8123bcf04d36c44b7353bb8c89750998cfcd8fc97ca17cfb247afaa3bec94905

Sharing

Copy URL Twitter E-mail

General

Target

8123bcf04d36c44b7353bb8c89750998cfcd8fc97ca17cfb247afaa3bec94905
Size

348KB
MD5

0ce764cbc44b395400f25a79e727ceac
SHA1

5ebe46375164773856854a629c860ec310aca824
SHA256

8123bcf04d36c44b7353bb8c89750998cfcd8fc97ca17cfb247afaa3bec94905
SHA512

7f3b9453d27cd3391a6be2872146e0d311f6e9c2d4b5e2233b9d43f6a69ed1e6a5793dc933aa6aa8e04a510dc26e829fbe2858fcb51eafcd7869db9157e90c7d
SSDEEP

6144:or2zMVyflr9I+Qdcf8rVkvgRKlGed6FPewWJJLKO37DCaySdVKP8:or2zMVyfN9I+Qdc/vgRKlR4PewIJFr

Score

N/A

Malware Config

Signatures

Files

8123bcf04d36c44b7353bb8c89750998cfcd8fc97ca17cfb247afaa3bec94905
.exe windows x86

6268dad584d21468cca3dfb179cd44d9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
ExitProcess
HeapReAlloc
ExitThread
HeapSize
TerminateProcess
FatalAppExitA
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
QueryPerformanceCounter
GetCurrentProcessId
LCMapStringA
LCMapStringW
GetStdHandle
UnhandledExceptionFilter
GetModuleFileNameW
FreeEnvironmentStringsA
GetEnvironmentStrings
HeapAlloc
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetConsoleCtrlHandler
SetStdHandle
GetLocaleInfoW
SetEnvironmentVariableA
GetFileTime
GetFileAttributesA
SetFileAttributesA
SetFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
DeleteFileA
MoveFileA
SetErrorMode
GetCurrentDirectoryA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetOEMCP
GetCPInfo
GetCurrentThread
GlobalFlags
FindResourceExA
lstrcpyA
SuspendThread
ResumeThread
SetThreadPriority
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
lstrcmpW
GetModuleHandleA
lstrcmpA
SystemTimeToFileTime
FileTimeToSystemTime
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
InterlockedIncrement
InitializeCriticalSection
RaiseException
VirtualProtect
SetLastError
GlobalFree
CopyFileA
MulDiv
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
GetSystemDefaultLangID
ConvertDefaultLocale
EnumResourceLanguagesA
OutputDebugStringA
CreateFileA
DeviceIoControl
InterlockedDecrement
GetSystemTimeAsFileTime
GetSystemPowerStatus
GetProcAddress
FreeLibrary
LoadLibraryA
FindResourceA
LoadResource
LockResource
SizeofResource
CreateNamedPipeA
CreateThread
GetOverlappedResult
ResetEvent
ConnectNamedPipe
ReadFile
InterlockedExchange
TerminateThread
WriteFile
DisconnectNamedPipe
InitializeCriticalSectionAndSpinCount
WaitForSingleObject
DeleteCriticalSection
GetTickCount
Sleep
EnterCriticalSection
LeaveCriticalSection
LocalFree
FormatMessageA
lstrcpynA
WaitForMultipleObjects
SetWaitableTimer
CreateEventA
CreateWaitableTimerA
SetEvent
CloseHandle
GetStringTypeExW
GetStringTypeExA
GetEnvironmentVariableW
GetEnvironmentVariableA
CompareStringW
CompareStringA
GetModuleFileNameA
lstrlenA
lstrcmpiW
lstrlenW
lstrcmpiA
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
FreeEnvironmentStringsW

