650f9de1dbb1cddb474d1b5748d8685c02a5b51806e3385bb58bbbdaeff8f346

Sharing

Copy URL Twitter E-mail

General

Target

650f9de1dbb1cddb474d1b5748d8685c02a5b51806e3385bb58bbbdaeff8f346
Size

1.3MB
MD5

a8ad7f4436b749059c793fdd0be946e7
SHA1

0b1652a3af9fbf23cf50be7b6f2921587bd779d2
SHA256

650f9de1dbb1cddb474d1b5748d8685c02a5b51806e3385bb58bbbdaeff8f346
SHA512

72f03ef1c808995ce80b3ff2995b0c8a87cc4321b5cd17317c75c1a64d968110bec3de0f09254c0edaeaa178c96f2989c7ee728d7c179e10c8db05a1f9bb6cc9
SSDEEP

24576:sMN9eLThV+AACLcvVFkwP9+S0EMYBLYXPPS3JHGxxigH90qvP44K8:nmLThV+AACQvfky9+aLYfPS3RGHigBPB

Score

N/A

Malware Config

Signatures

Files

650f9de1dbb1cddb474d1b5748d8685c02a5b51806e3385bb58bbbdaeff8f346
.exe windows x86

e5e42f2edbd6bd457f839069a8d5ade0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFullPathNameA
LockFile
SetEndOfFile
UnlockFile
DuplicateHandle
GetCurrentProcess
GetVolumeInformationA
GetOEMCP
GetCPInfo
SetErrorMode
GetFileAttributesExA
GetFileSizeEx
GetFileTime
EncodePointer
DecodePointer
IsDebuggerPresent
IsProcessorFeaturePresent
HeapFree
HeapAlloc
GetCommandLineA
RtlUnwind
ExitProcess
GetModuleHandleExW
SetThreadStackGuarantee
VirtualAlloc
VirtualProtect
VirtualQuery
RaiseException
HeapReAlloc
HeapSize
HeapQueryInformation
FlushFileBuffers
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
TerminateProcess
GetStartupInfoW
GetStdHandle
GetProcessHeap
GetFileType
InitOnceExecuteOnce
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTickCount64
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetDriveTypeW
GetTimeZoneInformation
GetStringTypeW
CompareStringEx
LCMapStringEx
OutputDebugStringW
GetConsoleCP
GetConsoleMode
SetFilePointerEx
GetCurrentDirectoryW
SetStdHandle
WriteConsoleW
CreateFileW
SetEnvironmentVariableA
GetThreadLocale
GlobalFlags
InterlockedIncrement
InterlockedDecrement
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
FindNextFileA
FileTimeToLocalFileTime
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
FormatMessageA
MulDiv
LocalFree
GetCurrentProcessId
GlobalAddAtomA
WaitForSingleObject
LoadLibraryW
GlobalUnlock
GetModuleFileNameW
GetVersion
SetLastError
GetFileAttributesW
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetModuleHandleW
GetModuleHandleA
FindResourceA
GlobalFree
FreeResource
GetLocaleInfoEx
GetThreadPreferredUILanguages
CompareStringA
ApplicationRecoveryFinished
ApplicationRecoveryInProgress
RegisterApplicationRestart
RegisterApplicationRecoveryCallback
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
LoadLibraryExW
GetModuleFileNameA
FreeLibrary
GetVersionExA
GetCurrentThreadId
GetCurrentThread
InterlockedExchange
GetACP
MultiByteToWideChar
GetTickCount
GetFileSize
FileTimeToSystemTime
SetFileTime
CreateDirectoryA
GetFileAttributesA
LocalFileTimeToFileTime
GetCurrentDirectoryA
SystemTimeToFileTime
ReadFile
SetFilePointer
WinExec
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
OutputDebugStringA
LoadLibraryA
GetProcAddress
DeleteFileA
Sleep
WriteFile
FlushViewOfFile
FindClose
FindFirstFileA
GetSystemInfo
UnmapViewOfFile
MapViewOfFile
CloseHandle
CreateFileMappingA
GetLastError
IsValidCodePage
CreateFileA
InitializeCriticalSectionEx

user32

UnregisterClassA
RegisterClipboardFormatA
PostThreadMessageA
GetClassLongA
SetWindowLongA
PtInRect
EqualRect
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowRect
GetWindowTextA
RemovePropA
GetPropA
SetPropA
RedrawWindow
SetForegroundWindow
GetForegroundWindow
UpdateWindow
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
IsChild
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
CopyAcceleratorTableA
DestroyMenu
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetLastActivePopup
GetWindowThreadProcessId
MessageBoxA
SetCursor
CallNextHookEx
SetWindowsHookExA
GetCursorPos
ValidateRect
GetKeyState
IsWindowVisible
PeekMessageA
DispatchMessageA
TranslateMessage
GetMessageA
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
GetWindowLongA
SetActiveWindow
IsWindowEnabled
GetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamA
DestroyWindow
IsWindow
MapDialogRect
GetWindow
OffsetRect
CharNextA
SetWindowContextHelpId
SetWindowPos
PostQuitMessage
PostMessageA
GetParent
SendDlgItemMessageA
GetDesktopWindow
wsprintfA
EnableWindow
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
SendMessageA
CharUpperA
GetSysColorBrush
AppendMenuA
GetSystemMenu
MessageBeep
GetNextDlgGroupItem
IsRectEmpty
IntersectRect
SetRect
GetSysColor
InvalidateRgn
InvalidateRect
KillTimer
SetTimer
RealChildWindowFromPoint
LoadCursorA
ReleaseCapture
SetCapture
IsDialogMessageA
SetWindowTextA
MoveWindow
ShowWindow
ClientToScreen
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
GetMonitorInfoA
MonitorFromWindow
WinHelpA
LoadIconW
GetClassNameA
UnhookWindowsHookEx
CopyRect
GetTopWindow
LoadIconA

gdi32

DeleteDC
DeleteObject
Escape
GetClipBox
GetStockObject
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
RestoreDC
SaveDC
ExtSelectClipRgn
SelectObject
SetMapMode
TextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
GetMapMode
SetTextColor
SetBkColor
ExtTextOutA
GetObjectA
GetDeviceCaps
CreateBitmap

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegEnumKeyA
RegEnumValueA
RegQueryValueA
RegCloseKey
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA

shell32

SHGetKnownFolderPath

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameA
PathIsUNCA
PathStripToRootA
PathFindExtensionA

ole32

CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoUninitialize
CoCreateInstance
CoInitialize
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter

oleaut32

VariantClear
VariantChangeType
SysAllocString
VariantCopy
OleCreateFontIndirect
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantInit
SysAllocStringByteLen
SysFreeString
SysAllocStringLen

oledlg

ord8

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 252KB - Virtual size: 252KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 898KB - Virtual size: 914KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e5e42f2edbd6bd457f839069a8d5ade0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

oleacc

Sections

.text Size: 252KB - Virtual size: 252KB

.rdata Size: 72KB - Virtual size: 71KB

.data Size: 898KB - Virtual size: 914KB

.rsrc Size: 57KB - Virtual size: 57KB

.text
Size: 252KB - Virtual size: 252KB

.rdata
Size: 72KB - Virtual size: 71KB

.data
Size: 898KB - Virtual size: 914KB

.rsrc
Size: 57KB - Virtual size: 57KB