b1e1804852f3fcf95c52f4561296ec946f2748c67ae1deea802958665a30928b

Sharing

Copy URL Twitter E-mail

General

Target

b1e1804852f3fcf95c52f4561296ec946f2748c67ae1deea802958665a30928b
Size

310KB
MD5

e5253d623097a58dd0ce30d2c3e6a2ab
SHA1

8be15402ff0e910adc187bf313cbced61adce8ab
SHA256

b1e1804852f3fcf95c52f4561296ec946f2748c67ae1deea802958665a30928b
SHA512

885b9f7e910ea02d32beb1a48f7abfc71427f692a6031bae767587969242e19d2886bddc2a1156250faf6a2a9152d11a5fbc86aea28b434f0abbc00e2076d10b
SSDEEP

6144:lCkdq93JciOXlLrJ7I9sa8kdMiqOPmzQbU:lbdq9ZJaPLaP9qOPmEbU

Score

N/A

Malware Config

Signatures

Files

b1e1804852f3fcf95c52f4561296ec946f2748c67ae1deea802958665a30928b
.exe windows x86

31b598fa11270cc6495b02f59fdbbb44

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winspool.drv

FindFirstPrinterChangeNotification
OpenPrinterA
EnumPortsW
DeviceCapabilitiesW
SetPrinterW
FreePrinterNotifyInfo
DocumentPropertiesW
EnumJobsW
SetPrinterDataW
FindNextPrinterChangeNotification
ClosePrinter
ord204
SetJobW
OpenPrinterW
DocumentPropertiesA

