1b196071d42fd506a6174d4cffa2c4292b711ea3eaa99225ba31472b6ad7c067

Sharing

Copy URL

Twitter E-mail

General

Target

1b196071d42fd506a6174d4cffa2c4292b711ea3eaa99225ba31472b6ad7c067
Size

213KB
MD5

0d3fd18f21d4ca53b1578e14b3d965e8
SHA1

a06430e8888f0321468e0ea552cca32f6f6bf647
SHA256

1b196071d42fd506a6174d4cffa2c4292b711ea3eaa99225ba31472b6ad7c067
SHA512

f7cd47e3676c6978811fcaf3d19065d29bff5d5c082e8d0a6a9fb313381bde583d0cf521f0459177633e514e132ee1db69abb3084d7495dfbe169dc538806c78
SSDEEP

3072:W4PH8TmpMimFtf4ljvaZ/7WTURHsPNVWLT/rg3ohB6clZg67QUMTlw1w:WuFp/Sfwji5aTas3oND7QUMmw

Score

N/A

Malware Config

Signatures

Files

1b196071d42fd506a6174d4cffa2c4292b711ea3eaa99225ba31472b6ad7c067
.exe windows x86

b56b5dd6bbfb9d0358c9e4929ee17df6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
HeapSize
GetCPInfo
GetACP
GetOEMCP
GetTimeZoneInformation
RaiseException
HeapReAlloc
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
UnhandledExceptionFilter
HeapFree
GetStringTypeW
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetLocaleInfoA
GetCommandLineA
IsBadCodePtr
SetStdHandle
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
FormatMessageA
LocalFree
lstrlenA
FindResourceA
LoadResource
LockResource
GlobalFree
CloseHandle
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
lstrcatA
GetVersionExA
GetCurrentProcess
GetLastError
DeleteFileA
GetWindowsDirectoryA
WinExec
RtlUnwind
GetStartupInfoA
GetModuleHandleA
TerminateProcess
ExitProcess
FileTimeToSystemTime
GetTickCount
FileTimeToLocalFileTime
GetFileTime
SetErrorMode
GetFileSize
GetFileAttributesA
GetModuleFileNameA
GlobalAddAtomA
GetThreadLocale
FindFirstFileA
GetFullPathNameA
GetVolumeInformationA
GetProcAddress
FindClose
LoadLibraryA
SetEndOfFile
FreeLibrary
FlushFileBuffers
UnlockFile
LockFile
ReadFile
SetFilePointer
WriteFile
GetProcessVersion
CreateFileA
DuplicateHandle
lstrcpyA
SetLastError
WritePrivateProfileStringA
TlsGetValue
GlobalFlags
lstrcpynA
EnterCriticalSection
LocalReAlloc
TlsSetValue
GlobalReAlloc
LeaveCriticalSection
TlsAlloc
GlobalHandle
DeleteCriticalSection
MulDiv
InitializeCriticalSection
LocalAlloc
GlobalUnlock
GetVersion
GlobalGetAtomNameA
InterlockedDecrement
MultiByteToWideChar
WideCharToMultiByte
IsBadReadPtr
InterlockedIncrement
IsBadWritePtr
HeapCreate
VirtualFree
VirtualAlloc
Sleep
GetStringTypeA

user32

SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
SetMenu
ReuseDDElParam
UnpackDDElParam
BringWindowToTop
RegisterClipboardFormatA
PostThreadMessageA
UpdateWindow
SendDlgItemMessageA
SystemParametersInfoA
MapWindowPoints
GetSysColor
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScreenToClient
ScrollWindow
SetScrollInfo
ShowScrollBar
SetScrollRange
GetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetMenu
SetFocus
GetWindowTextA
GetDlgCtrlID
GetNextDlgGroupItem
InvalidateRect
SetRect
CopyAcceleratorTableA
UnhookWindowsHookEx
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetWindowRect
SetWindowLongA
RegisterWindowMessageA
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
MapDialogRect
SetWindowPos
GetWindow
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetParent
CharNextA
OffsetRect
CharUpperA
GetSysColorBrush
PtInRect
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
SetCursor
ShowOwnedPopups
PostQuitMessage
EnableWindow
IsIconic
GetSystemMetrics
DefWindowProcA
MessageBeep
CreateWindowExA
WindowFromPoint
GetClientRect
DrawIcon
SendMessageA
LoadIconA
ExitWindowsEx
FindWindowA
PostMessageA
MessageBoxA
GetClassNameA
ClientToScreen
GetDesktopWindow
LoadCursorA
ReleaseCapture
TabbedTextOutA
GrayStringA
DrawTextA
GetWindowDC
EndPaint
BeginPaint
DestroyMenu
ReleaseDC
GetDC
MoveWindow
LoadStringA
ShowWindow
SetWindowTextA
IsDialogMessageA
GetClassLongA
SetPropA
SetScrollPos
UnregisterClassA

gdi32

DeleteDC
RestoreDC
SelectObject
SaveDC
GetStockObject
SetViewportOrgEx
OffsetViewportOrgEx
SetMapMode
ScaleViewportExtEx
SetViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
SetTextColor
GetClipBox
DeleteObject
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
ExtTextOutA
Escape
TextOutA
GetBkColor
DPtoLP
GetTextColor
LPtoDP
GetMapMode
CreateBitmap
SetBkColor
GetObjectA

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegDeleteKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA

shell32

DragFinish
DragQueryFileA

comctl32

ord17
ImageList_Destroy

oledlg

ord8

ole32

CoFreeUnusedLibraries
CoRegisterMessageFilter
OleInitialize
CoTaskMemAlloc
CoTaskMemFree
CoGetClassObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CLSIDFromString
CLSIDFromProgID
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
OleUninitialize

oleaut32

SysAllocStringLen
SysFreeString
VariantClear
OleCreateFontIndirect
SysAllocString
VariantChangeType
SysAllocStringByteLen
SysStringLen

Sections

.text
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 20KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b56b5dd6bbfb9d0358c9e4929ee17df6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

oleaut32

Sections

.text Size: 136KB - Virtual size: 136KB

.rdata Size: 39KB - Virtual size: 39KB

.data Size: 20KB - Virtual size: 33KB

.rsrc Size: 16KB - Virtual size: 20KB

.text
Size: 136KB - Virtual size: 136KB

.rdata
Size: 39KB - Virtual size: 39KB

.data
Size: 20KB - Virtual size: 33KB

.rsrc
Size: 16KB - Virtual size: 20KB