9082d1c2ea2726cba5907812884503cb366690f4b123697b35cfbe10a4a1e7a2

Sharing

Copy URL

Twitter E-mail

General

Target

9082d1c2ea2726cba5907812884503cb366690f4b123697b35cfbe10a4a1e7a2
Size

294KB
MD5

468318747744cb055a3b64be292165f0
SHA1

1d8afacd3154ce70c150f1a1370e07e5720acb29
SHA256

9082d1c2ea2726cba5907812884503cb366690f4b123697b35cfbe10a4a1e7a2
SHA512

382468d1a48ab305e8951538bc801678acf1f2cf79ef0182d5e879555dd2d3f9f77cc069a896d7b9d1b5fe65c624588c4816a895afc5b157bf336989347fa9b6
SSDEEP

6144:uj4gtTdwFK7H2wHuiOO0fefTFBzkwVYx1PjAmapaUYrzp:+u//WfTJVYx1LAmam

Score

N/A

Malware Config

Signatures

Files

9082d1c2ea2726cba5907812884503cb366690f4b123697b35cfbe10a4a1e7a2
.exe windows x86

e02b6fe08d33a502a81cbaf60135f405

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winspool.drv

DeleteMonitorA
AddPrinterW
GetPrintProcessorDirectoryW
SetPrinterA

shlwapi

PathCompactPathExW
PathMakePrettyW
PathRemoveFileSpecA
StrToIntA
PathFileExistsA
PathSkipRootA
PathRemoveExtensionW
PathSetDlgItemPathA
PathIsRelativeW
StrCmpNA
StrCSpnA
PathFindFileNameA
PathIsSameRootA
PathMakePrettyA
StrToIntExA
PathSetDlgItemPathW
PathIsPrefixA
ChrCmpIA

netapi32

NetServerTransportDel
NetServerSetInfo
NetServerTransportAdd
NetFileClose

pdh

PdhGetCounterInfoW
PdhGetRawCounterArrayW
PdhCloseLog
PdhOpenLogA

imagehlp

UnMapAndLoad
MapFileAndCheckSumW
ImageDirectoryEntryToData
GetTimestampForLoadedLibrary
SymGetSymPrev

ole32

OleIsRunning

nddeapi

ord607

gdi32

CreateMetaFileA
CreateRectRgn

clusapi

CreateClusterNotifyPort
RemoveClusterResourceNode
ClusterRegGetKeySecurity
OnlineClusterResource
ClusterNetworkCloseEnum
ClusterNetworkEnum

setupapi

SetupDiOpenDeviceInfoA
SetupDiDestroyDriverInfoList
SetupAddToSourceListW
SetupPromptReboot
SetupDiDeleteDeviceInterfaceData
SetupQueryDrivesInDiskSpaceListW
SetupGetSourceFileSizeA
SetupDiGetClassBitmapIndex
SetupDiGetClassInstallParamsW
SetupDuplicateDiskSpaceListW
SetupCloseInfFile
SetupQueueCopyW
SetupGetStringFieldA
SetupDiGetDeviceInstallParamsA
SetupRemoveFromSourceListW
SetupFreeSourceListA
SetupDiGetDriverInfoDetailA
SetupQueueRenameSectionW
SetupDiDeleteDeviceInterfaceRegKey
SetupDiClassNameFromGuidExA
SetupDiGetSelectedDevice
SetupDiGetClassDevPropertySheetsW
SetupOpenInfFileW
SetupDiCancelDriverInfoSearch
SetupDecompressOrCopyFileA
SetupGetBinaryField
SetupGetFileCompressionInfoW
SetupInstallFileA
SetupDiGetClassInstallParamsA
SetupInstallServicesFromInfSectionExA
SetupDiGetClassImageListExW
SetupDiCreateDeviceInfoW
SetupDiCreateDevRegKeyA
SetupQueryInfFileInformationW
SetupDiGetSelectedDriverA

shell32

SHGetFileInfoA

msvcrt

_except_handler3
__dllonexit
__p__fmode
_onexit
__p__commode
_adjust_fdiv
__set_app_type
_controlfp
exit
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm
__setusermatherr