user32

GetScrollInfo
MapWindowPoints
SetLayeredWindowAttributes
SetParent
InvertRect
EnumWindows
IsWindowVisible
SetWindowContextHelpId
InvalidateRect
GetSysColor
SetMenuDefaultItem
RegisterClipboardFormatA
WindowFromDC
ReuseDDElParam
GetWindowDC
SetPropW
RedrawWindow
GetSystemMenu
SetDlgItemInt
RegisterClassExA
IsWindow
LockWindowUpdate
SetForegroundWindow
GetParent
GetMenuStringA
TranslateAcceleratorW
SendDlgItemMessageA
OpenClipboard
GetSysColorBrush
LoadAcceleratorsA
RegisterClassW
SetFocus
FrameRect
GetAsyncKeyState
GetClassLongA
WinHelpA
GetMessageTime
RemovePropA
GetDlgItem
SetScrollPos
PostQuitMessage
FindWindowW
IsClipboardFormatAvailable
DispatchMessageA
ClientToScreen
GetMenuItemCount
IsChild
AppendMenuW
DestroyWindow
LoadCursorA
GetMenuCheckMarkDimensions
GetClientRect
FindWindowA
DrawMenuBar
DefMDIChildProcA
UnregisterClassA
ScrollWindow
GetDesktopWindow
GetTopWindow
DrawTextW
OffsetRect
LoadBitmapW
InsertMenuA
GetDlgItemTextA
CreateCaret
CopyAcceleratorTableA
SetWindowLongW
UnregisterHotKey
LoadMenuA
MessageBeep
GetMenuItemID
MapVirtualKeyA
AdjustWindowRectEx
CopyRect
GetWindowLongW
CreateDialogIndirectParamA
DispatchMessageW
HideCaret
DestroyMenu
GetMenuState
EqualRect
DialogBoxParamW
SetRectEmpty
DefWindowProcW
RemovePropW
LoadIconA
GetClassInfoA
SetActiveWindow
CharToOemA
EndPaint
GetClassNameA
EnableMenuItem
SendMessageA
EnableWindow
DestroyIcon
GetMenu
DrawIcon
LoadStringW
CallWindowProcA
DefWindowProcA
GetWindow
ScreenToClient
SetWindowsHookExA
CreateWindowExA
LoadCursorW
SetCursor
InsertMenuW
UpdateWindow
IsRectEmpty
SetWindowTextA
GetSubMenu
CreateIcon
SetCapture
FillRect
DestroyAcceleratorTable
KillTimer
TranslateMessage
SetWindowPos
DeferWindowPos
DefDlgProcA
SetScrollInfo
TranslateAcceleratorA
LoadBitmapA
DrawFrameControl
GetNextDlgGroupItem
GetClassInfoExA
CharUpperBuffA
DrawIconEx
CreateAcceleratorTableA
RegisterClassA
RegisterWindowMessageA
SetMenu
GetWindowPlacement
UnregisterClassW
CharLowerA
EmptyClipboard
wsprintfA
ExitWindowsEx
CreateDialogParamA
FindWindowExA
SetWindowRgn
GetPropA
IsMenu
GetIconInfo
CheckDlgButton
LoadIconW
DrawTextA
GetWindowTextLengthA
ExcludeUpdateRgn
IsWindowEnabled
SendMessageTimeoutA
IsDialogMessageW
MapDialogRect
SetWindowPlacement
GetMessageW
ShowWindow
ReleaseDC
GetScrollPos
ModifyMenuA
SetCursorPos
GetWindowRect
PostThreadMessageA
EndDeferWindowPos
GetFocus
GetActiveWindow
MessageBoxW
WindowFromPoint
SetScrollRange
CreateWindowExW
PostMessageA
GetDoubleClickTime
CreateAcceleratorTableW
SetMenuItemBitmaps
GetSystemMetrics
GetDlgCtrlID
GetDlgItemTextW
DeleteMenu
CheckMenuItem
LoadImageA
GetMessageA
SetClipboardData
UnionRect
GetScrollRange
IsIconic
GetWindowTextA
IsCharAlphaNumericA
GetDC
CallNextHookEx
CharUpperBuffW
TranslateMDISysAccel
GrayStringA
CopyIcon
ShowCaret
CharNextW
GetKeyboardLayout
PeekMessageA
SetTimer
IsWindowUnicode
GetMessagePos
ModifyMenuW
MoveWindow
ValidateRect
GetWindowLongA
SystemParametersInfoA
SetWindowLongA
TrackPopupMenu
SetPropA
keybd_event
GetClipboardData
SetDlgItemTextA
IsDialogMessageA
PtInRect
SetDlgItemTextW
CloseClipboard
UnpackDDElParam
BeginPaint
CallWindowProcW
GetCursorPos
ShowScrollBar
GetLastActivePopup
GetNextDlgTabItem
UnhookWindowsHookEx
BeginDeferWindowPos
SystemParametersInfoW
SetRect
DdeFreeDataHandle
MessageBoxA
RegisterClassExW
DrawEdge
DestroyCursor
AppendMenuA
GetKeyState
GetMenuDefaultItem
EndDialog
ChildWindowFromPoint
InflateRect
IsZoomed
DrawFocusRect
GetForegroundWindow
GetMenuItemInfoA
DdeInitializeA
LoadStringA
SetMenuItemInfoA
ReleaseCapture

comdlg32

GetSaveFileNameA
GetSaveFileNameW
GetOpenFileNameA
ChooseColorW
PrintDlgW
GetOpenFileNameW
CommDlgExtendedError
ChooseFontW
PageSetupDlgW

comctl32

ImageList_LoadImageW
ImageList_EndDrag
ImageList_SetOverlayImage
ImageList_SetBkColor
PropertySheetA
_TrackMouseEvent
ImageList_DragShowNolock
ImageList_DrawEx
ImageList_BeginDrag
ImageList_DragMove
ImageList_DragEnter
ImageList_Destroy
ImageList_Remove
ImageList_GetDragImage
ImageList_GetIcon
ImageList_Add
ImageList_GetImageInfo
ord17
ImageList_Merge
CreatePropertySheetPageW
ImageList_DragLeave
InitCommonControlsEx
DestroyPropertySheetPage
CreatePropertySheetPageA
ImageList_GetIconSize
ImageList_ReplaceIcon
ImageList_Replace
PropertySheetW
ImageList_Create
ImageList_AddMasked
CreateStatusWindowW
ImageList_Draw
ImageList_LoadImageA

