337094f2883b1e6d5730772b485303a937c8086d9873d464e4c1261968df6033

Sharing

Copy URL Twitter E-mail

General

Target

337094f2883b1e6d5730772b485303a937c8086d9873d464e4c1261968df6033
Size

576KB
MD5

4914fb663eaeb9845c42161c1acc4d4f
SHA1

6be75da2d9b1104e356f394883added287f842e3
SHA256

337094f2883b1e6d5730772b485303a937c8086d9873d464e4c1261968df6033
SHA512

3b55b15749cc85c6b11f28e2394720dac04439e7452ee8660a823be7d98fd8b60e94399b5341728fd3f367ce2894d7d6a9915a2d1ae924f3457cafdc2f428f58
SSDEEP

6144:dLt52a/vV4R1LPj84byvnfYDxGa7MHk7V0/p3UCUndEt5kd:dKa3yR5oNvfYDsk7VkhUCg

Score

N/A

Malware Config

Signatures

Files

337094f2883b1e6d5730772b485303a937c8086d9873d464e4c1261968df6033
.exe windows x86

e6a5d787afba52845d5d6e6210dcaca4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA
VerInstallFileA
GetFileVersionInfoA
VerQueryValueA

winmm

PlaySoundA

wsock32

bind
gethostname
listen
WSAStartup
gethostbyname
inet_addr
shutdown
WSACleanup
socket
closesocket

kernel32

SetEndOfFile
MoveFileA
DeleteFileA
UnlockFile
GetStringTypeExA
LockFile
GetVolumeInformationA
GetShortPathNameA
SetErrorMode
RtlUnwind
GetThreadLocale
GetStartupInfoA
GetCommandLineA
HeapAlloc
WriteFile
GetModuleHandleA
ExitProcess
TerminateProcess
GetTimeZoneInformation
GetSystemTime
FlushFileBuffers
GetCPInfo
GetACP
GetOEMCP
HeapReAlloc
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetCurrentDirectoryA
SetFilePointer
HeapFree
RaiseException
ReadFile
GetFileType
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
SetStdHandle
GetLocaleInfoA
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetSystemDirectoryA
GetTempPathA
GetTempFileNameA
GetVersionExA
LoadLibraryExA
GetProcAddress
FreeLibrary
GetModuleFileNameA
DuplicateHandle
SetLastError
LoadLibraryA
TlsGetValue
GetProcessVersion
GlobalFlags
EnterCriticalSection
LocalReAlloc
TlsSetValue
GlobalReAlloc
LeaveCriticalSection
TlsAlloc
GlobalHandle
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
CreateFileA
LocalFree
FindFirstFileA
SystemTimeToFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
FindClose
GetFileSize
FreeEnvironmentStringsW
GetEnvironmentStrings
GetDiskFreeSpaceA
lstrcpyA
lstrcatA
FileTimeToSystemTime
MulDiv
SetFileTime
GetFullPathNameA
GetFileTime
GetFileAttributesA
GetPrivateProfileIntA
GetEnvironmentStringsW
GlobalDeleteAtom
GetPrivateProfileStringA
CloseHandle
GetCurrentThread
lstrcmpA
lstrcmpiA
InterlockedDecrement
MultiByteToWideChar
WideCharToMultiByte
LockResource
InterlockedIncrement
GetCurrentThreadId
lstrcpynA
FindResourceA
LoadResource
GetVersion
GlobalGetAtomNameA
GlobalAddAtomA
GlobalAlloc
CreateProcessA
WaitForSingleObject
GlobalFree
GlobalLock
GlobalUnlock
GetCurrentProcess
WritePrivateProfileStringA
MoveFileExA
lstrlenA
GetLastError
WinExec
SetHandleCount
GetWindowsDirectoryA
GetStdHandle
GetLocalTime
CreateDirectoryA