oleaut32

SystemTimeToVariantTime
VarOr
VarDecFromR8
VariantTimeToDosDateTime
VarUI1FromI1

rpcrt4

I_RpcBindingInqTransportType
NDRcopy
RpcMgmtSetServerStackSize
MesBufferHandleReset
RpcEpRegisterW
RpcSmFree
NdrServerMarshall
NdrConformantStructMarshall
NDRSContextMarshallEx
NdrConformantArrayUnmarshall
RpcServerUseProtseqIfW
NdrConformantArrayBufferSize
RpcMgmtStatsVectorFree

user32

ShowWindow
UpdateWindow
EnumChildWindows
DlgDirListComboBoxW
ArrangeIconicWindows
CallMsgFilterW

comdlg32

GetOpenFileNameW

winmm

waveInReset
mmioClose
auxGetDevCapsW
waveOutGetErrorTextW
mmioDescend
mixerSetControlDetails
midiInPrepareHeader
mmioRenameA
waveInUnprepareHeader
midiDisconnect
waveOutReset
midiStreamPause

urlmon

IsAsyncMoniker
CreateFormatEnumerator
URLOpenPullStreamA
CoInternetGetProtocolFlags

imm32

ImmSetCompositionWindow
ImmGetConversionListA
ImmRegisterWordW
ImmGetCompositionFontA
ImmGetStatusWindowPos
ImmDestroyContext

kernel32

GetStartupInfoA
GetModuleHandleA

advapi32

SetTokenInformation
GetSidLengthRequired
OpenSCManagerA
BuildExplicitAccessWithNameW
GetMultipleTrusteeOperationA
BackupEventLogA
GetTrusteeNameW
GetAce
BuildTrusteeWithSidW
FreeSid
RegEnumKeyExA
GetTrusteeTypeW
BuildImpersonateTrusteeW
RegisterServiceCtrlHandlerW
IsTokenRestricted
BuildSecurityDescriptorW
GetExplicitEntriesFromAclA
GetTrusteeNameA
ImpersonateNamedPipeClient
RegEnumKeyW
RegCreateKeyExA
ChangeServiceConfig2A
RegisterEventSourceW
LsaEnumerateAccountRights
RegFlushKey
DecryptFileW
RegSetValueA
AllocateAndInitializeSid
StartServiceCtrlDispatcherA
GetTrusteeTypeA
AddAccessAllowedAce
GetTrusteeFormA
AdjustTokenGroups
AccessCheckAndAuditAlarmW
RegGetKeySecurity
LsaLookupSids
LookupAccountNameW
LsaQueryTrustedDomainInfo
LsaStorePrivateData
GetServiceDisplayNameW

wininet

FindNextUrlCacheEntryA
InternetSetStatusCallback
HttpAddRequestHeadersW
InternetCheckConnectionW
FtpRenameFileW
FtpFindFirstFileW

comctl32

ImageList_GetImageInfo
ImageList_Draw
ImageList_BeginDrag
ImageList_Create
ImageList_Replace
ImageList_SetIconSize
ord16
DestroyPropertySheetPage
FlatSB_GetScrollInfo
ord5
ImageList_Read
ImageList_GetDragImage
ord2
ImageList_DragEnter
ImageList_EndDrag

resutils

ClusWorkerCreate
ResUtilGetPrivateProperties
ResUtilVerifyResourceService
ResUtilSetDwordValue
ResUtilEnumProperties
ResUtilGetDwordValue
ResUtilFindSzProperty
ClusWorkerCheckTerminate
ClusWorkerTerminate

Sections

.text
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e02b6fe08d33a502a81cbaf60135f405

Headers

File Characteristics

Imports

winspool.drv

shlwapi

netapi32

pdh

imagehlp

ole32

nddeapi

gdi32

clusapi

setupapi

shell32

msvcrt

oleaut32

rpcrt4

user32

comdlg32

winmm

urlmon

imm32

kernel32

advapi32

wininet

comctl32

resutils

Sections

.text Size: 44KB - Virtual size: 41KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 4KB - Virtual size: 368KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 44KB - Virtual size: 41KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 4KB - Virtual size: 368KB

.rsrc
Size: 4KB - Virtual size: 2KB