d3a44b994aed11fac023c9315c89dfdf49827ba586ff8830334d205a570c9ace

Sharing

Copy URL Twitter E-mail

General

Target

d3a44b994aed11fac023c9315c89dfdf49827ba586ff8830334d205a570c9ace
Size

745KB
MD5

0a97bd098b33526b2215d96d184ffaa0
SHA1

a7979c3b3b0d095572e13db0a0a35d852193d014
SHA256

d3a44b994aed11fac023c9315c89dfdf49827ba586ff8830334d205a570c9ace
SHA512

ec6f880641b63ed41350699744bb83d16246562dc3c6f5b986b5d40f7bc2dc8eea87d0ef7dcefbfd9740046d15f6af6c126c421120a32da5e0bf9032e9d2b242
SSDEEP

12288:4jrVI0/Ebk6IRGZY/jQBdEqji52MY836LAb0+ksLPqfhdZUyv8:4jrV22jYk8MYy6LAasLAhdZUyv8

Score

N/A

Malware Config

Signatures

Files

d3a44b994aed11fac023c9315c89dfdf49827ba586ff8830334d205a570c9ace
.exe windows x86

0e8685faf4f85dc7e3de7f880c834cc4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
InterlockedExchange
LoadLibraryW
GetExitCodeProcess
IsDebuggerPresent
GetCPInfo
DebugBreak
GetFileSize
GetSystemTimeAsFileTime
CloseHandle
GetStringTypeW
QueryPerformanceCounter
IsValidCodePage
WideCharToMultiByte
VirtualQuery
HeapValidate
LoadResource
HeapCreate
CompareStringA
TlsGetValue
SetFilePointer
MultiByteToWideChar
GetLastError
LocalAlloc
GetModuleHandleA
HeapFree
lstrcpyA
GetEnvironmentStringsW
FreeEnvironmentStringsA
SetStdHandle
GlobalHandle
FileTimeToLocalFileTime
CreateFileA
GetCurrentProcess
GetCommandLineW
GetStartupInfoA
HeapAlloc
GetModuleFileNameA
FreeEnvironmentStringsW
GetConsoleCP
LCMapStringW
LeaveCriticalSection
GetStartupInfoW
DeleteCriticalSection
SetConsoleCtrlHandler
WriteFile
TlsSetValue
SystemTimeToFileTime
UnhandledExceptionFilter
HeapDestroy
WriteConsoleA
FlushFileBuffers
GetLocaleInfoA
GetTimeFormatA
ExitProcess
ReadFile
SetLastError
InterlockedIncrement
RaiseException
TerminateProcess
GlobalDeleteAtom
LCMapStringA
GetVersionExA
lstrcmpiA
SetCurrentDirectoryA
InitializeCriticalSection
IsBadReadPtr
OutputDebugStringA
LockResource
GetStringTypeA
GetCurrentThreadId
OutputDebugStringW
VirtualFree
SuspendThread
GetConsoleMode
GetProcessHeap
WriteConsoleW
GetStdHandle
SetEnvironmentVariableA
CreateMutexW
SetHandleCount
TlsFree
GetFileType
SizeofResource
LocalFileTimeToFileTime
GlobalUnlock
GetProcAddress
InterlockedDecrement
LoadLibraryA
TlsAlloc
GetTickCount
GetCommandLineA
SetFileTime
VirtualAlloc
GlobalLock
GetTimeZoneInformation
GetDateFormatA
GetVersion
GetCurrentProcessId
GetModuleFileNameW
SetUnhandledExceptionFilter
RtlUnwind
CompareStringW
GetModuleHandleW
EnterCriticalSection
WaitForSingleObject
GetEnvironmentStrings
GetConsoleOutputCP
HeapReAlloc
GetOEMCP

