50ccdc7899935f2a8c505b5ce4315b9ebca4face1bfefd46b5a393710980b94f

Sharing

Copy URL Twitter E-mail

General

Target

50ccdc7899935f2a8c505b5ce4315b9ebca4face1bfefd46b5a393710980b94f
Size

409KB
MD5

84e50e60d977d49bdf1210230b01e510
SHA1

81a92033fee663c142ddd8b9dcc53833d0da3220
SHA256

50ccdc7899935f2a8c505b5ce4315b9ebca4face1bfefd46b5a393710980b94f
SHA512

d3bfb606f26d86d9922d3c7415760556246b405b3f99adadcd733db31462152cc040fa2155a1f1f92c6f88375e00de935a75c8662d1b54d268b999b565d9fc21
SSDEEP

6144:JC9gdRXsbRoI1/Mw+LHqV/ujF8bmasvEyMcFt4JT6QugjNFG/ReU8c:Vd1+6IJM5+V/uKbmhvWJGQuiGwM

Score

N/A

Malware Config

Signatures

Files

50ccdc7899935f2a8c505b5ce4315b9ebca4face1bfefd46b5a393710980b94f
.exe windows x86

8be7f544ea3369167b2e5488f060f673

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileStringA
FreeEnvironmentStringsW

user32

LoadStringW
CallWindowProcW
SendDlgItemMessageW
PostMessageW
TranslateMessage
LoadImageW
SystemParametersInfoW
CharNextW
DefWindowProcW
GetClientRect
SendMessageW
KillTimer
SetDlgItemTextW
ShowWindow
SetForegroundWindow
RegisterWindowMessageW
SetTimer
FindWindowW
UnregisterDeviceNotification
CreateWindowExW
LoadBitmapW
PostQuitMessage
DestroyWindow
GetMonitorInfoW
RegisterDeviceNotificationW
SetWindowPos
GetMessageW
DefDlgProcA
GetSystemMetrics
DispatchMessageW
EndDialog
CloseWindowStation
GetSysColorBrush
SetWindowLongW
MessageBoxW
SetWindowTextW
GetWindowLongW
MonitorFromRect
wsprintfW

shell32

DragQueryFileA

rpcrt4

I_RpcBindingInqTransportType
RpcServerInqBindings
NdrServerCall2
RpcBindingToStringBindingW
RpcServerUnregisterIf
NdrClientCall2
RpcBindingSetAuthInfoExW
RpcImpersonateClient
RpcStringBindingParseW
RpcServerRegisterIfEx
RpcBindingFree
RpcRevertToSelf
RpcBindingVectorFree
RpcBindingFromStringBindingW
RpcStringFreeW

winsta

WinStationQueryInformationW

setupapi

SetupDiEnumDeviceInterfaces
SetupDiOpenDevRegKey
SetupDiGetDeviceInstanceIdW
SetupDiOpenDeviceInterfaceW
SetupDiGetDeviceInterfaceAlias
SetupDiCreateDeviceInfoList
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsW
SetupDiOpenDeviceInfoW
SetupDiOpenDeviceInterfaceRegKey
SetupDiGetDeviceInterfaceDetailW

winspool.drv

WritePrinter

ntdll

RtlAcquireResourceShared
NtQueryVirtualMemory
RtlUnwind
RtlOpenCurrentUser
_wcsicmp
NtDuplicateToken
RtlDeleteResource
RtlAcquireResourceExclusive
wcstoul
NtClose
RtlInitializeResource
RtlReleaseResource

ole32

CoCreateInstance
CoUninitialize
CoInitialize
CLSIDFromString

comctl32

ImageList_Destroy
CreateStatusWindowW
ImageList_Create
ImageList_AddMasked

Sections

.text
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 157KB - Virtual size: 616KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8be7f544ea3369167b2e5488f060f673

Headers

File Characteristics

Imports

kernel32

user32

shell32

rpcrt4

winsta

setupapi

winspool.drv

ntdll

ole32

comctl32

Sections

.text Size: 128KB - Virtual size: 127KB

.data Size: 157KB - Virtual size: 616KB

.rdata Size: 25KB - Virtual size: 24KB

.rsrc Size: 98KB - Virtual size: 98KB

.text
Size: 128KB - Virtual size: 127KB

.data
Size: 157KB - Virtual size: 616KB

.rdata
Size: 25KB - Virtual size: 24KB

.rsrc
Size: 98KB - Virtual size: 98KB