b2022f7ef5936c3ee76d39b16ffd4b421576937ca4687bfb210b4035fc28c371

Sharing

Copy URL Twitter E-mail

General

Target

b2022f7ef5936c3ee76d39b16ffd4b421576937ca4687bfb210b4035fc28c371
Size

195KB
MD5

e417f3ca25f433295ac941c40a3fb980
SHA1

db1ef0386935225987aa9e301d2ce423f37341c5
SHA256

b2022f7ef5936c3ee76d39b16ffd4b421576937ca4687bfb210b4035fc28c371
SHA512

a41cb6c2f52cec04bc98f51cd7ea39ab5883a2bd3bfb58f0c3a21492d71bd0d263216ab2d51b4c9df2157df2b6bc0ac8f8ac5d989d01c6a1da4423b0abc43f92
SSDEEP

6144:FCZux3edKQYE0KBL9mMt23n2npOIbjH1vBv2a:FCZWudK57KBL9m132nppbJp3

Score

N/A

Malware Config

Signatures

Files

b2022f7ef5936c3ee76d39b16ffd4b421576937ca4687bfb210b4035fc28c371
.exe windows x86

59a3f103b5ecad58eda03c2ebdff132f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
WaitForSingleObject
SetEvent
FreeEnvironmentStringsA
GetCurrentThread
VirtualFree
GetWindowsDirectoryA
WriteFile
GetEnvironmentStrings
SizeofResource
CreateSemaphoreA
ReadFile
GetSystemDirectoryA
ExitThread
GetStdHandle
GetLastError
GetThreadLocale
LoadResource
ResetEvent
LoadLibraryA
LocalAlloc
LockResource
CreateMutexA
GetCurrentDirectoryA
GetCurrentThreadId
OutputDebugStringA
GetVersionExA
GetVersion
DebugBreak
LocalFree
SuspendThread
ResumeThread
DeleteFileA
lstrcpyA
FreeLibrary
lstrlenA
SetFilePointer
FindResourceA
VirtualAlloc
ExitProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
IsDebuggerPresent

advapi32

GetUserNameA

user32

DispatchMessageA
GetSysColor
GetDesktopWindow
ReleaseDC
CreateWindowExA
InSendMessageEx
MessageBoxA
CopyIcon
GetForegroundWindow
GetCapture
GetDC
WaitMessage
GetDoubleClickTime
BeginPaint
SendMessageA
GetClientRect
wsprintfA
GetProcessWindowStation
LoadIconA
GetCursor
GetFocus
SetDoubleClickTime
IsZoomed
IsChild
CreateDialogParamA
CloseClipboard
GetMessageA
EndPaint
GetSystemMetrics
IsWindowVisible
CloseWindow
UpdateWindow
LoadCursorA
GetCaretBlinkTime
InSendMessage
GetMessageTime
RegisterClassA
GetWindow
GetParent
OpenClipboard
EndMenu

ole32

OleUninitialize
CoUninitialize
CoFreeAllLibraries
CoFreeUnusedLibraries
CoInitialize

gdi32

MoveToEx
DeleteDC
LineTo

shlwapi

SHReleaseThreadRef

shell32

DragFinish
DuplicateIcon

winmm

timeGetTime

version

VerQueryValueA
GetFileVersionInfoSizeA

winspool.drv

ClosePrinter
GetPrinterDriverA

ntdll

_chkstk

Sections

.text
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ioob
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

59a3f103b5ecad58eda03c2ebdff132f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

ole32

gdi32

shlwapi

shell32

winmm

version

winspool.drv

ntdll

Sections

.text Size: 126KB - Virtual size: 126KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 1KB - Virtual size: 3KB

.ioob Size: 43KB - Virtual size: 43KB

.rsrc Size: 12KB - Virtual size: 12KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 126KB - Virtual size: 126KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 1KB - Virtual size: 3KB

.ioob
Size: 43KB - Virtual size: 43KB

.rsrc
Size: 12KB - Virtual size: 12KB

.reloc
Size: 6KB - Virtual size: 5KB