shell32

ord155
SHGetSpecialFolderLocation
ShellExecuteA

user32

SetDlgItemInt
GetScrollInfo
PeekMessageW
LoadBitmapW
MessageBoxW
ChildWindowFromPoint
SetCursor
KillTimer
DispatchMessageW
EnableWindow
GetClipboardData
IsWindowVisible
DeleteMenu
SetCapture
GetTopWindow
GetSysColorBrush
RegisterClassW
MoveWindow
SendDlgItemMessageW
GetWindow
TrackPopupMenuEx
CreateDialogIndirectParamW
PtInRect
IsChild
DestroyMenu
CallNextHookEx
GetWindowTextLengthW
TranslateMDISysAccel
GetDlgItem
DestroyWindow
SetWindowTextW
SetForegroundWindow
TrackPopupMenu
GetMenu
SetScrollPos
GetSystemMetrics
RegisterClassExW
IsRectEmpty
SetClipboardData
SendMessageW
SetFocus
UnregisterClassA
GetScrollPos
RegisterWindowMessageW
IsClipboardFormatAvailable
GetFocus
EnableMenuItem
CreateMenu
DefWindowProcW
GetWindowRect
CreateWindowExW
GetSysColor
SetRect
GetKeyState
LoadStringW
SetTimer
TranslateMessage
ScreenToClient
LoadAcceleratorsW
IsIconic
GetUpdateRect
PostMessageW
ShowWindow
SetWindowPos
EndDialog

gdi32

DeleteDC
GetTextColor
SetROP2
SetPolyFillMode
CreateDIBPatternBrushPt
SetViewportOrgEx
CreateDIBitmap
CreateRoundRectRgn
GetObjectA
RestoreDC
CreatePatternBrush
EndPage
GetWindowExtEx
TextOutA
Escape
StartPage
EndDoc
StretchDIBits
CreateCompatibleDC
PlayMetaFileRecord
GetPixel
FloodFill
SaveDC
GetTextFaceA
PolyDraw
ArcTo
SetMapperFlags
EnumMetaFile
CreateRectRgn
CreatePen
SetColorAdjustment
StretchBlt

advapi32

RegCreateKeyA
RegQueryValueA
RegOpenKeyExA
CloseServiceHandle
RegEnumKeyExA
RegEnumKeyA
AdjustTokenPrivileges
RegQueryValueExA
RegOpenKeyA
RegDeleteValueA
RegSetValueExA
RegCloseKey
CreateServiceA
RegSetValueA

ole32

OleGetClipboard
CoDisconnectObject
OleLoad
GetHGlobalFromILockBytes
CreateILockBytesOnHGlobal
CoGetClassObject
CLSIDFromProgID
CoTaskMemAlloc
CoRegisterClassObject
OleSetClipboard
StringFromGUID2
OleDestroyMenuDescriptor
CoRegisterMessageFilter
StringFromCLSID
CoLockObjectExternal
CoTaskMemFree
OleIsCurrentClipboard
CreateItemMoniker
StgCreateDocfileOnILockBytes
OleDuplicateData
OleUninitialize
OleTranslateAccelerator
OleCreateMenuDescriptor
IsAccelerator
CoInitialize
DoDragDrop
CoRevokeClassObject
CreateBindCtx
OleRun
CoFreeUnusedLibraries
OleInitialize
StgOpenStorageOnILockBytes
OleLockRunning

oleaut32

LoadTypeLi

winspool.drv

AddPrinterA
DocumentPropertiesA
AddPrinterDriverA
EnumPrinterDriversA
EnumJobsA
GetPrinterDriverDirectoryA
ClosePrinter
EnumPrintersA
ord204

Sections

.text
Size: 228KB - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 287KB - Virtual size: 287KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 150KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e8685faf4f85dc7e3de7f880c834cc4

Headers

File Characteristics

Imports

kernel32

shell32

user32

gdi32

advapi32

ole32

oleaut32

winspool.drv

Sections

.text Size: 228KB - Virtual size: 228KB

.rdata Size: 287KB - Virtual size: 287KB

.data Size: 77KB - Virtual size: 107KB

.rsrc Size: 150KB - Virtual size: 150KB

.text
Size: 228KB - Virtual size: 228KB

.rdata
Size: 287KB - Virtual size: 287KB

.data
Size: 77KB - Virtual size: 107KB

.rsrc
Size: 150KB - Virtual size: 150KB