f9250b0b894894c824126a61be67e6ab3d1ec042b45c46701f2f6dde14987b39

Sharing

Copy URL Twitter E-mail

General

Target

f9250b0b894894c824126a61be67e6ab3d1ec042b45c46701f2f6dde14987b39
Size

412KB
MD5

a37b09ac5438ecb9dcf7981c2fa5df7a
SHA1

b6335d5f73a35a32032b2eb7e4abbdffc67b78fa
SHA256

f9250b0b894894c824126a61be67e6ab3d1ec042b45c46701f2f6dde14987b39
SHA512

3764a3d800e15a2c98301ef8e67b0e97e1d3dc430386213b59dd0daeac54959a0bfcd015e3b17f50ddb94042669982c096bc3d639222452b48632997241b2538
SSDEEP

6144:ZpOl8dBOFNYEy4Fmmg+bm8MyNS46QsXRGy5cZ9A:ZpOOyFV1q8N96Q+GlDA

Score

N/A

Malware Config

Signatures

Files

f9250b0b894894c824126a61be67e6ab3d1ec042b45c46701f2f6dde14987b39
.exe windows x64

450d4f12b0f0e7ce4c0fe230de9c5934

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

FileTimeToLocalFileTime
GetFileAttributesA
GetFileSize
GetFileTime
RtlUnwindEx
HeapFree
HeapAlloc
GetCommandLineA
GetProcessHeap
GetStartupInfoA
RaiseException
RtlPcToFileHeader
ExitProcess
HeapSize
HeapReAlloc
GetACP
HeapSetInformation
HeapCreate
FileTimeToSystemTime
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
GetLocaleInfoA
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
VirtualQuery
GetSystemInfo
VirtualAlloc
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
SetErrorMode
GetThreadLocale
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
GlobalFlags
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetProcessVersion
FindResourceExA
MulDiv
SetLastError
GetCurrentThread
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
GetModuleFileNameA
FreeResource
GetVersion
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcpynA
GetModuleHandleA
GetProcAddress
GetVersionExA
MultiByteToWideChar
WideCharToMultiByte
VirtualProtect
FindResourceA
LoadResource
LockResource
GlobalFree
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
CreateProcessA
GetWindowsDirectoryA
GetTickCount
Sleep
lstrcmpA
lstrcatA
CreateFileA
GetCommState
SetCommState
SetupComm
SetCommTimeouts
DeviceIoControl
PurgeComm
WriteFile
ReadFile
lstrcpyA
lstrlenA
CreateMutexA
GetLastError
ReleaseMutex
CloseHandle
LocalFree

user32

CharUpperA
RegisterClipboardFormatA
PostThreadMessageA
SetRect
DestroyMenu
PtInRect
GetDesktopWindow
GetClassNameA
LoadCursorA
GetSysColorBrush
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextA
TabbedTextOutA
SetWindowContextHelpId
GetMessageA
TranslateMessage
ValidateRect
GetCursorPos
SetCursor
PostQuitMessage
CreateDialogIndirectParamA
EndDialog
LoadStringA
SetMenuItemBitmaps
GetNextDlgTabItem
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
MoveWindow
SetWindowTextA
IsDialogMessageA
CheckRadioButton
RegisterWindowMessageA
WinHelpA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
DispatchMessageA
IsWindow
IsChild
GetWindowLongPtrA
GetMessageTime
GetMessagePos
SetWindowLongPtrA
GetTopWindow
MessageBoxA
GetKeyState
DestroyWindow
GetForegroundWindow
SetForegroundWindow
PeekMessageA
GetLastActivePopup
IsWindowVisible
MapWindowPoints
UpdateWindow
GetSysColor
GetMenu
GetSubMenu
AdjustWindowRectEx
GetMenuItemID
GetMenuItemCount
ScreenToClient
GetClassInfoA
RegisterClassA
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
MessageBeep
GetNextDlgGroupItem
CopyAcceleratorTableA
OffsetRect
SystemParametersInfoA
GetWindowPlacement
CopyRect
GetWindow
MapDialogRect
SetWindowPos
ShowWindow
GetCapture
GetActiveWindow
SetActiveWindow
GetAsyncKeyState
GetFocus
SetFocus
GetWindowRect
PostMessageA
GetWindowLongA
GetParent
GetDlgItem
IsWindowEnabled
GetSystemMetrics
LoadIconA
GetClientRect
IsIconic
DrawIcon
CharPrevA
CharNextA
wsprintfA
SendMessageA
EnableWindow
UnhookWindowsHookEx
UnregisterClassA

gdi32

EnumFontFamiliesExA
DeleteDC
GetBkColor
GetTextColor
DPtoLP
LPtoDP
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
GetDeviceCaps
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetStockObject
GetMapMode
DeleteObject
SetMapMode
RestoreDC
SaveDC
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
SelectObject

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

OpenSCManagerA
SetEntriesInAclA
BuildExplicitAccessWithNameA
GetNamedSecurityInfoA
RegCreateKeyExA
SetNamedSecurityInfoA
OpenServiceA
CreateServiceA
CloseServiceHandle
StartServiceA
QueryServiceStatus
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

comctl32

DestroyPropertySheetPage
CreatePropertySheetPageA
PropertySheetA
ord17

oledlg

ord8

ole32

OleInitialize
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoTaskMemAlloc
CoGetClassObject
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
CoRevokeClassObject
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoFreeUnusedLibraries

oleaut32

SysStringLen
SysAllocStringByteLen
VariantChangeType
VariantCopy
SysAllocString
VariantTimeToSystemTime
VariantClear
OleCreateFontIndirect
SysAllocStringLen
SysFreeString

Sections

.text
Size: 253KB - Virtual size: 252KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

450d4f12b0f0e7ce4c0fe230de9c5934

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

oledlg

ole32

oleaut32

Sections

.text Size: 253KB - Virtual size: 252KB

.rdata Size: 95KB - Virtual size: 94KB

.data Size: 11KB - Virtual size: 34KB

.pdata Size: 20KB - Virtual size: 20KB

.rsrc Size: 20KB - Virtual size: 20KB

.text
Size: 253KB - Virtual size: 252KB

.rdata
Size: 95KB - Virtual size: 94KB

.data
Size: 11KB - Virtual size: 34KB

.pdata
Size: 20KB - Virtual size: 20KB

.rsrc
Size: 20KB - Virtual size: 20KB