user32

BeginDeferWindowPos
AdjustWindowRectEx
DispatchMessageA
GetSysColor
MapWindowPoints
SystemParametersInfoA
SendDlgItemMessageA
IsDialogMessageA
SetWindowTextA
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
GetMenuCheckMarkDimensions
ShowOwnedPopups
MessageBoxA
GetCursorPos
ValidateRect
TranslateMessage
GetMessageA
GetDC
ReleaseDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
GetClassNameA
GetSysColorBrush
LoadStringA
FindWindowA
InsertMenuA
DeleteMenu
GetMenuStringA
CharUpperA
DestroyIcon
ShowScrollBar
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
RegisterClassA
GetWindowTextA
EndDeferWindowPos
DeferWindowPos
SetWindowsHookExA
CallNextHookEx
SetPropA
UnhookWindowsHookEx
GetForegroundWindow
SetForegroundWindow
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetWindowRect
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
DestroyWindow
GetLastActivePopup
BringWindowToTop
IsWindowVisible
GetFocus
EqualRect
CopyRect
GetDlgItem
SetWindowLongA
wsprintfA
GetKeyState
SetWindowPos
GetDlgCtrlID
GetMenuItemCount
GetSubMenu
GetMenuItemID
UnpackDDElParam
WinHelpA
GetMenu
LoadIconA
GetClassInfoA
LoadMenuA
DestroyMenu
SetFocus
GetParent
GetActiveWindow
ShowWindow
GetWindowLongA
GetDesktopWindow
GetWindow
IsWindowEnabled
PeekMessageA
PostMessageA
GetCapture
ReleaseCapture
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
RegisterWindowMessageA
IsWindow
ClientToScreen
SetCursorPos
ExitWindowsEx
PtInRect
InvalidateRect
SetCursor
ShowCursor
GetClientRect
PostQuitMessage
LoadBitmapA
LoadCursorA
SetMenu
UpdateWindow
EnableWindow
SendMessageA
GetSystemMetrics
ScreenToClient
ScrollWindow
DefWindowProcA
SetScrollInfo
CreateWindowExA
ReuseDDElParam
SetActiveWindow
IsIconic
UnregisterClassA
WindowFromPoint

gdi32

CreateCompatibleDC
SetTextColor
SetBkColor
StretchBlt
CreateBitmap
DeleteDC
GetObjectA
SaveDC
RestoreDC
GetStockObject
SelectObject
SetBkMode
SetMapMode
SetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
OffsetViewportOrgEx
SetWindowExtEx
GetClipBox
ScaleWindowExtEx
GetDeviceCaps
PtVisible
RectVisible
ExtTextOutA
Escape
TextOutA
DeleteObject
GetTextExtentPointA

comdlg32

GetSaveFileNameA
GetOpenFileNameA
GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueExA
RegOpenKeyA
OpenProcessToken
RegCreateKeyExA
LookupPrivilegeValueA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueA
SetFileSecurityA
GetFileSecurityA
RegDeleteValueA
RegCreateKeyA
RegEnumKeyA
RegCloseKey
RegQueryValueExA
RegSetValueA
AdjustTokenPrivileges

shell32

ExtractIconA
SHGetFileInfoA
DragQueryFileA
DragFinish

comctl32

ord17
ImageList_Destroy

Sections

.text
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 283KB - Virtual size: 283KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e6a5d787afba52845d5d6e6210dcaca4

Headers

File Characteristics

Imports

version

winmm

wsock32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

Sections

.text Size: 163KB - Virtual size: 163KB

.rdata Size: 28KB - Virtual size: 28KB

.data Size: 20KB - Virtual size: 33KB

.idata Size: 8KB - Virtual size: 8KB

.rsrc Size: 283KB - Virtual size: 283KB

.text
Size: 163KB - Virtual size: 163KB

.rdata
Size: 28KB - Virtual size: 28KB

.data
Size: 20KB - Virtual size: 33KB

.idata
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 283KB - Virtual size: 283KB