adb5a698d531f473bb1fdfe584af4c354918f373f49fd1f0f97cb9a96349fea1

Sharing

Copy URL Twitter E-mail

General

Target

adb5a698d531f473bb1fdfe584af4c354918f373f49fd1f0f97cb9a96349fea1
Size

548KB
MD5

a0ed167e4f8114ade8808f804fe27500
SHA1

2e7d6e8ca68ac271d3bbcc3834c73681cc9b6a70
SHA256

adb5a698d531f473bb1fdfe584af4c354918f373f49fd1f0f97cb9a96349fea1
SHA512

73a2732e6c441a80f37e25d8b8afd64409d9b99ecd8a92372e0284624cd3f0c8623595460e2986c5ef8c499e793f01be065144574174de6929951b4f3b952ec0
SSDEEP

12288:0xeZiCMhq4whLzehPIp9TOjXVHGbKaW60b7eX8vE:0gZiCMKhLzehAXTOjXMbVmy8vE

Score

N/A

Malware Config

Signatures

Files

adb5a698d531f473bb1fdfe584af4c354918f373f49fd1f0f97cb9a96349fea1
.exe windows x86

273014f0e1207431a381d02fccbd4f45

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetModuleFileNameExA
EnumProcessModules
EnumProcesses

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA
SetupDiClassGuidsFromNameA

kernel32

LockResource
FindResourceA
SetEvent
CreateEventA
DeleteFileA
WaitForSingleObject
SetLastError
LocalFree
GlobalUnlock
GlobalLock
GetCurrentProcessId
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
WritePrivateProfileStringA
TlsFree
GetProcAddress
GetModuleHandleA
InterlockedDecrement
FreeLibrary
InterlockedIncrement
GlobalGetAtomNameA
lstrcmpA
GetThreadLocale
ResumeThread
GetCurrentThreadId
GlobalFlags
lstrcmpW
LoadLibraryA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GetLocaleInfoA
GetCPInfo
GetOEMCP
MoveFileA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
GetCurrentProcess
CreateFileA
VirtualAlloc
HeapFree
HeapAlloc
HeapReAlloc
ExitProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetTimeFormatA
GetDateFormatA
ExitThread
CreateThread
GetSystemTimeAsFileTime
GetCommandLineA
GetProcessHeap
RaiseException
RtlUnwind
HeapSize
HeapDestroy
HeapCreate
VirtualFree
GetStdHandle
GetTimeZoneInformation
GetACP
IsValidCodePage
LCMapStringA
LCMapStringW
SetHandleCount
GetFileType
GetStartupInfoA
GetConsoleCP
GetConsoleMode
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
GlobalFree
GlobalAlloc
GetTickCount
TerminateProcess
SizeofResource
CloseHandle
OpenProcess
WinExec
FormatMessageA
Sleep
GetVersionExA
GetModuleFileNameA
LoadResource
InterlockedExchange
GetModuleFileNameW
CompareStringA
lstrlenA
GetVersion
MultiByteToWideChar
WideCharToMultiByte
CompareStringW
lstrcmpiA
GetLastError
DeleteCriticalSection

user32

SetForegroundWindow
MapWindowPoints
GetMessagePos
GetMessageTime
DestroyWindow
GetTopWindow
GetForegroundWindow
RemovePropA
GetPropA
SetPropA
GetClassLongA
GetCapture
WinHelpA
LoadIconA
RegisterWindowMessageA
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
DestroyMenu
PostQuitMessage
CallWindowProcA
SystemParametersInfoA
IsIconic
GetWindowPlacement
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
SetWindowPos
SetWindowLongA
IsWindow
GetClassInfoA
GetDlgItem
GetFocus
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameA
PtInRect
SetWindowTextA
UnregisterClassA
SetWindowsHookExA
CallNextHookEx
DispatchMessageA
GetKeyState
PeekMessageA
ValidateRect
GetWindowTextA
LoadCursorA
GetSystemMetrics
GetDC
GetSysColor
GetSysColorBrush
UnhookWindowsHookEx
GetWindowThreadProcessId
SendMessageA
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxA
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
RegisterClassA
AdjustWindowRectEx
CopyRect
wsprintfA
GetClientRect
GetMenu
PostMessageA
CreateWindowExA
GetClassInfoExA
DefWindowProcA
ReleaseDC

advapi32

RegisterServiceCtrlHandlerA
ControlService
StartServiceCtrlDispatcherA
QueryServiceStatus
OpenSCManagerA
RegCloseKey
CloseServiceHandle
RegOpenKeyExA
SetServiceStatus
OpenServiceA
RegOpenKeyA
RegQueryValueExA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

SysStringLen
VariantClear
VariantChangeType
SysFreeString
VariantInit
SysAllocString

ws2_32

listen
inet_addr
inet_ntoa
WSASocketA
ntohl
ntohs
WSACloseEvent
htonl
htons
WSAGetLastError
connect
sendto
WSACleanup
recv
bind
closesocket
WSAStartup
select
send
WSAIoctl
recvfrom
__WSAFDIsSet
setsockopt
WSACreateEvent
socket
accept

iphlpapi

NotifyAddrChange
GetAdaptersInfo
GetNetworkParams

oleacc

LresultFromObject
CreateStdAccessibleObject

gdi32

GetStockObject
OffsetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
DeleteDC
SetViewportOrgEx
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
RestoreDC
SaveDC
SetBkColor
SetMapMode
PtVisible
RectVisible
SetTextColor
GetClipBox
CreateBitmap
DeleteObject
GetDeviceCaps

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

Sections

.text
Size: 236KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

��M�
Size: 228KB - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

273014f0e1207431a381d02fccbd4f45

Headers

File Characteristics

Imports

psapi

setupapi

kernel32

user32

advapi32

ole32

oleaut32

ws2_32

iphlpapi

oleacc

gdi32

winspool.drv

Sections

.text Size: 236KB - Virtual size: 233KB

.rdata Size: 64KB - Virtual size: 60KB

.data Size: 12KB - Virtual size: 251KB

.rsrc Size: 4KB - Virtual size: 960B

���M� Size: 228KB - Virtual size: 228KB

.text
Size: 236KB - Virtual size: 233KB

.rdata
Size: 64KB - Virtual size: 60KB

.data
Size: 12KB - Virtual size: 251KB

.rsrc
Size: 4KB - Virtual size: 960B

��M�
Size: 228KB - Virtual size: 228KB