kernel32

SetErrorMode
GetStringTypeA
GetDriveTypeA
CompareStringW
SetEndOfFile
OpenMutexW
CompareStringA
GetTempPathW
SizeofResource
GetThreadTimes
GetWindowsDirectoryA
GetDateFormatA
HeapSize
MultiByteToWideChar
GetLocaleInfoW
ExitProcess
CreateMutexW
IsValidCodePage
Sleep
GlobalAlloc
GetFileSize
CopyFileA
VirtualQuery
ConnectNamedPipe
SetUnhandledExceptionFilter
OpenMutexA
FindResourceW
FormatMessageA
SetHandleCount
GetConsoleMode
VirtualAlloc
IsDebuggerPresent
CompareFileTime
CloseHandle
GetModuleHandleW
TlsSetValue
FreeResource
GetSystemTime
GetTimeFormatA
GetCurrentDirectoryW
HeapReAlloc
GetFileType
InterlockedExchange
lstrcpyA
WritePrivateProfileStringW
HeapAlloc
CreateFileA
lstrcpyW
FreeLibrary
LockResource
SystemTimeToFileTime
FindNextFileW
GetTimeZoneInformation
LocalAlloc
MoveFileW
TlsFree
GetProfileStringA
SetFileAttributesA
FlushInstructionCache
GetProcAddress
GlobalReAlloc
LoadLibraryExW
HeapDestroy
UnlockFile
DeleteFileA
GetTempFileNameW
lstrcmpW
GlobalSize
GetCommandLineA
InterlockedIncrement
GetCurrentProcess
SetFilePointer
IsValidLocale
GetThreadLocale
LocalReAlloc
SetLastError
lstrcmpiA
LockFile
GlobalFlags
GetStartupInfoA
CreateEventA
FindNextFileA
GetModuleHandleA
GetACP
LeaveCriticalSection
TerminateProcess
GetProcessHeap
GetProcessVersion
LCMapStringA
GetCPInfo
GetExitCodeThread
GetTempPathA
FormatMessageW
GetTickCount
GlobalAddAtomA
InterlockedDecrement
CreateThread
GetStringTypeExA
GetSystemDirectoryA
DeleteCriticalSection
SetFileTime
CreateFileW
DosDateTimeToFileTime
WriteFile
EnterCriticalSection
GetDiskFreeSpaceA
GetSystemInfo
LCMapStringW
lstrcmpA
PeekNamedPipe
QueryPerformanceCounter
GetOEMCP
VirtualProtect
GetStdHandle
CreateEventW
SetStdHandle
LoadResource
GlobalDeleteAtom
LoadLibraryA
FreeEnvironmentStringsA
CreateSemaphoreA
IsBadReadPtr
GetShortPathNameA
GetTempFileNameA
GlobalHandle
WriteConsoleW
IsBadCodePtr
GetModuleFileNameA
VirtualFree
CreateProcessA
GetEnvironmentStringsW
GetFileTime
FindFirstFileW
GetFileInformationByHandle
MulDiv
TlsGetValue
EnumSystemLocalesA
GetStringTypeW
FileTimeToLocalFileTime
GetVersionExW
GlobalAddAtomW
GetUserDefaultLangID
GetFullPathNameA
FileTimeToSystemTime
MoveFileA
GetEnvironmentStrings
RaiseException
WaitForMultipleObjects
WriteConsoleA
GetVersionExA
FreeEnvironmentStringsW
UnmapViewOfFile
GetFileAttributesA
ExpandEnvironmentStringsA
SetEvent
RtlUnwind
FindFirstFileA
WideCharToMultiByte
FlushFileBuffers
GetLastError
GetCurrentThreadId
lstrcatA
GetCurrentProcessId
lstrcpynA
CreateDirectoryW
GetPrivateProfileStringA
GetUserDefaultLCID
DuplicateHandle
GetCommandLineW
ReleaseMutex
GetFileAttributesW
IsBadWritePtr
GlobalUnlock
GetModuleFileNameW
GlobalFindAtomA
GlobalFree
GetSystemTimeAsFileTime
CreateMutexA
SetEnvironmentVariableA
ReadFile
GetVolumeInformationA
WritePrivateProfileStringA
ConvertDefaultLocale
GetCurrentDirectoryA
GetLocaleInfoA
GetEnvironmentVariableA
HeapFree
GetVolumeInformationW
GlobalGetAtomNameA
InitializeCriticalSection
ResumeThread
LocalFree
InterlockedCompareExchange
UnhandledExceptionFilter
lstrlenA
FatalAppExitA
HeapCreate
FindClose
WaitForSingleObject
GetCurrentThread
TlsAlloc
GetVersion
GlobalLock

