e1d24c249f5decddb7c1a00018cfeb1d2270988d66c6aca3d4133a59e8dc5524

Sharing

Copy URL Twitter E-mail

General

Target

e1d24c249f5decddb7c1a00018cfeb1d2270988d66c6aca3d4133a59e8dc5524
Size

217KB
MD5

a0a8f18768982c60cc942a85122a10f0
SHA1

64effa2e188769b8d6d39791ac55ec2169e8de5e
SHA256

e1d24c249f5decddb7c1a00018cfeb1d2270988d66c6aca3d4133a59e8dc5524
SHA512

40882f43388cff598a3f318b65b57630df938d5928600a0b301c6021c3bd14048af490a8b6b63d4d4b4450d90be90a855893d07899aa10ad66eca342990033e8
SSDEEP

3072:rfi5krah8+yscbl2liGzKw/J1phJw4aBjd72Tfeqi8FwUrP05wDKHKvZ5BJxz:uGFvbgbzKwR3w4aBpCTfZimKHKfH5

Score

N/A

Malware Config

Signatures

Files

e1d24c249f5decddb7c1a00018cfeb1d2270988d66c6aca3d4133a59e8dc5524
.exe windows x64

fe36f57a467b621df9e363c7f6eb8b44

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcrt

??2@YAPEAX_K@Z
memcpy
strchr
strstr
strncmp
strncpy
_strdup
memmove
_atoi64
islower
isalpha
isalnum
??3@YAXPEAX@Z
__C_specific_handler
_XcptFilter
_c_exit
_exit
_cexit
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_commode
_onexit
__dllonexit
__set_app_type
memset
_fmode
_strnicmp
_strcmpi

advapi32

RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegEnumValueA
RegEnumKeyExA
RegQueryValueExA

kernel32

GetStartupInfoA
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
GlobalFlags
IsDBCSLeadByte
lstrlenA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
FreeLibrary
GetProcAddress
LoadLibraryA
lstrcpyA
GetVersionExA
lstrcmpiA
LocalFree
GetLastError
MultiByteToWideChar
GetComputerNameA
CreateFileA
CloseHandle
lstrcatA
DeviceIoControl
lstrcmpA
GetExitCodeProcess
WaitForSingleObject
OpenProcess
GetTickCount
CreateProcessA
LocalAlloc
GetModuleFileNameA
GetUserDefaultLangID
Sleep
GetUserDefaultLCID
CreateThread
ReadFile
FreeResource
LockResource
LoadResource
FindResourceA
MulDiv
SizeofResource
WideCharToMultiByte
_lclose
_hread
_llseek
_lopen

gdi32

FillRgn
CreateCompatibleDC
SelectObject
BitBlt
CombineRgn
CreatePalette
SelectPalette
RealizePalette
DeleteObject
CreateRectRgn
GetObjectA
GetDeviceCaps
GetStockObject
GetTextExtentPointA
CreateDIBitmap

user32

DialogBoxIndirectParamA
CreateDialogIndirectParamA
EndDialog
DispatchMessageA
TranslateMessage
GetMessageA
SetCursor
RegisterClassExA
GetClassInfoExA
GetWindowTextA
GetWindowTextLengthA
SetDlgItemTextA
IsIconic
UpdateWindow
DestroyIcon
DrawIcon
EndPaint
CreateWindowExA
SetWindowLongA
BeginPaint
IntersectRect
SetWindowTextA
ShowWindow
LoadBitmapA
KillTimer
SetTimer
ClientToScreen
GetDC
GetClientRect
InvalidateRect
SetFocus
EnableWindow
CharNextA
GetSystemMetrics
GetWindowLongPtrA
SetWindowLongPtrA
MessageBoxA
IsCharAlphaA
IsCharAlphaNumericA
CharPrevA
wsprintfA
LoadCursorA
LoadIconA
LoadStringA
DefWindowProcA
PostQuitMessage
GetParent
SendMessageA
PeekMessageA
DestroyWindow
GetWindowLongA
RegisterWindowMessageA
PostMessageA
GetWindow
SetWindowPos
ScreenToClient
GetWindowRect
GetDlgItem
ReleaseDC

winspool.drv

EnumPrintersA
EnumPortsA
GetPrinterDriverDirectoryA
OpenPrinterA
ClosePrinter
GetPrinterDriverA
GetPrinterA
SetPrinterA
GetPrinterDataA
AddPrinterA
DeletePrinter
DeletePrinterConnectionA

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fe36f57a467b621df9e363c7f6eb8b44

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

gdi32

user32

winspool.drv

Sections

.text Size: 101KB - Virtual size: 101KB

.data Size: 512B - Virtual size: 2KB

.pdata Size: 6KB - Virtual size: 5KB

.rsrc Size: 108KB - Virtual size: 108KB

.text
Size: 101KB - Virtual size: 101KB

.data
Size: 512B - Virtual size: 2KB

.pdata
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 108KB - Virtual size: 108KB