4a7c60f21a45721df79b6ad80ee203c6b246b0b2a5215d5ac0ccc318591ad208

Sharing

Copy URL Twitter E-mail

General

Target

4a7c60f21a45721df79b6ad80ee203c6b246b0b2a5215d5ac0ccc318591ad208
Size

288KB
MD5

401576d327d4d37283838d5d74b25924
SHA1

a6341dc343c63d92df4a481ad3fc9bb0a1cace14
SHA256

4a7c60f21a45721df79b6ad80ee203c6b246b0b2a5215d5ac0ccc318591ad208
SHA512

999b40e622df3b9e81a9607559712aa872bf6480871b1013dc0fb1655732bad6a36c7b813f02c86d4a5a9ef46496dd9b370a59323752b8d04c287b7cdb166f2f
SSDEEP

6144:yqwKCbRTTaUyJbCn2r42dLBijibnNdIQYgw6w:TwlRaUcbC4BlNttJw

Score

N/A

Malware Config

Signatures

Files

4a7c60f21a45721df79b6ad80ee203c6b246b0b2a5215d5ac0ccc318591ad208
.exe windows x86

9e76929eb1a5b01887675c2ce755d316

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DuplicateHandle
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetVolumeInformationA
GetFileSize
GetFileTime
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetVersion
LocalAlloc
TlsAlloc
GlobalFree
GlobalUnlock
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
GetProcessVersion
SetErrorMode
FileTimeToSystemTime
FileTimeToLocalFileTime
GetCPInfo
GetOEMCP
RtlUnwind
GetStartupInfoA
ExitProcess
GetTimeZoneInformation
GetSystemTime
GetLocalTime
HeapFree
HeapAlloc
HeapReAlloc
HeapSize
GetACP
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
GetStringTypeA
GetStringTypeW
VirtualAlloc
SetStdHandle
CompareStringW
SetEnvironmentVariableA
SetLastError
LocalFree
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpiA
MultiByteToWideChar
WideCharToMultiByte
FindFirstFileA
FindClose
CreateDirectoryA
SuspendThread
GetThreadContext
ResumeThread
VirtualQuery
GetCurrentThread
GetFullPathNameA
GetCurrentProcess
FindResourceA
LoadResource
LockResource
GetFileAttributesA
CreateFileA
CompareStringA
lstrcatA
lstrcmpA
lstrcpyA
lstrlenA
lstrcpynA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetSystemDirectoryA
GetCommandLineA
InterlockedDecrement
InterlockedIncrement
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
GetSystemTimeAsFileTime
GetTempPathA
GetVersionExA
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
GetCurrentProcessId
GetTickCount
InterlockedExchange
SetUnhandledExceptionFilter
DeleteCriticalSection
InitializeCriticalSection
LoadLibraryA
FreeLibrary
TerminateProcess
GetModuleHandleA
GetProcAddress
OpenProcess
FormatMessageA
CreateProcessA
GetModuleFileNameA
GetShortPathNameA
GetLastError
GetCurrentDirectoryA
ReleaseMutex
Sleep
CreateMutexA
WaitForSingleObject
RaiseException
CloseHandle

user32

GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
GetSysColor
MapWindowPoints
LoadIconA
GetClassNameA
PtInRect
ClientToScreen
GetDC
ReleaseDC
TabbedTextOutA
DrawTextA
GrayStringA
LoadCursorA
GetSysColorBrush
LoadStringA
DestroyMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
DefWindowProcA
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
GetWindow
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
SetFocus
SetWindowPos
SetWindowLongA
GetDlgCtrlID
SetWindowTextA
GetDlgItem
GetSystemMetrics
wsprintfA
UnhookWindowsHookEx
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
IsWindowEnabled
GetWindowLongA
EnableWindow
SetCursor
PostMessageA
PostQuitMessage
CharUpperA
GetParent
ShowWindow
GetLastActivePopup
SetForegroundWindow
SendMessageA
GetWindowTextA
MessageBoxA
TranslateMessage
UnregisterClassA

gdi32

SetWindowExtEx
ScaleWindowExtEx
ScaleViewportExtEx
OffsetViewportOrgEx
GetDeviceCaps
GetObjectA
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportExtEx
SetBkColor
SetTextColor
SetViewportOrgEx
SetMapMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
CreateBitmap
GetClipBox
DeleteObject

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

FreeSid
GetUserNameA
RegSetValueExA
RegDeleteValueA
RegQueryValueExA
RegCreateKeyExA
RegOpenKeyExA
RegCloseKey

comctl32

ord17

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9e76929eb1a5b01887675c2ce755d316

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

version

Sections

.text Size: 124KB - Virtual size: 123KB

.rdata Size: 28KB - Virtual size: 26KB

.data Size: 16KB - Virtual size: 32KB

.rsrc Size: 16KB - Virtual size: 15KB

.text Size: 100KB - Virtual size: 100KB

.text
Size: 124KB - Virtual size: 123KB

.rdata
Size: 28KB - Virtual size: 26KB

.data
Size: 16KB - Virtual size: 32KB

.rsrc
Size: 16KB - Virtual size: 15KB

.text
Size: 100KB - Virtual size: 100KB