f76b888afad3396668be7870283207a16066143ee1d0b0f1ccafdeed0840d73d

Sharing

Copy URL

Twitter E-mail

General

Target

f76b888afad3396668be7870283207a16066143ee1d0b0f1ccafdeed0840d73d
Size

478KB
MD5

00ea2cecc5baa85e50f2e8e2c925f1c0
SHA1

ac2b43ce5cd02f973d24b1c966837d392e776c2b
SHA256

f76b888afad3396668be7870283207a16066143ee1d0b0f1ccafdeed0840d73d
SHA512

7e2f8e906818824ed91ffcf172f05b0e6281d48e723c82b14991160499cafdcba16199acfaa4513bb7a5898750cc23ab528906a10c5c981566f565860557e74c
SSDEEP

12288:763W1k33QjBVXiOrmsQCp4p0/96eoK/D:OUfp4p016eoK/D

Score

N/A

Malware Config

Signatures

Files

f76b888afad3396668be7870283207a16066143ee1d0b0f1ccafdeed0840d73d
.exe windows x86

e3664884baf851a8c25bc096201723aa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

userenv

GetUserProfileDirectoryW

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInstanceIdW
SetupDiOpenDevRegKey
SetupDiCallClassInstaller
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
SetupDiGetDeviceRegistryPropertyW
SetupGetStringFieldW
SetupOpenInfFileW
SetupDiGetINFClassW
SetupDiClassGuidsFromNameW
SetupFindFirstLineW
SetupFindNextLine
SetupCloseInfFile
SetupGetFieldCount
SetupDiRemoveDevice
SetupCopyOEMInfW
SetupDiGetClassDevsW
SetupDiEnumDeviceInfo

rasapi32

RasDeleteEntryW

kernel32

GlobalLock
GlobalAlloc
GlobalFree
SetLastError
lstrcmpW
InterlockedExchange
GetLocaleInfoW
lstrcmpA
EnumResourceLanguagesW
ConvertDefaultLocale
GetCurrentThreadId
GlobalDeleteAtom
SetErrorMode
GetModuleHandleA
FreeResource
GetVersionExA
LoadLibraryA
GlobalFindAtomW
GlobalAddAtomW
InterlockedIncrement
InterlockedDecrement
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
lstrlenA
GlobalUnlock
GlobalFlags
SetFilePointer
SetEndOfFile
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
HeapAlloc
RtlUnwind
RaiseException
HeapReAlloc
ExitProcess
HeapSize
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetCPInfo
GetOEMCP
IsValidCodePage
LCMapStringW
VirtualAlloc
GetConsoleCP
GetConsoleMode
LCMapStringA
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateFileA
lstrlenW
MulDiv
SetFileAttributesW
CreateThread
CompareStringW
WideCharToMultiByte
WritePrivateProfileStringW
FlushFileBuffers
WriteFile
ReadFile
LocalFree
FormatMessageW
GetModuleFileNameW
GetVersionExW
SetEvent
CreateEventW
SetThreadPriority
GetACP
GetUserDefaultUILanguage
GetCurrentThread
DeleteFileW
TerminateProcess
Sleep
GetTickCount
GetExitCodeProcess
GetSystemDirectoryW
GetWindowsDirectoryW
FindClose
FindNextFileW
FindFirstFileW
FreeLibrary
LoadLibraryW
GetCommandLineW
GetModuleHandleW
GetProcAddress
DeviceIoControl
CreateFileW
GetCurrentProcess
GetLastError
CreateDirectoryW
OpenProcess
GetCurrentProcessId
MultiByteToWideChar
CloseHandle
WaitForSingleObject
CreateProcessW
FindResourceW
LoadResource
LockResource
SizeofResource
InterlockedCompareExchange
GetProcessHeap

user32

SetWindowTextW
IsDialogMessageW
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
DispatchMessageW
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
GetKeyState
SetMenu
SetForegroundWindow
UpdateWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
PtInRect
DefWindowProcW
CallWindowProcW
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
GetWindow
GetClientRect
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
CopyRect
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
MessageBoxW
GetSysColor
EndPaint
BeginPaint
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
PostQuitMessage
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
EnumWindows
GetClassNameW
IsWindowVisible
GetParent
EnumChildWindows
CharLowerW
GetWindowRect
KillTimer
SendMessageW
SetTimer
GetDlgCtrlID
SetWindowLongW
EnableWindow
IsWindow
PostMessageW
GetWindowThreadProcessId
DestroyMenu
SetCursor
GetMessageW
TranslateMessage
GetCursorPos
ValidateRect
LoadCursorW
GetSysColorBrush
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetMenu
ShowWindow

gdi32

SetMapMode
GetClipBox
RectVisible
TextOutW
ExtTextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
DPtoLP
DeleteObject
SetTextColor
SetBkColor
RestoreDC
SaveDC
GetDeviceCaps
CreateFontIndirectW
GetObjectW
PtVisible
CreateBitmap
GetCurrentObject

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegQueryValueW
RegOpenKeyW
RegEnumKeyExW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegDeleteValueW
RegDeleteKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegCloseKey
RegEnumValueW
OpenProcessToken
RegEnumKeyW

shlwapi

PathFindFileNameW
PathFindExtensionW

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 330KB - Virtual size: 329KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 812B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 70KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qvbkhaq
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e3664884baf851a8c25bc096201723aa

Headers

DLL Characteristics

File Characteristics

Imports

userenv

setupapi

rasapi32

kernel32

user32

gdi32

winspool.drv

advapi32

shlwapi

oleaut32

Sections

.text Size: 330KB - Virtual size: 329KB

.rdata Size: 65KB - Virtual size: 65KB

.data Size: 10KB - Virtual size: 26KB

.rsrc Size: 1024B - Virtual size: 812B

.reloc Size: 70KB - Virtual size: 71KB

qvbkhaq Size: - Virtual size: 4KB

.text
Size: 330KB - Virtual size: 329KB

.rdata
Size: 65KB - Virtual size: 65KB

.data
Size: 10KB - Virtual size: 26KB

.rsrc
Size: 1024B - Virtual size: 812B

.reloc
Size: 70KB - Virtual size: 71KB

qvbkhaq
Size: - Virtual size: 4KB