787f44dea55194d4113da5c0a908f275bf2f1e1ff523838215b56ddd02296342

Sharing

Copy URL

Twitter E-mail

General

Target

787f44dea55194d4113da5c0a908f275bf2f1e1ff523838215b56ddd02296342
Size

248KB
MD5

90318df5a478ecea4da7058a81e0b722
SHA1

9b26ddc5a7c63cce5e58efe1aab01e778f68661c
SHA256

787f44dea55194d4113da5c0a908f275bf2f1e1ff523838215b56ddd02296342
SHA512

f5ab6bd005b339971a98fabd75010e3b5d74fd8a0a2baf98489bc8e03954869b484649942e9c362583fef0ec76bf93f42e05484ef978d02d58cb6e433e2bbd6f
SSDEEP

6144:fCtWmNivEzda8LZqo3VUQ6ar6ufeGIgaOwA:fUWmNiH8qCVUQB1feAwA

Score

N/A

Malware Config

Signatures

Files

787f44dea55194d4113da5c0a908f275bf2f1e1ff523838215b56ddd02296342
.exe windows x86

bf1fc2455c6e10cbd284616f3a1ee3cc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleUninitialize
OleFlushClipboard
CLSIDFromProgID
CoRegisterMessageFilter
OleIsCurrentClipboard

shell32

DragAcceptFiles
SHBrowseForFolderW
SHGetSpecialFolderLocation
SHFileOperationW

advapi32

RegQueryInfoKeyW
RegSetValueExW
RegCreateKeyW
RegDeleteKeyW
OpenProcessToken
RegDeleteValueW
RegCreateKeyExW
RegQueryValueExA
RegOpenKeyW
GetUserNameW
RegSetValueW
RegOpenKeyExW
RegQueryValueExW
RegQueryValueW
SetFileSecurityW
RegEnumKeyExW
GetFileSecurityW
RegCloseKey
RegEnumKeyW
RegOpenKeyExA

winspool.drv

DocumentPropertiesA
ord204
OpenPrinterA

comctl32

ImageList_GetImageCount
ImageList_GetIconSize
ImageList_Create
ImageList_GetIcon
ImageList_SetBkColor
ImageList_GetImageInfo
ImageList_BeginDrag
ord17
DestroyPropertySheetPage
PropertySheetA
ImageList_DrawEx
CreatePropertySheetPageA
ImageList_DragMove
ImageList_DragShowNolock
ImageList_Add
ImageList_EndDrag
ImageList_ReplaceIcon
ImageList_DragEnter
InitCommonControlsEx
ImageList_LoadImageA
ImageList_DragLeave
_TrackMouseEvent
ImageList_AddMasked
ImageList_Draw
ImageList_Destroy
ImageList_Remove

comdlg32

GetOpenFileNameA
GetFileTitleA

wininet

InternetConnectA
InternetAttemptConnect
InternetCloseHandle
InternetGetConnectedState
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetOpenA
InternetCheckConnectionA

gdi32

SetPolyFillMode
OffsetViewportOrgEx
GetDeviceCaps
GetObjectW
DeleteDC
CreateBitmap
CreateDCW
SelectObject
GetTextExtentPoint32W
StrokePath
Polygon
DeleteObject
SetWindowOrgEx

user32

DestroyWindow
CreateWindowExW
GetMenuItemCount
RegisterClassW
RegisterClassExW
ReleaseCapture
GetDlgItemInt
DefWindowProcW
GetWindow
ShowWindow
LoadStringW
GetKeyState
LoadBitmapW
GetWindowRect
GetParent
MessageBoxW
GetSystemMetrics
GetDlgItem
SetWindowLongW
UpdateWindow
CloseClipboard
SetTimer
LoadCursorW
DrawFocusRect
GetClassNameW
WinHelpW

kernel32

QueryPerformanceCounter
GetStringTypeW
GetModuleHandleW
GetVersion
SetHandleCount
RaiseException
CreateMutexW
GetStringTypeA
GetCurrentProcess
HeapFree
LCMapStringW
TlsGetValue
VirtualFree
GetEnvironmentStrings
GetCurrentThreadId
SetUnhandledExceptionFilter
GetCurrentProcessId
SetEnvironmentVariableA
IsBadCodePtr
UnhandledExceptionFilter
HeapCreate
HeapAlloc
GetTickCount
LoadLibraryA
HeapDestroy
InterlockedExchange
VirtualAlloc
SetLastError
SetFilePointer
SetStdHandle
GetSystemTime
VirtualQuery
HeapReAlloc
FlushFileBuffers
ReadFile
RtlUnwind
GetCommandLineW
WriteFile
TlsAlloc
GetEnvironmentStringsW
FreeEnvironmentStringsW
InitializeCriticalSection
LCMapStringA
GetFileType
GetProcAddress
GetTimeZoneInformation
InterlockedIncrement
FreeEnvironmentStringsA
GetLocalTime
DeleteCriticalSection
EnterCriticalSection
GetModuleHandleA
TlsSetValue
GetStartupInfoW
LeaveCriticalSection
WideCharToMultiByte
ExitProcess
GetStdHandle
CloseHandle
MultiByteToWideChar
LoadLibraryW
CompareStringW
GetLastError
GetCommandLineA
GetSystemTimeAsFileTime
GetCPInfo
GetStartupInfoA
CompareStringA
InterlockedDecrement
GetModuleFileNameA
TerminateProcess
GetModuleFileNameW

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf1fc2455c6e10cbd284616f3a1ee3cc

Headers

File Characteristics

Imports

ole32

shell32

advapi32

winspool.drv

comctl32

comdlg32

wininet

gdi32

user32

kernel32

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 72KB - Virtual size: 68KB

.data Size: 64KB - Virtual size: 88KB

.rsrc Size: 48KB - Virtual size: 44KB

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 72KB - Virtual size: 68KB

.data
Size: 64KB - Virtual size: 88KB

.rsrc
Size: 48KB - Virtual size: 44KB