5b5e845c97199489d4fb1fda02ef52c9fc5d10d780704d5f1a12801aeddcdfa5

Sharing

Copy URL Twitter E-mail

General

Target

5b5e845c97199489d4fb1fda02ef52c9fc5d10d780704d5f1a12801aeddcdfa5
Size

304KB
MD5

0bd7a7488ca9910f239ddeb489a6bec1
SHA1

536e8455d0228c00014ac2f82728e109ff5e852b
SHA256

5b5e845c97199489d4fb1fda02ef52c9fc5d10d780704d5f1a12801aeddcdfa5
SHA512

f2ce7293d0b65c3760eeb1e15a5814e86a37aa9542866183c987e0ef18caca0785d292341093bc4696f437a30d5f92b181ce9693f3b06d000b1d576825c348d3
SSDEEP

6144:hYm+a7YH4bZmR0eOSwa8XmFNCwskdn28:hYm+bLaL9w1z

Score

N/A

Malware Config

Signatures

Files

5b5e845c97199489d4fb1fda02ef52c9fc5d10d780704d5f1a12801aeddcdfa5
.exe windows x86

115d92d5e1e97a705552c1baabf40492

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winspool.drv

DocumentPropertiesA
AddPrinterDriverA
EnumJobsA
OpenPrinterA
GetPrinterDriverDirectoryA
DeviceCapabilitiesA
AddPrinterA
ClosePrinter
EnumPrinterDriversA
ord204
GetPrinterA

ole32

CLSIDFromProgID
CreateILockBytesOnHGlobal
OleInitialize
OleRegGetMiscStatus
ReleaseStgMedium
StgCreateDocfileOnILockBytes
CoTaskMemFree
OleRegEnumVerbs
OleDuplicateData
OleFlushClipboard

shell32

SHGetFileInfoA
ExtractIconA
SHBrowseForFolderA
ord155
ShellExecuteA
DragQueryFileA
DragFinish
SHGetSpecialFolderLocation

gdi32

CreateEllipticRgn
DeleteDC
GetCharABCWidthsW
SetGraphicsMode
CreateRectRgn
CreateCompatibleDC
TextOutW
GetStockObject
CreateBitmap
GetObjectW
StartDocW
Polygon
CreateDCW
SetStretchBltMode
GetPixel
GetClipBox
GetDeviceCaps
RealizePalette
EnumFontFamiliesExW
SetViewportOrgEx
MoveToEx

oleaut32

LoadTypeLi

user32

SetWindowPos
GetWindowTextLengthW
DefWindowProcW
MessageBoxW
BringWindowToTop
GetSysColor
RegisterClassW
IsWindowVisible
FindWindowW
DrawFocusRect
SetCursor
RegisterClassExW
DestroyWindow
ShowWindow
CreateWindowExW

kernel32

FatalAppExitA
DeleteCriticalSection
GetEnvironmentStrings
SetFilePointer
UnhandledExceptionFilter
VirtualProtect
GetDateFormatA
ReadFile
ExitProcess
GetCommandLineA
QueryPerformanceCounter
FreeEnvironmentStringsA
InitializeCriticalSection
CompareStringA
GetLastError
LCMapStringA
HeapCreate
FlushFileBuffers
GetUserDefaultLCID
TlsSetValue
LCMapStringW
GetStartupInfoW
GetCurrentProcessId
IsBadWritePtr
GetLocaleInfoW
WriteFile
GetStringTypeW
GetCommandLineW
GetSystemInfo
IsValidLocale
TlsAlloc
VirtualFree
GetModuleHandleW
TlsGetValue
FreeEnvironmentStringsW
GetStdHandle
GetStartupInfoA
GetLocaleInfoA
GetCurrentProcess
GetTickCount
GetModuleHandleA
CloseHandle
GetProcAddress
TlsFree
GetACP
HeapDestroy
GetCurrentThreadId
SetLastError
InterlockedExchange
SetStdHandle
GetFileType
GetModuleFileNameA
MultiByteToWideChar
CreateMutexW
HeapFree
GetVersionExA
EnterCriticalSection
HeapSize
SetHandleCount
GetModuleFileNameW
HeapReAlloc
IsValidCodePage
GetSystemTimeAsFileTime
VirtualQuery
SetEnvironmentVariableA
HeapAlloc
GetCurrentThread
TerminateProcess
VirtualAlloc
GetTimeZoneInformation
GetOEMCP
GetTimeFormatA
CompareStringW
GetCPInfo
RtlUnwind
LoadLibraryA
LeaveCriticalSection
GetStringTypeA
GetEnvironmentStringsW
WideCharToMultiByte

comctl32

ImageList_Create
ImageList_LoadImageW
ImageList_Draw
ImageList_GetImageCount
ord17
ImageList_ReplaceIcon
ImageList_GetImageInfo
InitCommonControlsEx
DestroyPropertySheetPage
ImageList_AddMasked
ImageList_GetIcon
ImageList_SetImageCount
ImageList_Destroy
_TrackMouseEvent
ImageList_Add
ImageList_GetIconSize

Sections

.text
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

115d92d5e1e97a705552c1baabf40492

Headers

File Characteristics

Imports

winspool.drv

ole32

shell32

gdi32

oleaut32

user32

kernel32

comctl32

Sections

.text Size: 88KB - Virtual size: 84KB

.rdata Size: 128KB - Virtual size: 127KB

.data Size: 60KB - Virtual size: 67KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 88KB - Virtual size: 84KB

.rdata
Size: 128KB - Virtual size: 127KB

.data
Size: 60KB - Virtual size: 67KB

.rsrc
Size: 24KB - Virtual size: 23KB