user32

GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
IsWindow
GetForegroundWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
LoadIconA
PeekMessageA
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
GetKeyState
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
UpdateWindow
GetClientRect
GetMenu
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetClassInfoA
RegisterClassA
SetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
OffsetRect
IntersectRect
SystemParametersInfoA
GetClassInfoExA
GetWindowPlacement
CharLowerA
CharLowerW
CharUpperA
CharUpperW
wsprintfA
LoadStringA
RemoveMenu
GetDesktopWindow
CopyRect
PtInRect
GetWindow
GetWindowTextLengthA
GetWindowTextA
MessageBoxA
GetLastActivePopup
LoadCursorA
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
UnregisterClassA
MapDialogRect
SetWindowPos
ShowWindow
EnableWindow
GetCapture
GetActiveWindow
SetActiveWindow
GetAsyncKeyState
GetFocus
SetFocus
GetWindowRect
PostMessageA
SendMessageA
GetWindowLongA
GetParent
GetDlgItem
IsWindowEnabled
UnhookWindowsHookEx
GetMenuState
GetMenuStringA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
CreateWindowExA
WinHelpA
RegisterWindowMessageA
EndDialog
CreateDialogIndirectParamA
GetNextDlgTabItem
CheckDlgButton
CheckRadioButton
GetDlgItemInt
GetDlgItemTextA
SetDlgItemInt
SetDlgItemTextA
IsDlgButtonChecked
IsDialogMessageA
SetWindowTextA
MoveWindow
ScrollWindowEx
ValidateRect
GetCursorPos
TranslateMessage
GetMessageA
LoadBitmapA
GetMenuCheckMarkDimensions
CheckMenuItem
EnableMenuItem
ModifyMenuA
SetMenuItemBitmaps
FillRect
DestroyIcon
DeleteMenu
ShowOwnedPopups
SetCursor
PostQuitMessage
DestroyMenu
GetMenuItemInfoA
InflateRect
GetDialogBaseUnits
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
IsIconic
TabbedTextOutA
IsChild

gdi32

TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
DeleteDC
CreateDIBPatternBrushPt
CreatePatternBrush
RectVisible
GetStockObject
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
GetTextExtentPoint32A
GetTextMetricsA
CreateFontIndirectA
EnumFontFamiliesExA
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
PatBlt
DPtoLP
PtVisible
StartDocA
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
DeleteObject
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
CreateDCA
CopyMetaFileA
CreateCompatibleDC
GetDeviceCaps

comdlg32

GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

StartServiceCtrlDispatcherA
RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyA
RegSetValueA
RegEnumValueA
RegDeleteValueA
RegCreateKeyA
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumKeyExA
RegQueryValueExA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
ReportEventA
CreateServiceA
ChangeServiceConfigA
ChangeServiceConfig2A
StartServiceA
RegisterServiceCtrlHandlerExA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
DeleteService
ControlService
QueryServiceStatus
SetServiceStatus
RegisterEventSourceA
DeregisterEventSource

shell32

ExtractIconA
SHGetFileInfoA

comctl32

DestroyPropertySheetPage
CreatePropertySheetPageA
PropertySheetA
ord17

shlwapi

PathFindExtensionA
PathRemoveExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA

ole32

StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
CoTreatAsClass
SetConvertStg
CoTaskMemFree
CoInitialize
CoCreateInstance
CoUninitialize
CreateBindCtx
CoTaskMemAlloc
ReleaseStgMedium
OleDuplicateData
CoDisconnectObject
StringFromGUID2
CLSIDFromString
WriteFmtUserTypeStg

oleaut32

SafeArrayPutElement
SafeArrayGetElement
SafeArrayCopy
SafeArrayAllocDescriptor
SafeArrayAllocData
VariantCopy
VariantChangeType
SafeArrayRedim
VariantClear
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysStringByteLen
SysAllocStringByteLen
SysStringLen
SysFreeString
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SysAllocStringLen
VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocString
SysReAllocStringLen
VarDateFromStr
VarBstrFromDec
VarDecFromStr
VarCyFromStr
VarBstrFromCy
VarBstrFromDate
VariantInit
GetErrorInfo
SetErrorInfo
CreateErrorInfo
SafeArrayPtrOfIndex

isdi

??1Sdi@@QAE@XZ
??0Sdi@@QAE@_N@Z
?getHandle@Sdi@@QAEPAXPBD@Z
?getTable@Sdi@@QAE?AW4_Error@1@W4_TableType@1@PAX1@Z
?getHandles@Sdi@@QAE?AW4_Error@1@PAPAXPAKKPAXKK@Z
?getCount@Sdi@@QAEKKPAXKK@Z
?rescan@Sdi@@QAEXXZ

Sections

.text
Size: 260KB - Virtual size: 259KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6268dad584d21468cca3dfb179cd44d9

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

isdi

Sections

.text Size: 260KB - Virtual size: 259KB

.rdata Size: 64KB - Virtual size: 61KB

.data Size: 8KB - Virtual size: 23KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 260KB - Virtual size: 259KB

.rdata
Size: 64KB - Virtual size: 61KB

.data
Size: 8KB - Virtual size: 23KB

.rsrc
Size: 12KB - Virtual size: 11KB