dd1bd40413b6491b66edcee8f94b1860ecbf1694ac8e346939cafe7f85285470

Sharing

Copy URL Twitter E-mail

General

Target

dd1bd40413b6491b66edcee8f94b1860ecbf1694ac8e346939cafe7f85285470
Size

248KB
MD5

09d4e09d01b131cb5f21cd4d1f2ab3c1
SHA1

9526a2dc71da66a217798e486aef6146207d9966
SHA256

dd1bd40413b6491b66edcee8f94b1860ecbf1694ac8e346939cafe7f85285470
SHA512

661e803b667ff7344ec1d022c2992654aa6a23d40444aab445aacf0418c5ce8f25e8235aab0301917c5903bd632b34ea9904e24a48e5dd6b7de838b895d06a71
SSDEEP

3072:TY7hv6cSiucSpGu5b8TKVetokMzIwrbraEoi2M9vGj6Fs163yBLDL567tPQFft:41ucwlB2KVet3y/aDECBLqmH

Score

N/A

Malware Config

Signatures

Files

dd1bd40413b6491b66edcee8f94b1860ecbf1694ac8e346939cafe7f85285470
.exe windows x86

b84d36a88270461fe3b9854ea4034137

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
InterlockedIncrement
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
InterlockedDecrement
CreateSemaphoreA
IsBadReadPtr
ReleaseSemaphore
LocalFree
TerminateThread
CreateThread
GetExitCodeThread
LocalAlloc
IsBadWritePtr
InitializeCriticalSection
SetEvent
CreateEventA
OpenEventA
ResetEvent
SetLastError
GlobalFree
FindResourceA
LoadResource
GetVersionExA
GetLastError
Sleep
CreateProcessA
GetProcAddress
OutputDebugStringA
lstrlenW
GetComputerNameA
lstrcmpiA
lstrcpyA
lstrcatA
WideCharToMultiByte
MultiByteToWideChar
GlobalAlloc
GetSystemDirectoryA
WaitForMultipleObjects
GetFileAttributesA
CloseHandle
FreeLibrary
RtlUnwind
ResumeThread
GetStringTypeA
IsBadCodePtr
SetUnhandledExceptionFilter
SetFilePointer
ReadFile
LCMapStringW
LCMapStringA
HeapSize
DeviceIoControl
SetEndOfFile
CreateFileA
FlushFileBuffers
SetStdHandle
WriteFile
LoadLibraryA
WaitForSingleObject
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
HeapReAlloc
VirtualAlloc
RaiseException
GetACP
DeleteCriticalSection
VirtualFree
HeapCreate
GetOEMCP
TlsSetValue
UnhandledExceptionFilter
GetCPInfo
TlsAlloc
TlsGetValue
TerminateProcess
GetStringTypeW
GetCurrentProcess
ExitProcess
GetVersion
GetCommandLineA
HeapFree
HeapDestroy
GetModuleHandleA
GetStartupInfoA
ExitThread
HeapAlloc

user32

ShowWindow
DialogBoxParamA
RegisterWindowMessageA
SetWindowPos
GetWindowRect
GetDesktopWindow
IsDlgButtonChecked
SendMessageA
LoadIconA
SetDlgItemTextA
GetDlgItem
SetWindowTextA
EnumWindows
SetFocus
EnableWindow
ReleaseDC
GetDC
LoadStringA
GetWindowTextA
InvalidateRect
EndDialog
LoadBitmapA
wsprintfA

gdi32

SelectObject
DeleteObject
CreatePen
CreateSolidBrush
DeleteDC
BitBlt
CreateCompatibleDC
GetObjectA
Rectangle

winspool.drv

GetPrinterA
GetPrinterDriverDirectoryA
GetPrinterDriverA
SetPrinterA
SetJobA
EnumPrintersA
OpenPrinterA
EnumJobsA
GetJobA
SetPrinterDataA
GetPrinterDataA
ClosePrinter
EnumPortsA

advapi32

RegEnumKeyW
RegEnumKeyA
RegDeleteKeyA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegQueryValueExA
RegEnumValueA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegCreateKeyExA
RegFlushKey
RegEnumValueW

ole32

CoCreateInstance
CoTaskMemFree
CoUninitialize
CoInitialize

oleaut32

SysAllocStringByteLen
SysAllocString
LoadRegTypeLi
SafeArrayAccessData
SafeArrayUnaccessData
VariantInit
SafeArrayGetLBound
SysStringLen
SafeArrayCreate
SysAllocStringLen
SysFreeString
SafeArrayPutElement
VariantClear
SafeArrayGetUBound

Exports

Exports

GetEventIdList

Sections

.text
Size: 140KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.2rdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b84d36a88270461fe3b9854ea4034137

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 140KB - Virtual size: 138KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 12KB - Virtual size: 30KB

.rsrc Size: 4KB - Virtual size: 912B

.2rdata Size: 72KB - Virtual size: 72KB

.text
Size: 140KB - Virtual size: 138KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 12KB - Virtual size: 30KB

.rsrc
Size: 4KB - Virtual size: 912B

.2rdata
Size: 72KB - Virtual size: 72KB