873fe1998d38d9c4a60383dab15aacaaecc828e065da31ac4a57651843a75e7f

Sharing

Copy URL Twitter E-mail

General

Target

873fe1998d38d9c4a60383dab15aacaaecc828e065da31ac4a57651843a75e7f
Size

304KB
MD5

20284a505e3e2f4233607191dd305125
SHA1

2f7cbf67933037edd479c6a050941827d9f7eaa2
SHA256

873fe1998d38d9c4a60383dab15aacaaecc828e065da31ac4a57651843a75e7f
SHA512

2b4e934d29e2c0a102af55895ff62c1cb99228362cb9aa45041399c7ab4d2af5cb428ef69adb2278e2223d3bc60ae842ae48b57f3d16b0e95acadd63f5e88ba2
SSDEEP

3072:HiSsFPcNq5fVsiqSqETEK/DIQH8y3I+Jwr73HxhOKsuq6GdtCybJHyeM1/D6z2Id:HOVco5fVsiNqE/sBbh6zbbceMx6zx

Score

N/A

Malware Config

Signatures

Files

873fe1998d38d9c4a60383dab15aacaaecc828e065da31ac4a57651843a75e7f
.dll windows x86

a7af6477a34a790710fb5610bc4ad93c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
HeapFree
HeapAlloc
GetProcessHeap
RtlUnwind
ExitProcess
RaiseException
HeapReAlloc
HeapSize
Sleep
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
VirtualAlloc
GetCPInfo
GetACP
GetOEMCP
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
GetCurrentProcess
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetThreadLocale
GlobalFindAtomW
LoadLibraryA
GetVersionExA
InterlockedIncrement
GetModuleHandleA
GlobalFlags
WritePrivateProfileStringW
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedDecrement
GlobalFree
GlobalUnlock
FormatMessageW
LocalFree
lstrlenW
GetCurrentProcessId
GetLastError
SetLastError
GlobalAddAtomW
CloseHandle
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
GetModuleFileNameW
GetVersion
EnumResourceLanguagesW
GetLocaleInfoW
LoadLibraryW
WideCharToMultiByte
MultiByteToWideChar
InterlockedExchange
GlobalLock
lstrcmpW
GlobalAlloc
FreeLibrary
GlobalDeleteAtom
GetModuleHandleW
GetProcAddress
FindResourceW
LoadResource
LockResource
IsDebuggerPresent
SizeofResource

shlwapi

PathFindFileNameW
PathFindExtensionW

oleacc

LresultFromObject
CreateStdAccessibleObject

user32

UnregisterClassA
ShowWindow
RegisterWindowMessageW
LoadIconW
WinHelpW
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
IsWindow
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetClientRect
LoadCursorW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
CopyRect
DefWindowProcW
CallWindowProcW
SetWindowLongW
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
GetSysColor
ReleaseDC
GetDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameW
DestroyMenu
PtInRect
GetWindowTextW
SetWindowTextW
UnregisterClassW
UnhookWindowsHookEx
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetSysColorBrush
GetMenu
PostQuitMessage
PostMessageW
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuW
SendMessageW
GetParent
GetFocus
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
GetCursorPos
PeekMessageW
GetKeyState
IsWindowVisible
GetActiveWindow
GetWindowThreadProcessId
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxW
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
SetWindowPos

gdi32

ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
ExtTextOutW
GetStockObject
SetBkColor
RestoreDC
SaveDC
DeleteObject
GetDeviceCaps
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
CreateBitmap
TextOutW
RectVisible
PtVisible
GetClipBox
SetMapMode
SetTextColor
Escape

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegSetValueExW
RegCreateKeyExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

oleaut32

VariantClear
VariantChangeType
VariantInit

Exports

Exports

GetString

Sections

.text
Size: 124KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a7af6477a34a790710fb5610bc4ad93c

Headers

File Characteristics

Imports

kernel32

shlwapi

oleacc

user32

gdi32

winspool.drv

advapi32

oleaut32

Exports

Exports

Sections

.text Size: 124KB - Virtual size: 121KB

.rdata Size: 32KB - Virtual size: 29KB

.data Size: 80KB - Virtual size: 95KB

.rsrc Size: 44KB - Virtual size: 43KB

.reloc Size: 20KB - Virtual size: 17KB

.text
Size: 124KB - Virtual size: 121KB

.rdata
Size: 32KB - Virtual size: 29KB

.data
Size: 80KB - Virtual size: 95KB

.rsrc
Size: 44KB - Virtual size: 43KB

.reloc
Size: 20KB - Virtual size: 17KB