GetMenuItemCount
CharUpperA
PostQuitMessage
EnableMenuItem
PostMessageA
IsWindowEnabled
SystemParametersInfoA
DispatchMessageA
MessageBoxA
SetWindowPos
GetSubMenu
GetPropA
EndPaint
SetWindowsHookExA
PtInRect
CallNextHookEx
DestroyMenu
GetWindowTextLengthA
CallWindowProcA
GetMessagePos
CheckMenuItem
EnableWindow
SetCursor
GetSystemMetrics
LoadCursorA
ValidateRect
ExitWindowsEx
GrayStringA
IsDialogMessageA
wsprintfA
SetActiveWindow
ModifyMenuA
DrawIcon
RegisterWindowMessageA
GetMessageA
TranslateMessage
DestroyWindow
IsIconic
GetMenu
UnhookWindowsHookEx
GetForegroundWindow
MapWindowPoints
GetMessageTime
GetFocus
RemovePropA
GetSysColorBrush
CreateWindowExA
ReleaseDC
GetTopWindow
DefWindowProcA
SetPropA
SetWindowLongA
EndDialog
SendMessageA
CopyRect
GetWindowPlacement
GetDlgCtrlID
GetCursorPos
GetWindowLongA
LoadIconA
GetWindowTextA
RegisterClassA
LoadBitmapA
UnregisterClassA
PeekMessageA
SetMenuItemBitmaps
IsWindow
GetClassInfoA
GetLastActivePopup
GetDC
GetSysColor
GetDlgItem
LoadStringA
GetClientRect
GetCapture
UpdateWindow
ClientToScreen
SetForegroundWindow
GetKeyState
GetNextDlgTabItem
GetMenuState
GetWindow
DdeEnableCallback
ShowWindow
GetClassNameA
IsWindowVisible
GetMenuCheckMarkDimensions
SetWindowTextA
TabbedTextOutA
WinHelpA
GetActiveWindow
GetMenuItemID

winmm

auxGetNumDevs
mmioAdvance
mciSetDriverData
mid32Message
waveOutGetPitch
mixerOpen

Sections

.text
Size: 186KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6806c74324e25f1726959b00e448fb3a

Headers

File Characteristics

Imports

winspool.drv

gdi32

advapi32

comdlg32

kernel32

user32

winmm

Sections

.text Size: 186KB - Virtual size: 185KB

.rdata Size: 17KB - Virtual size: 16KB

.data Size: 34KB - Virtual size: 35KB

.rsrc Size: 31KB - Virtual size: 30KB

.text
Size: 186KB - Virtual size: 185KB

.rdata
Size: 17KB - Virtual size: 16KB

.data
Size: 34KB - Virtual size: 35KB

.rsrc
Size: 31KB - Virtual size: 30KB