a13259a429192dc5cd6bef73ee96c4198dd9c8c2e4c0aee1d57fb9326adf4dff

Sharing

Copy URL Twitter E-mail

General

Target

a13259a429192dc5cd6bef73ee96c4198dd9c8c2e4c0aee1d57fb9326adf4dff
Size

176KB
MD5

a2ee757daae05da3a75fc8ffdd875d20
SHA1

ff92b63008b361ced349c76977f300de628f596c
SHA256

a13259a429192dc5cd6bef73ee96c4198dd9c8c2e4c0aee1d57fb9326adf4dff
SHA512

08b5acb6b93ebf288abbb6c2c6e259acef02876d14aa207c5e0b7e399eec25be3a71c42bb20733f0125a728c6affa01ad18c99a1aef1a1507af3c8ae0b624b52
SSDEEP

3072:b+dCU5XF2obq6KpRjAgWwVRXr8DoJY6j15KPqOlzNXx:bQ1gn6ARLf14R

Score

N/A

Malware Config

Signatures

Files

a13259a429192dc5cd6bef73ee96c4198dd9c8c2e4c0aee1d57fb9326adf4dff
.exe windows x86

33cee772ae556ea3b5631d99b2fc5ac6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalAlloc
GlobalFree
GlobalUnlock
GlobalHandle
GlobalReAlloc
LocalReAlloc
GlobalFlags
WritePrivateProfileStringA
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
FreeLibrary
GetProcessVersion
LocalFree
ReadFile
RaiseException
InterlockedExchange
lstrcpynA
lstrcatA
SetErrorMode
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
FlushFileBuffers
SetStdHandle
LoadLibraryA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
SetFilePointer
WriteFile
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetOEMCP
GetACP
GetCPInfo
GetCurrentThread
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetCurrentThreadId
HeapSize
LCMapStringW
LCMapStringA
Sleep
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetModuleFileNameA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
IsBadWritePtr
VirtualAlloc
VirtualFree
ExitProcess
GetVersion
RtlUnwind
InterlockedIncrement
InterlockedDecrement
HeapFree
HeapAlloc
HeapReAlloc
GetVersionExA
GetCurrentProcessId
GetCommandLineA
lstrcmpiA
OpenProcess
TerminateProcess
GetCurrentProcess
GetLastError
WideCharToMultiByte
GetModuleHandleA
GetProcAddress
lstrcpyA
lstrlenA
CloseHandle

user32

CopyRect
GetClientRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
LoadIconA
ShowWindow
LoadCursorA
GetSysColorBrush
DestroyMenu
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetSubMenu
GetMenuItemID
GetDlgItem
DefWindowProcA
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
GrayStringA
DrawTextA
TabbedTextOutA
ReleaseDC
GetDC
wsprintfA
UnhookWindowsHookEx
GetLastActivePopup
IsWindowEnabled
MessageBoxA
EnableWindow
SetWindowTextA
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetWindowLongA
GetClassNameA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
PostMessageA
EnumWindows
GetWindowTextA
GetWindowThreadProcessId
CharNextA
PostQuitMessage
GetParent
GetNextDlgTabItem
SetCursor
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
SendMessageA
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
LoadStringA
GetTopWindow
GetMenuItemCount

gdi32

SetWindowExtEx
ScaleWindowExtEx
GetClipBox
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetObjectA
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
SetBkColor
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
CreateBitmap
DeleteObject

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

StartServiceA
RegSetValueExA
RegCreateKeyExA
QueryServiceStatus
ControlService
RegCloseKey
OpenServiceA
OpenSCManagerA
CloseServiceHandle
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
RegQueryValueExA

comctl32

ord17

Sections

.text
Size: 92KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ujjl
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

33cee772ae556ea3b5631d99b2fc5ac6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

Sections

.text Size: 92KB - Virtual size: 89KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 16KB - Virtual size: 29KB

.rsrc Size: 4KB - Virtual size: 2KB

.ujjl Size: 40KB - Virtual size: 40KB

.text
Size: 92KB - Virtual size: 89KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 16KB - Virtual size: 29KB

.rsrc
Size: 4KB - Virtual size: 2KB

.ujjl
Size: 40KB - Virtual size: 40KB