gdi32

PtVisible
DeleteMetaFile
SetMapMode
MaskBlt
GetTextExtentExPointA
CreateDIBSection
ResetDCA
SetColorAdjustment
GetTextFaceW
CreatePalette
PlayMetaFile
RectVisible
StartDocA
EnumFontFamiliesExW
CreateDiscardableBitmap
GetDCOrgEx
GetBitmapDimensionEx
OffsetWindowOrgEx
DrawEscape
GetMapMode
SelectClipPath
SetBkColor
Arc
GetTextAlign
EnumMetaFile
SetAbortProc
EnumFontFamiliesExA
GetTextColor
CreateHatchBrush
GetColorAdjustment
SelectPalette
CreateDIBPatternBrushPt
SetROP2
SetTextColor
ExtTextOutW
GetPaletteEntries
ExcludeClipRect
GetTextCharacterExtra
GetDIBits
MoveToEx
CloseFigure
Escape
OffsetViewportOrgEx
CreateICA
SetRectRgn
Polyline
CreatePatternBrush
FrameRgn
PlgBlt
GetTextExtentPoint32A
GdiComment
GetCharABCWidthsW
CreateICW
GetRegionData
GetTextExtentPoint32W
EndPath
GetBitmapBits
SetBitmapDimensionEx
TextOutW
EnumObjects
CreateRectRgn
InvertRgn
CreateCompatibleBitmap
SetMiterLimit
GetTextCharsetInfo
SetDIBitsToDevice
GetClipRgn
CreateFontIndirectA
PlayEnhMetaFile
GetNearestPaletteIndex
CreateBitmap
DeleteDC
CloseMetaFile
GetBkColor
PolyDraw
CreateEllipticRgnIndirect
StretchBlt
CreateDCW
RealizePalette
LineTo
PaintRgn
GetCharWidthA
CreateFontA
GetKerningPairsA
GetStockObject
OffsetRgn
CombineRgn
CreateBitmapIndirect
RestoreDC
StartPage
GetMiterLimit
PolyBezier
SetWindowExtEx
CreateDIBitmap
SetBrushOrgEx
AnimatePalette
GetRgnBox
CreateFontIndirectW
GetObjectType
LPtoDP
StretchDIBits
SetStretchBltMode
ScaleWindowExtEx
GetArcDirection
ExtSelectClipRgn
GetTextCharset
GetTextMetricsA
PatBlt
GetOutlineTextMetricsA
RoundRect
TextOutA
CreateRectRgnIndirect
PathToRegion
FillRgn
SetPolyFillMode
ExtTextOutA
Pie
GetTextExtentPointA
ScaleViewportExtEx
UpdateColors
SetPixelV
SetTextJustification
SetWindowOrgEx
PolyPolyline
GetCharWidthW
BitBlt
PlayMetaFileRecord
GetObjectA
GetViewportExtEx
GetPath
CreatePen
SaveDC
CreatePolyPolygonRgn
GetDeviceCaps
ExtCreateRegion
OffsetClipRgn
GetBoundsRect
GetViewportOrgEx
SetTextAlign
DeleteObject
PolyBezierTo
SetMapperFlags
GetCharWidth32W
SetBitmapBits
FillPath
ExtFloodFill
CreateDCA
WidenPath
GetAspectRatioFilterEx
CreatePenIndirect
CreateSolidBrush
AbortPath
SetViewportExtEx
Polygon
SetBkMode
SetViewportOrgEx
GdiFlush
GetCurrentObject
Rectangle
CreateFontW
GetClipBox
SelectObject
EqualRgn
StrokeAndFillPath
FloodFill
CreateCompatibleDC
BeginPath
GetObjectW
EndDoc
EnumFontFamiliesA
GetCharWidth32A
GetWindowOrgEx
CreatePolygonRgn
IntersectClipRect
GetWindowExtEx
SelectClipRgn
CreateMetaFileA
CreateEllipticRgn
GetBkMode
CreateHalftonePalette
ExtCreatePen
GetTextFaceA
ModifyWorldTransform
Ellipse
CreateBrushIndirect
GetCharABCWidthsFloatA
GetPixel
ArcTo
GetCharWidthFloatA
AngleArc
SetPixel
GetBrushOrgEx
FlattenPath
PtInRegion
EndPage
DPtoLP
SetPaletteEntries

