6c7578181ecbecb3526d49a98cc2648d079d05241547ca5a95b94c4d91314402

Sharing

Copy URL Twitter E-mail

General

Target

6c7578181ecbecb3526d49a98cc2648d079d05241547ca5a95b94c4d91314402
Size

650KB
MD5

0a745d935bdec94d332adde3935ccacb
SHA1

967fb2f9f270e32be09ceeac02dcb8c425ef0d41
SHA256

6c7578181ecbecb3526d49a98cc2648d079d05241547ca5a95b94c4d91314402
SHA512

16a71e17a30586f6f28f89bbbc8631f56dd20f460026c9c0a4ed5101cf4024a497e52c35bd535ca5aadcc525602f5b571ce8b8a350efb8860a1756b12e2aca00
SSDEEP

12288:jn/JkTlDhiPXI+DSmeIEKibFERXtbiAGWR2Z1x/l41P:j2ViPI/gXtWAGWuxAP

Score

N/A

Malware Config

Signatures

Files

6c7578181ecbecb3526d49a98cc2648d079d05241547ca5a95b94c4d91314402
.exe windows x86

9ec656bf6c10dda97bc286a6234f1c72

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleNumberOfCommandsW
SetLocalTime
VirtualUnlock
AssignProcessToJobObject
GlobalDeleteAtom
WriteConsoleInputW
FormatMessageW
FindNextVolumeMountPointW
IsValidLocale
GetLocalTime
Process32NextW
EnumDateFormatsExW
AddAtomA
GetProcAddress
GetEnvironmentStringsA
GetHandleInformation
WaitForMultipleObjectsEx
LoadLibraryA
SetConsoleOutputCP
GetSystemTime
FreeLibrary
FlushInstructionCache
VirtualAlloc
GetModuleHandleA
GetVersion

gdi32

GetCharWidthI
ExcludeClipRect
SelectClipPath
SetAbortProc
GetStockObject
CopyEnhMetaFileA
GetROP2
CreateEllipticRgnIndirect
AngleArc
CreateEnhMetaFileA
StartDocW
GetTextMetricsA
PtVisible
SetWorldTransform
MoveToEx
CreateCompatibleDC
SaveDC
GetTextExtentPointA
SetROP2
DeleteDC
DeviceCapabilitiesExW
GetEnhMetaFilePaletteEntries
GetTextCharsetInfo
ColorCorrectPalette
SetBoundsRect
StartPage
GetObjectA
GdiComment
CreateCompatibleBitmap
SetDCPenColor
TranslateCharsetInfo
CreateDIBSection
SelectClipRgn
GdiDeleteSpoolFileHandle
GdiFlush
EudcLoadLinkW
GetGlyphIndicesW
GetEnhMetaFileA
SetPixelFormat
GetOutlineTextMetricsW
GetMetaFileW
GetNearestPaletteIndex
SelectFontLocal
CreateDIBPatternBrush
SetMetaFileBitsEx
SetTextJustification
SelectObject
CombineRgn
SetBitmapBits
ExtEscape

advapi32

LsaQuerySecurityObject
ObjectDeleteAuditAlarmA
CreateRestrictedToken
LsaQuerySecret
LsaOpenAccount
AddAuditAccessAce
SystemFunction017
GetServiceDisplayNameW
LsaICLookupNames
SystemFunction028
RegisterServiceCtrlHandlerW
LsaQueryInformationPolicy
ChangeServiceConfigA
QueryServiceConfigW

shell32

StrRStrA
DoEnvironmentSubstA
SHGetSettings
ExtractIconExA
SHChangeNotify
StrChrIW
SHGetSpecialFolderPathW

opengl32

glScaled
glVertex3s
glColor4uiv
glStencilOp
wglDeleteContext
glEvalCoord2d
glColor3sv
wglCopyContext
glStencilMask
glEvalCoord2fv
glRasterPos4d
glVertexPointer
glTexCoord2fv
glLoadMatrixd
glVertex2d
glTexParameterfv
wglShareLists
glMatrixMode
glColor4iv
glDrawPixels
glPushClientAttrib
glVertex4s
glColor4ui
glBitmap
glTexCoord1dv
glTexGendv
glGetTexImage
glLightModeli
glGetTexParameterfv
glColor3ub
glAreTexturesResident
glVertex3dv
glTexCoord4iv
glEvalCoord1f
glNormal3iv
glPointSize
glLightModelfv
glMateriali
glGetTexParameteriv
glNormal3fv
glRectf
glVertex3fv
glIndexfv
glTexCoord4dv
glColor4i
glFogi
glRasterPos2dv
glTexGend
glGetBooleanv
glEndList
wglMakeCurrent
glNewList
glTexEnviv
wglCreateContext
glLoadMatrixf
glInitNames
glPolygonStipple
glPixelMapuiv
glDisable
glGetPixelMapusv
glTexCoord1s
glTexCoord3f
glTexGenfv
glEvalPoint2
glSelectBuffer
glGetLightfv
glTexCoord1d
glTexCoord2i
glNormal3b
glColor3b
glColor4sv
glDepthFunc
glVertex2dv
glEdgeFlagv
glLineStipple
glColor3d
glLogicOp
glEdgeFlag
glHint
glVertex2fv
glRasterPos3s
glColor4fv
glNormal3sv
glNormalPointer
glVertex3iv
glColor4dv
wglRealizeLayerPalette
glVertex4f

