bbab4cdb23e54f54776b717f60b7e2ff5d90ab0c8bf5ee09012cbfcd1768df8c

Sharing

Copy URL Twitter E-mail

General

Target

bbab4cdb23e54f54776b717f60b7e2ff5d90ab0c8bf5ee09012cbfcd1768df8c
Size

436KB
MD5

92bc8645ffcf7890f53c6b1e3c672d20
SHA1

977d036cc742408e6ac3b9e0378988ed1618afa1
SHA256

bbab4cdb23e54f54776b717f60b7e2ff5d90ab0c8bf5ee09012cbfcd1768df8c
SHA512

6e65eb14d8693c215293b3a720e2376752f8b8b5eac431d7453e91609570b432ab84b611c4dd7ec27aae7496e40b1c242cac23f9057543c31aeaf1fb5c4e55eb
SSDEEP

3072:5xcmFc0HY5E4l3w4ko1b2fffKi3Pjt4kaIzW/ll22KFO11olbGWxNf+jsWlB37lE:zXHY5EMeo6ffK6jBa/LpMDHSsQLH5AL

Score

N/A

Malware Config

Signatures

Files

bbab4cdb23e54f54776b717f60b7e2ff5d90ab0c8bf5ee09012cbfcd1768df8c
.exe windows x86

c3fc9971ed600b08a96279d53f0c2a85

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultLangID
GetExitCodeProcess
GetSystemDirectoryA
GetWindowsDirectoryA
GetTempPathA
GetCurrentThread
lstrcpynA
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalFree
RaiseException
InitializeCriticalSection
DeleteCriticalSection
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameA
LeaveCriticalSection
GlobalReAlloc
GlobalHandle
EnterCriticalSection
TlsGetValue
TlsAlloc
LocalAlloc
LocalReAlloc
TlsFree
lstrcmpA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
lstrcpyA
CreateFileA
GlobalFlags
GetCurrentThreadId
WaitForSingleObject
lstrcatA
lstrcmpW
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCPInfo
GetOEMCP
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
ExitProcess
TerminateProcess
GetSystemTimeAsFileTime
HeapReAlloc
SetStdHandle
GetFileType
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
LCMapStringA
LCMapStringW
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetLocaleInfoW
GetCurrentProcess
FormatMessageA
LocalFree
FindResourceExA
GetCommandLineA
SetCurrentDirectoryA
GetStartupInfoA
CreateProcessA
CloseHandle
GetCurrentDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
GetFileAttributesA
SetFileAttributesA
CopyFileA
GetModuleHandleA
SetLastError
DeleteFileA
RemoveDirectoryA
FindFirstFileA
FindClose
lstrlenA
lstrcmpiA
GetVersion
FindResourceA
LoadResource
LockResource
SizeofResource
GetLastError
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
TlsSetValue
InterlockedExchange

user32

RemovePropA
GetPropA
SetPropA
GetClassInfoExA
GetClassLongA
CreateWindowExA
GetCapture
WinHelpA
RegisterWindowMessageA
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
DestroyMenu
PostQuitMessage
LoadIconA
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
PostMessageA
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
CallWindowProcA
IsIconic
GetWindowPlacement
CopyRect
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
SetWindowPos
SetWindowLongA
GetDlgItem
SetWindowsHookExA
CallNextHookEx
DispatchMessageA
GetKeyState
PeekMessageA
ValidateRect
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetFocus
SetWindowTextA
GetClassNameA
SendMessageA
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
UnhookWindowsHookEx
LoadCursorA
MessageBoxA
DefWindowProcA
SystemParametersInfoA
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
LoadBitmapA
GetMessagePos
GetSubMenu
GetMenuItemCount
GetMenuItemID
UnregisterClassA
GetMenuState
GetWindowTextA

advapi32

OpenProcessToken
ImpersonateSelf
OpenThreadToken
AllocateAndInitializeSid
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
IsValidSecurityDescriptor
AccessCheck
RevertToSelf
FreeSid
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA
RegCloseKey
RegDeleteKeyA

oleaut32

VariantChangeType
VariantInit
VariantClear

comctl32

ord17

oleacc

LresultFromObject
CreateStdAccessibleObject

gdi32

SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
OffsetViewportOrgEx
DeleteObject
CreateBitmap
GetClipBox
SetTextColor
SetBkColor
SaveDC
GetStockObject
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
RestoreDC
SetMapMode
GetDeviceCaps

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

Sections

.text
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 292KB - Virtual size: 289KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c3fc9971ed600b08a96279d53f0c2a85

Headers

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

comctl32

oleacc

gdi32

winspool.drv

Sections

.text Size: 104KB - Virtual size: 102KB

.rdata Size: 28KB - Virtual size: 26KB

.data Size: 8KB - Virtual size: 38KB

.rsrc Size: 292KB - Virtual size: 289KB

.text
Size: 104KB - Virtual size: 102KB

.rdata
Size: 28KB - Virtual size: 26KB

.data
Size: 8KB - Virtual size: 38KB

.rsrc
Size: 292KB - Virtual size: 289KB