268a3de609212d5c407d4745a9d5699e75f1396e6c13b67c1970f2d837e73a95

Sharing

Copy URL

Twitter E-mail

General

Target

268a3de609212d5c407d4745a9d5699e75f1396e6c13b67c1970f2d837e73a95
Size

612KB
MD5

08ef5db4476a37c196ff7edc64393c7c
SHA1

91b046ffe773029260a22536d8d2837851cb393b
SHA256

268a3de609212d5c407d4745a9d5699e75f1396e6c13b67c1970f2d837e73a95
SHA512

95af317648c99a2c8920574402a79d8a6530b8c9efcae46d8698a139edacc29774b5606ac9bfb19dcb40e350990f88fbf79a61077ee244d614cb730787556da5
SSDEEP

6144:ZMmY5yrfyHzy8fwRASAywPGvmPrps0q4oMOOyQlTgALXqo1jmUZxL6xQGQgg:ZZ0yrOGtRS9Gvmg4oMOOPZNLXqs76P

Score

N/A

Malware Config

Signatures

Files

268a3de609212d5c407d4745a9d5699e75f1396e6c13b67c1970f2d837e73a95
.exe windows x86

088a2647c3d4e3392096d9973cc33500

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseMutex
CreateMutexW
CloseHandle
GetExitCodeThread
GetLocalTime
CreateFileW
WaitNamedPipeW
WriteFile
CreateThread
Sleep
SetNamedPipeHandleState
ReadFile
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CreateFileA
WaitForSingleObject
SetStdHandle
InitializeCriticalSection
GetConsoleCP
SetFilePointer
GetLocaleInfoW
LoadLibraryA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetLocaleInfoA
IsValidCodePage
GetOEMCP
GetACP
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
WideCharToMultiByte
CreateProcessA
GetLastError
GetSystemDirectoryA
LoadLibraryExA
GetProcAddress
FreeLibrary
FlushFileBuffers
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
ExitProcess
HeapSize
LeaveCriticalSection
GetConsoleMode
EnterCriticalSection
GetFileType
SetHandleCount
InterlockedIncrement
InterlockedDecrement
InterlockedCompareExchange
InterlockedExchange
DeleteCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
RtlUnwind
HeapFree
GetCommandLineA
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoA
LCMapStringA
LCMapStringW
GetCPInfo
GetStringTypeA
GetStringTypeW
GetStdHandle
GetModuleFileNameA
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc

user32

wsprintfA
RemovePropA
SetWindowLongA
CallWindowProcA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
WinHelpA
GetWindowRect
SetWindowPos
SetWindowTextA
GetDlgItem
LoadImageA
GetDC
GetPropA
ReleaseDC
CreateDialogParamA
ShowWindow
MessageBoxA
SetPropA
GetParent
SendMessageA
InvalidateRect
GetWindowLongA
LoadStringA
EndDialog
LoadCursorA
SetCursor

gdi32

SelectObject
BitBlt
DeleteDC
DeleteObject
GetObjectA
CreateFontIndirectA
SetTextColor
CreateCompatibleDC

winspool.drv

GetPrinterDriverDirectoryA
ClosePrinter
GetPrinterDataA
OpenPrinterA

advapi32

RegQueryValueExA
RegOpenKeyExA

shell32

ShellExecuteA

Sections

.text
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 148KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tc
Size: 204KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

088a2647c3d4e3392096d9973cc33500

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

Sections

.text Size: 204KB - Virtual size: 203KB

.rdata Size: 40KB - Virtual size: 36KB

.data Size: 12KB - Virtual size: 21KB

.rsrc Size: 148KB - Virtual size: 145KB

.tc Size: 204KB - Virtual size: 204KB

.text
Size: 204KB - Virtual size: 203KB

.rdata
Size: 40KB - Virtual size: 36KB

.data
Size: 12KB - Virtual size: 21KB

.rsrc
Size: 148KB - Virtual size: 145KB

.tc
Size: 204KB - Virtual size: 204KB