winmm

mciGetDeviceIDA
mciSendStringA
mciGetCreatorTask
midiOutGetDevCapsA
midiInUnprepareHeader
mciSendCommandA
waveOutGetPosition
waveInOpen
waveInGetDevCapsA
midiStreamOpen
wid32Message
mmioCreateChunk
midiOutLongMsg
midiStreamRestart
OpenDriver
waveOutPause
mixerGetLineControlsW
waveInPrepareHeader
joySetThreshold
mixerGetLineControlsA
waveInUnprepareHeader
mmioAdvance
mciSendStringW
mmioStringToFOURCCW
mciGetErrorStringA
mmioSetBuffer
mciGetErrorStringW
midiOutGetVolume
joyGetDevCapsW
WOWAppExit
PlaySoundA
wod32Message
midiStreamOut
waveOutBreakLoop
timeGetTime
sndPlaySoundW
mmioInstallIOProcW
timeBeginPeriod
midiStreamStop
mmTaskBlock
waveOutGetVolume
joyGetDevCapsA
waveInStart
waveInClose
DriverCallback
timeGetSystemTime
mmioFlush
midiOutCacheDrumPatches
midiStreamClose

winspool.drv

DocumentEvent
EndPagePrinter
EnumPrintersW
EnumPortsW
ord102
GetPrintProcessorDirectoryA
GetJobW
EnumJobsA
FreePrinterNotifyInfo
ord209
GetPrinterDataW
DeletePrintProvidorW
ResetPrinterA
ord214
AddMonitorW
DeleteFormW
StartDocDlgA
ord212
DeletePrinterDataExA
WaitForPrinterChange
DocumentPropertySheets
ord215
DeletePrinterKeyW
AddPrinterDriverExW
EnumPrintProcessorDatatypesW
DeletePrinterConnectionA
GetPrinterDataA
DeviceMode
EnumPrinterDataExA
AddPrinterConnectionA
ord205
CommitSpoolData
GetFormW
SeekPrinter
DevicePropertySheets
EnumMonitorsA
ExtDeviceMode
QueryColorProfile
FindClosePrinterChangeNotification
GetPrintProcessorDirectoryW
DeletePrinterDataExW
SetPrinterW
StartDocDlgW
DeleteMonitorA
DeletePrinterDriverExA
PrinterProperties
AddPortW
ResetPrinterW
SetPortW
ConvertUnicodeDevModeToAnsiDevmode
SetJobW
DeletePrintProcessorA
DocumentPropertiesA
AddPrinterDriverExA
DeletePrintProvidorA
DeletePrinterKeyA
DeletePrinter
DeletePrinterDataA
GetPrinterDriverA
GetPrinterW
ord213
AddPrintProcessorW
DocumentPropertiesW
DevQueryPrint
AddFormA
ord100
EnumFormsW
EnumPrintProcessorDatatypesA
EnumPrinterKeyW
EnumPortsA
AddPrintProcessorA
EnumPrinterDataA
OpenPrinterA
AddPortExW
DevQueryPrintEx
AddFormW
GetPrinterDriverDirectoryA
GetPrinterA
EnumJobsW
XcvDataW
GetPrinterDriverDirectoryW
ord208
EXTDEVICEMODE
SetFormA
ord256
DeviceCapabilitiesW
GetSpoolFileHandle
DeletePrinterDriverA
PlayGdiScriptOnPrinterIC
AddPortA
DeleteMonitorW

msvcrt

_mbsset
_mbsninc
_mbclen
fread
__lc_codepage
_mbsbtype
__setlc_active
__unDName
pow
asctime
__lconv_init
_endthread
_heapmin
_gcvt
printf
_mbslen
_ismbbprint
strtod
_wfopen
ferror
ftell
wcsxfrm
_except_handler2
_close
isdigit
__p__timezone
freopen
_unlink
gmtime
_chsize
_fcvt
fputs
__p__mbcasemap
_rmdir
_fileinfo
fopen
_strnicoll
iswalpha
_wcsnset
fputc
__iscsymf
_wmkdir
_wspawnl
__RTDynamicCast
_winmajor
fclose
_wgetenv
_execve
_lfind
_setmode
fwrite
_pwctype
memset
_wctime
fprintf
_ctype
calloc
isxdigit
sprintf
_XcptFilter
_adj_fdiv_m32i
_isnan
fwprintf
__p__winver
wscanf
_CIlog
_mbsicmp
_mbsnbicmp
_endthreadex
strncpy
fsetpos
fseek
sqrt
strncat
_osver
_findfirst
__CxxFrameHandler
feof
_Getmonths
_commit

Sections

.text
Size: 620KB - Virtual size: 618KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9ec656bf6c10dda97bc286a6234f1c72

Headers

File Characteristics

Imports

kernel32

gdi32

advapi32

shell32

opengl32

winmm

winspool.drv

msvcrt

Sections

.text Size: 620KB - Virtual size: 618KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 12KB - Virtual size: 9KB

.text
Size: 620KB - Virtual size: 618KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 12KB - Virtual size: 9KB