c79b0607ce836ec79ced1d2f013f9906d529e77dbf3b51bf09f0fa7f8012b632

Sharing

Copy URL Twitter E-mail

General

Target

c79b0607ce836ec79ced1d2f013f9906d529e77dbf3b51bf09f0fa7f8012b632
Size

772KB
MD5

2914ca1c8595e04f67130b1e9792c281
SHA1

6cc650ab7038aea491919d9293ba83facf4f24e6
SHA256

c79b0607ce836ec79ced1d2f013f9906d529e77dbf3b51bf09f0fa7f8012b632
SHA512

08bc2c69182d7fe2a1938aa574b49cc0f33d05a68a1f2a68532660913d002e585cb627816fa52ee5d639a18197f768496771643720a5a7af327c98a7ac767a44
SSDEEP

12288:qrmGSPQjuaRNTQrTb7ismpCof6DDFHhDSrL+FR6iSG2Z:qqGSQarTb7TmCMZ

Score

N/A

Malware Config

Signatures

Files

c79b0607ce836ec79ced1d2f013f9906d529e77dbf3b51bf09f0fa7f8012b632
.exe windows x86

b09b01cf7197ce2e4e4cea167de0eaca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

UuidCreate
UuidToStringA
RpcStringFreeA

kernel32

GlobalDeleteAtom
CompareStringA
GetModuleFileNameA
GetWindowsDirectoryA
GetSystemDirectoryA
FlushInstructionCache
VirtualQuery
LoadLibraryA
GetVersionExA
GlobalFlags
IsBadCodePtr
IsBadReadPtr
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetTickCount
GetModuleHandleA
LCMapStringA
GetSystemInfo
VirtualProtect
GetDateFormatA
GetTimeFormatA
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
TerminateProcess
HeapSize
ExitProcess
GetOEMCP
GetSystemTimeAsFileTime
RaiseException
RtlUnwind
HeapReAlloc
HeapFree
HeapAlloc
ResetEvent
GetFileTime
FileTimeToLocalFileTime
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
FileTimeToSystemTime
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
GetVersion
GetCurrentProcess
LocalFree
QueryPerformanceFrequency
QueryPerformanceCounter
GetTimeZoneInformation
SystemTimeToTzSpecificLocalTime
GetCurrentProcessId
LocalAlloc
ReleaseMutex
GetCommandLineW
GetCurrentThreadId
Sleep
FreeLibrary
LeaveCriticalSection
EnterCriticalSection
InterlockedIncrement
CreateThread
WaitForSingleObject
CloseHandle
SetEvent
InterlockedDecrement
GetLastError
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
CreateFileA
InitializeCriticalSection
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
SetStdHandle
SetEnvironmentVariableA
GetStringTypeA

advapi32

RegCloseKey

user32

CopyRect
CallNextHookEx
GetKeyState
ValidateRect
SetWindowPos
GetWindowPlacement
IsIconic
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
UnhookWindowsHookEx
GetSystemMetrics
GetSysColorBrush
GetSysColor
ReleaseDC
GetDC
IsWindowEnabled
GetLastActivePopup
GetParent
ClientToScreen
GetFocus
PtInRect
GetWindowRect
SystemParametersInfoA
AdjustWindowRectEx
GetMenu
GetClientRect
SetForegroundWindow
MapWindowPoints
GetMessagePos
GetMessageTime
DestroyWindow
GetTopWindow
GetForegroundWindow
GetCapture
GetMenuCheckMarkDimensions
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
DestroyMenu
PostQuitMessage
GetDlgItem
GetWindow
GetDlgCtrlID

gdi32

SetBkColor
RestoreDC
SaveDC
GetDeviceCaps
DeleteObject
PtVisible
RectVisible
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetMapMode
ScaleWindowExtEx
DeleteDC
CreateBitmap
GetStockObject
SetTextColor
GetClipBox
SetWindowExtEx

shell32

SHGetFolderPathW

winspool.drv

ClosePrinter

oleacc

LresultFromObject
CreateStdAccessibleObject

comctl32

ord17

shlwapi

PathFindFileNameW
PathIsUNCW
PathStripToRootW
PathFindExtensionW

ole32

CoReleaseMarshalData
CreateStreamOnHGlobal
CoMarshalInterface
CoUnmarshalInterface
StringFromCLSID
CLSIDFromProgID
OleRun
CoInitialize
CoUninitialize
StringFromGUID2
CoCreateInstance
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
CoRegisterClassObject
CoRevokeClassObject
CoCreateGuid

oleaut32

SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
VariantCopy
VariantInit
VariantChangeType
SysAllocStringLen
VariantClear
VarUdateFromDate
VarBstrFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
SysStringByteLen
SysAllocStringByteLen
SysStringLen
LoadRegTypeLi
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
GetErrorInfo
SafeArrayGetElement

Sections

.text
Size: 504KB - Virtual size: 503KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 168KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mrdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b09b01cf7197ce2e4e4cea167de0eaca

Headers

File Characteristics

Imports

rpcrt4

kernel32

advapi32

user32

gdi32

shell32

winspool.drv

oleacc

comctl32

shlwapi

ole32

oleaut32

Sections

.text Size: 504KB - Virtual size: 503KB

.rdata Size: 168KB - Virtual size: 165KB

.data Size: 16KB - Virtual size: 30KB

.rsrc Size: 12KB - Virtual size: 9KB

.mrdata Size: 68KB - Virtual size: 68KB

.text
Size: 504KB - Virtual size: 503KB

.rdata
Size: 168KB - Virtual size: 165KB

.data
Size: 16KB - Virtual size: 30KB

.rsrc
Size: 12KB - Virtual size: 9KB

.mrdata
Size: 68KB - Virtual size: 68KB