a6af0023bf1397cec252ecc262f318438476a19d95b838482bb0a7e827039865

Sharing

Copy URL Twitter E-mail

General

Target

a6af0023bf1397cec252ecc262f318438476a19d95b838482bb0a7e827039865
Size

316KB
MD5

01a74ffb310e6fde5a4bc1b9097baff0
SHA1

4a492e128b51dd309ba7ace3c6409afbe9098b2a
SHA256

a6af0023bf1397cec252ecc262f318438476a19d95b838482bb0a7e827039865
SHA512

2c2d00697a2d59d565ce0a19300984d223b13da66b604d75a9ae125677ca90b2b4efe35ad80a674adfaaf3015ce42a27ffc6d7e67d52719473cb1faccdc1e2bb
SSDEEP

6144:/IemdEo2KOpsk/Cx+sjMFephU73i8SuwDlDz/f49oIkjST0A:gekE5KOpshljQepJuglHX/IyA

Score

N/A

Malware Config

Signatures

Files

a6af0023bf1397cec252ecc262f318438476a19d95b838482bb0a7e827039865
.exe windows x86

f925daf6f75503184f81b7590a0fa8db

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
Sleep
GetCurrentThreadId
GetTickCount
GlobalAlloc
GlobalFree
GetProcAddress
LoadLibraryA
GetModuleHandleA
ExitProcess
QueryPerformanceCounter
ExitThread
VirtualFree
CreateFileA
FreeLibrary
SetComputerNameA
GetOEMCP
SetThreadPriority
WaitForSingleObject
CloseHandle
TerminateThread
GetComputerNameA
GetModuleFileNameA
VirtualAlloc
VirtualProtect
GetProcessHeap
CreateThread
GetProcessVersion
GetCurrentProcessId
FlushFileBuffers
GetStringTypeW
GetCommandLineA
GetVersionExA
GetStringTypeA
OpenSemaphoreA
CreateMutexA
CreateSemaphoreA
OpenMutexA
ReleaseMutex
CreateEventA
CreateRemoteThread
GetLocaleInfoA
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetCPInfo
GetACP
VirtualQuery
InterlockedExchange
RtlUnwind
SetStdHandle
GetSystemInfo
GetSystemTimeAsFileTime
HeapReAlloc
WriteFile
SetFilePointer
GetCurrentProcess
TerminateProcess
GetStringTypeExA
LoadResource
GetPrivateProfileIntA
EnumCalendarInfoA
GetStdHandle
WideCharToMultiByte
HeapFree
HeapAlloc

gdi32

GetCharWidth32A
TextOutA
GdiFlush
GetCharWidthA
GetCharWidthFloatA
GetCharABCWidthsA
GetTextMetricsA

user32

FindWindowA
TranslateAcceleratorA
RegisterWindowMessageA
SetWindowLongA
MessageBeep
SendMessageA
EndPaint
DrawTextA
DrawTextExA
GetWindowLongA
MsgWaitForMultipleObjects
MessageBoxA
BeginPaint
ReleaseDC
GetDC
SetRect
DefWindowProcA
DestroyCaret
wsprintfA
SetCaretPos
PostQuitMessage
GetClientRect
MessageBoxW
ShowCaret
UnregisterHotKey
HideCaret

advapi32

GetAce

comctl32

ord17

ws2_32

WSAAddressToStringA

wldap32

ord143
ord20
ord25
ord10
ord11

winmm

timeBeginPeriod

ole32

GetClassFile
OleCreateMenuDescriptor

mprapi

MprAdminGetErrorString

winspool.drv

ClosePrinter
OpenPrinterA
AddPortA
EnumFormsA

oleacc

GetRoleTextW
GetRoleTextA

Sections

.text
Size: 264KB - Virtual size: 262KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 243KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.udatb
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f925daf6f75503184f81b7590a0fa8db

Headers

File Characteristics

Imports

kernel32

gdi32

user32

advapi32

comctl32

ws2_32

wldap32

winmm

ole32

mprapi

winspool.drv

oleacc

Sections

.text Size: 264KB - Virtual size: 262KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 8KB - Virtual size: 243KB

.udatb Size: 8KB - Virtual size: 5KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 264KB - Virtual size: 262KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 8KB - Virtual size: 243KB

.udatb
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 4KB