advapi32

RegDeleteValueW
RegQueryValueExA
RegSetValueA
RegEnumValueW
SetSecurityDescriptorOwner
ConvertStringSecurityDescriptorToSecurityDescriptorW
IsValidSecurityDescriptor
OpenProcessToken
RegCreateKeyExW
CreateServiceA
RegSetValueExA
RegSetValueExW
DeleteService
RegDeleteValueA
StartServiceCtrlDispatcherA
OpenThreadToken
QueryServiceConfigA
RegCreateKeyExA
LookupPrivilegeValueA
LookupAccountSidW
CryptAcquireContextA
SetFileSecurityA
RegOpenKeyW
AccessCheck
RegEnumKeyExA
RegOpenKeyExA
CryptReleaseContext
GetLengthSid
AllocateAndInitializeSid
CloseServiceHandle
InitializeSecurityDescriptor
RegQueryInfoKeyA
AdjustTokenPrivileges
RegCreateKeyA
AddAccessAllowedAce
InitializeAcl
ImpersonateSelf
RegCreateKeyW
RegQueryInfoKeyW
DuplicateToken
SetSecurityDescriptorGroup
GetUserNameA
RegEnumKeyW
RegEnumValueA
QueryServiceStatus
OpenSCManagerA
RegCloseKey
RegQueryValueA
SetSecurityDescriptorDacl
StartServiceA
OpenServiceA
RegDeleteKeyA
RegEnumKeyA
SetTokenInformation
DeregisterEventSource
RegOpenKeyA
ControlService
RegQueryValueW
RegDeleteKeyW
GetFileSecurityA
ConvertStringSidToSidA
RegFlushKey

oleaut32

LoadTypeLi

Sections

.text
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 89KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

31b598fa11270cc6495b02f59fdbbb44

Headers

File Characteristics

Imports

winspool.drv

user32

comdlg32

comctl32

kernel32

gdi32

advapi32

oleaut32

Sections

.text Size: 74KB - Virtual size: 73KB

.rdata Size: 83KB - Virtual size: 83KB

.data Size: 89KB - Virtual size: 108KB

.rsrc Size: 62KB - Virtual size: 62KB

.text
Size: 74KB - Virtual size: 73KB

.rdata
Size: 83KB - Virtual size: 83KB

.data
Size: 89KB - Virtual size: 108KB

.rsrc
Size: 62KB - Virtual size: 62KB