d6dcb4d1af131cf5df73440f028f67b0e2c9ede4a69df4ccee2fe4b35b2b01f8

Sharing

Copy URL Twitter E-mail

General

Target

d6dcb4d1af131cf5df73440f028f67b0e2c9ede4a69df4ccee2fe4b35b2b01f8
Size

424KB
MD5

109d566126b54f5b4947ac6173620549
SHA1

8d2329a1a672c5632bcb827e0507ab8117d0069b
SHA256

d6dcb4d1af131cf5df73440f028f67b0e2c9ede4a69df4ccee2fe4b35b2b01f8
SHA512

61500cd19e7cd3fa66b207be913c9952fe095b9dd080d3b8a8ab6ad24f0834666a41b509dae79b73f5ef13413fb64aac1e22dfb00edf7565098b7a672bdcabb6
SSDEEP

6144:AxsHsN02CVZl4GvYdD1e7C6TJICgxu/xzD:IIXvK1yn

Score

N/A

Malware Config

Signatures

Files

d6dcb4d1af131cf5df73440f028f67b0e2c9ede4a69df4ccee2fe4b35b2b01f8
.exe windows x86

60860471c604492fd017c47d7519443c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumResourceNamesA
GetComputerNameA
GetModuleHandleA
HeapAlloc
GetProcessHeap
LockResource
GetVersion
GetDriveTypeA
GetVolumeInformationA
GetVersionExA
GetProcAddress
GetDiskFreeSpaceA
SearchPathA
GetCurrentDirectoryA
SetCurrentDirectoryA
MulDiv
HeapFree
HeapReAlloc
VirtualFree
CreateMutexA
CloseHandle
GetSystemInfo
ExpandEnvironmentStringsA
GetLastError
SetThreadPriority
GetCurrentThread
GetThreadPriority
GetCurrentProcess
QueryPerformanceFrequency
QueryPerformanceCounter
FindResourceA
LoadResource
GetModuleFileNameA
FreeLibrary
WriteFile
DeleteFileA
LCMapStringW
LCMapStringA
FlushFileBuffers
SetStdHandle
GetACP
GetCPInfo
GetOEMCP
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
InterlockedDecrement
IsBadCodePtr
InterlockedIncrement
SetUnhandledExceptionFilter
IsBadReadPtr
HeapCreate
HeapDestroy
IsBadWritePtr
GetFileType
GetStdHandle
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
SetHandleCount
FreeEnvironmentStringsW
FreeEnvironmentStringsA
WideCharToMultiByte
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
TlsAlloc
SetLastError
GetCurrentThreadId
GetLocalTime
TlsSetValue
GetTimeZoneInformation
ExitProcess
SetEnvironmentVariableA
CompareStringW
CompareStringA
FindFirstFileA
FindClose
GetCommandLineA
GetStartupInfoA
RtlUnwind
UnmapViewOfFile
CreateFileMappingA
OpenFileMappingA
MapViewOfFile
SetFilePointer
VirtualAlloc
DeleteCriticalSection
InitializeCriticalSection
ReleaseMutex
WaitForSingleObject
GetTickCount
GetTimeFormatA
lstrlenA
GetDateFormatA
CreateFileA
ReadFile
GetFileSize
GetTempFileNameA
GetSystemTime
LeaveCriticalSection
EnterCriticalSection
FindNextFileA
CopyFileA
MoveFileA
CreateDirectoryA
GetFileTime
GetWindowsDirectoryA
GetSystemDirectoryA
LoadLibraryA
GlobalMemoryStatus

user32

SetTimer
GetDesktopWindow
GetParent
MessageBoxA
LoadStringA
ReleaseDC
KillTimer
GetDC
DrawFocusRect
FillRect
GetSysColor
GetDlgCtrlID
GetWindowLongA
MessageBeep
InvalidateRect
CallWindowProcA
SetFocus
WinHelpA
EnableWindow
SetWindowTextA
IsDlgButtonChecked
DialogBoxParamA
RegisterClassA
SetForegroundWindow
CreateWindowExA
PostQuitMessage
LoadIconA
DefWindowProcA
RemoveMenu
UpdateWindow
LoadAcceleratorsA
GetSubMenu
GetMenu
TranslateMessage
GetMessageA
DispatchMessageA
GetWindowTextA
FindWindowA
GetWindowTextLengthA
PtInRect
MapDialogRect
ScreenToClient
LoadCursorA
ClientToScreen
TranslateAcceleratorA
GetMenuItemInfoA
IsWindowVisible
SetCursor
GetClientRect
IsIconic
IsZoomed
SetMenuItemInfoA
GetCursorPos
LoadMenuA
DestroyMenu
TrackPopupMenu
PostMessageA
DestroyWindow
GetWindowRect
BeginPaint
SendMessageA
PeekMessageA
wsprintfA
GetDlgItemTextA
SetDlgItemTextA
SendDlgItemMessageA
CreateDialogParamA
EndPaint
MapWindowPoints
LoadImageA
SetWindowLongA
GetSystemMetrics
MoveWindow
ShowWindow
GetDlgItem
EndDialog

gdi32

DeleteObject
GetObjectA
GetTextMetricsA
CreateFontIndirectA
GetDeviceCaps
GetStockObject
SelectObject
BitBlt
CreateCompatibleDC
ExtTextOutA
SetTextColor
GetTextExtentPointA
SetBkColor
CreateDCA
SetBkMode
DeleteDC
UpdateColors
SelectPalette
GetTextExtentPoint32A
GetDIBColorTable
RealizePalette
CreateHalftonePalette
CreatePalette

winspool.drv

EnumPrintersA
EnumPrinterDriversA

comdlg32

GetSaveFileNameA

advapi32

RegOpenKeyA
GetUserNameA
RegQueryValueA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
CloseServiceHandle
EnumServicesStatusA
OpenSCManagerA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegCreateKeyA

shell32

ShellExecuteA

comctl32

PropertySheetA
ord6
ord17

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

Sections

.text
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 184KB - Virtual size: 182KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

60860471c604492fd017c47d7519443c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

comctl32

version

Sections

.text Size: 188KB - Virtual size: 187KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 28KB - Virtual size: 32KB

.rsrc Size: 184KB - Virtual size: 182KB

.text
Size: 188KB - Virtual size: 187KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 28KB - Virtual size: 32KB

.rsrc
Size: 184KB - Virtual size: 182KB