5aeada96d4f857a408e9502789dd1b4221920fa26a7e3d68bc64e80c79ca2d26

Sharing

Copy URL Twitter E-mail

General

Target

5aeada96d4f857a408e9502789dd1b4221920fa26a7e3d68bc64e80c79ca2d26
Size

318KB
MD5

819ffbc06b243caa3e3ef24c26928116
SHA1

d08dbb3ad732961142160c30c41ce9a07b49a4b1
SHA256

5aeada96d4f857a408e9502789dd1b4221920fa26a7e3d68bc64e80c79ca2d26
SHA512

de241549b34fed5149f92741f8ccc7c8507c15f18d2be9c17c4a338492ade4e94931b958b156be65e6f951b3c608279ff2ed4bc0ec0414eb59890b7656eb1eaa
SSDEEP

6144:RcgBh70wRRMptZxhuJ0PZ/U7DH623IUc/zz3GgYl2zVOfcx4e79evJFB:agBN0wRRMzhOg/U7OV7bGazVO0icevLB

Score

N/A

Malware Config

Signatures

Files

5aeada96d4f857a408e9502789dd1b4221920fa26a7e3d68bc64e80c79ca2d26
.exe windows x86

747bb8340e6a03cd71c4ff46eb4df0a4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
WaitForMultipleObjects
OutputDebugStringA
GetVersionExA
CloseHandle
CreateThread
CompareStringW
CreateFileW
GetProcessHeap
SetEndOfFile
WriteConsoleW
HeapSize
GetStringTypeW
LCMapStringW
GetLastError
WaitForSingleObject
CreateFileA
SetFilePointer
FlushFileBuffers
GetConsoleMode
GetConsoleCP
HeapReAlloc
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
RaiseException
GetTimeZoneInformation
WideCharToMultiByte
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
ReleaseSemaphore
CreateSemaphoreA
EnumSystemCodePagesA
HeapCreate
Sleep
IsProcessorFeaturePresent
LoadLibraryW
ReadFile
MultiByteToWideChar
GetCurrentProcess
HeapAlloc
SetStdHandle
FreeLibrary
RtlUnwind
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
SetEnvironmentVariableA
HeapFree
EnterCriticalSection
LeaveCriticalSection
GetTimeFormatA
GetDateFormatA
GetSystemTimeAsFileTime
GetCommandLineA
HeapSetInformation
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
ExitProcess
DecodePointer
EncodePointer
WriteFile
GetStdHandle
GetModuleFileNameW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
TlsAlloc
TlsGetValue

user32

LoadCursorA
UpdateWindow
DialogBoxParamA
PostMessageA
GetSystemMenu
SetForegroundWindow
LoadStringA
GetParent
LoadIconA
AppendMenuA
GetWindowLongA
CreateWindowExA
SetClassLongA
EndDialog
ShowWindow

winspool.drv

ClosePrinter

ole32

CoCreateInstance

gdiplus

GdipDeleteGraphics
GdipCreateFromHDC
GdipDrawLineI
GdipDeletePen
GdipCreatePen1

Sections

.text
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

747bb8340e6a03cd71c4ff46eb4df0a4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

winspool.drv

ole32

gdiplus

Sections

.text Size: 122KB - Virtual size: 121KB

.rdata Size: 14KB - Virtual size: 14KB

.data Size: 6KB - Virtual size: 21KB

.bss Size: 163KB - Virtual size: 163KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 122KB - Virtual size: 121KB

.rdata
Size: 14KB - Virtual size: 14KB

.data
Size: 6KB - Virtual size: 21KB

.bss
Size: 163KB - Virtual size: 163KB

.rsrc
Size: 11KB - Virtual size: 10KB