5dad20655eb0c3d8215f15618e3cc34e6475d28ac5f01e29b9839b4c2b067b58

Sharing

Copy URL Twitter E-mail

General

Target

5dad20655eb0c3d8215f15618e3cc34e6475d28ac5f01e29b9839b4c2b067b58
Size

276KB
MD5

0bab8b0d2bd320baaf19a33eee2def91
SHA1

6a8d30a4dda17040518a68e72c6562b836c86fc7
SHA256

5dad20655eb0c3d8215f15618e3cc34e6475d28ac5f01e29b9839b4c2b067b58
SHA512

8c10e9fa4c39c034ca1dd0c4048299d40bcc47487804c9b9a360e986607ec598be15353ca8d49a9b14324b1d90b2760ffe95619fa2af791031350c07ada10123
SSDEEP

3072:CAK5fb1MtWB4B2DIlp2tD2DLRyjjFpswqMkUCT7pFvxJVF3r8m3u:hK5jKb2tDtsMkNFvxJVxX

Score

N/A

Malware Config

Signatures

Files

5dad20655eb0c3d8215f15618e3cc34e6475d28ac5f01e29b9839b4c2b067b58
.exe windows x86

3e4f509a8562cf03657eed1a0a72c56d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
GetOEMCP
RtlUnwind
ExitProcess
HeapAlloc
HeapFree
TerminateProcess
RaiseException
HeapReAlloc
HeapSize
GetACP
UnhandledExceptionFilter
GetCommandLineA
FreeEnvironmentStringsW
GetEnvironmentStrings
SetFilePointer
GetStartupInfoA
TlsFree
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
InterlockedDecrement
InterlockedIncrement
SetFileAttributesA
DeleteFileA
FindFirstFileA
FindNextFileA
FindClose
RemoveDirectoryA
Sleep
OpenProcess
FlushFileBuffers
WriteFile
SetErrorMode
GetCurrentProcess
FreeLibrary
GetProcessVersion
LoadLibraryA
GlobalAddAtomA
GetVersion
GlobalGetAtomNameA
GetProcAddress
GlobalFindAtomA
GetModuleHandleA
lstrcatA
lstrcpyA
WritePrivateProfileStringA
TlsGetValue
GlobalFlags
GetEnvironmentStringsW
GlobalReAlloc
LocalReAlloc
WaitForSingleObject
TlsSetValue
SetHandleCount
GlobalHandle
CloseHandle
GlobalUnlock
GlobalFree
TlsAlloc
LocalAlloc
lstrcpynA
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetModuleFileNameA
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
LocalFree
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
GetStdHandle
GetFileType
FreeEnvironmentStringsA

user32

ShowWindow
GetWindowPlacement
IsIconic
SystemParametersInfoA
RegisterWindowMessageA
SetForegroundWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CreateWindowExA
DestroyWindow
DefWindowProcA
GetMenuItemID
GetSubMenu
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
GetSysColor
MapWindowPoints
LoadIconA
GetSysColorBrush
DestroyMenu
SetWindowLongA
SetFocus
GetSystemMetrics
GetDlgItem
GrayStringA
DrawTextA
TabbedTextOutA
ReleaseDC
GetDC
GetMenuItemCount
wsprintfA
UnhookWindowsHookEx
GetWindowTextA
SetWindowTextA
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
ClientToScreen
LoadCursorA
GetCapture
LoadStringA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
EnableWindow
SetWindowPos
SetCursor
SendMessageA
PostQuitMessage
PostMessageA
FindWindowA
GetClassNameA
UnregisterClassA

gdi32

CreateBitmap
DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject
SetBkColor
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
GetDeviceCaps
PtVisible
TextOutA
ExtTextOutA
RectVisible
GetObjectA
Escape
DeleteObject

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegSetValueExA

comctl32

ord17

Sections

.text
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

onbvewx
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 144KB - Virtual size: 141KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3e4f509a8562cf03657eed1a0a72c56d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

Sections

.text Size: 72KB - Virtual size: 69KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 16KB - Virtual size: 27KB

.rsrc Size: 16KB - Virtual size: 12KB

onbvewx Size: 8KB - Virtual size: 4KB

Size: 144KB - Virtual size: 141KB

.text
Size: 72KB - Virtual size: 69KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 16KB - Virtual size: 27KB

.rsrc
Size: 16KB - Virtual size: 12KB

onbvewx
Size: 8KB - Virtual size: 4KB