fe56a8bd8da257a7de406c87cd8814ff6eb32b52eedf91bb79ad7dc55cb5b2e6

Sharing

Copy URL Twitter E-mail

General

Target

fe56a8bd8da257a7de406c87cd8814ff6eb32b52eedf91bb79ad7dc55cb5b2e6
Size

304KB
MD5

03472e510068cc32f175af4531141961
SHA1

32bebcb3157d5677f9510da05bf7909164151d3b
SHA256

fe56a8bd8da257a7de406c87cd8814ff6eb32b52eedf91bb79ad7dc55cb5b2e6
SHA512

6b09c7f699bd87dc13e4352cd28ccfef712cfbfcb9778e2b236c31423c130a7e0b7d1b4766158fcf14cacaf099c5eff2ea3c20d7c6f7594113ab08ad2f7917f0
SSDEEP

6144:GHe7pJKuJ6tJvj4Q/08fBdAKLeTrB70h2kjXEM4OEX9gvnB1Xps:GGU4Q/08fBCKqT9t2XEM4O5/7p

Score

N/A

Malware Config

Signatures

Files

fe56a8bd8da257a7de406c87cd8814ff6eb32b52eedf91bb79ad7dc55cb5b2e6
.exe windows x86

9eb818e441a0a15e4c5a45d9264ce72a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleCP
GetLocaleInfoA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetConsoleMode
HeapCreate
VirtualAlloc
VirtualFree
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
ExitProcess
HeapSize
HeapReAlloc
GetStartupInfoW
HeapFree
HeapAlloc
RtlUnwind
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
CreateDirectoryW
GetLocalTime
GetModuleHandleA
SetEndOfFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GlobalFlags
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
LoadLibraryW
LoadLibraryA
lstrcmpW
GetVersionExA
lstrlenA
lstrcmpA
WideCharToMultiByte
GetCurrentProcessId
LockResource
TlsFree
GlobalFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalAlloc
GlobalHandle
GlobalUnlock
GlobalReAlloc
GlobalLock
TlsGetValue
SetLastError
OpenEventW
PulseEvent
InitializeCriticalSectionAndSpinCount
GetCommandLineW
SetEvent
GetCurrentThreadId
CreateTimerQueue
CreateTimerQueueTimer
GetVersionExW
CreateThread
Sleep
GetCurrentThread
GetCurrentProcess
DeleteTimerQueue
WaitForSingleObject
CreateEventW
LocalAlloc
LocalFree
ExpandEnvironmentStringsW
DeleteFileW
CreateFileW
CloseHandle
LoadLibraryExW
GetProcessHeap
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
FreeLibrary
GetModuleFileNameW
InterlockedDecrement
InterlockedIncrement
lstrcmpiW
GetModuleHandleW
GetProcAddress
GetLastError
DeleteCriticalSection
InitializeCriticalSection
RaiseException
lstrlenW
EnterCriticalSection
GetStdHandle
LeaveCriticalSection

user32

WinHelpW
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
LoadIconW
CharNextW
TranslateMessage
DispatchMessageW
IsWindow
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
GetClientRect
PostMessageW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterWindowMessageW
AdjustWindowRectEx
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
CopyRect
PtInRect
GetMenu
SetWindowLongW
SetWindowPos
GetMessageW
LoadStringW
PostThreadMessageW
CharUpperW
UnhookWindowsHookEx
MessageBoxW
EnableWindow
IsWindowEnabled
GetLastActivePopup
GetWindowLongW
GetParent
SendMessageW
GetWindowThreadProcessId
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
ValidateRect
PeekMessageW
GetKeyState
SetWindowTextW
ClientToScreen
DestroyMenu
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
PostQuitMessage
RegisterClassW
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetWindowTextW
LoadCursorW
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
SetWindowsHookExW
CallNextHookEx

gdi32

Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
PtVisible
TextOutW
RectVisible
SetMapMode
GetDeviceCaps
CreateBitmap
GetClipBox
SetTextColor
SetBkColor
DeleteObject
ExtTextOutW
RestoreDC
SaveDC

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

StartServiceCtrlDispatcherW
RegisterServiceCtrlHandlerW
CreateWellKnownSid
OpenThreadToken
OpenProcessToken
SetSecurityDescriptorDacl
ControlService
DeleteService
CreateServiceW
InitializeAcl
AddAccessAllowedAce
GetAclInformation
AddAce
GetAce
GetTokenInformation
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
InitializeSecurityDescriptor
IsValidSid
GetLengthSid
CopySid
RegQueryValueExW
RegisterEventSourceW
ReportEventW
DeregisterEventSource
SetServiceStatus
OpenSCManagerW
OpenServiceW
CloseServiceHandle
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW

shell32

SHGetFolderPathW

ole32

CoResumeClassObjects
CoInitializeSecurity
CoCreateInstance
StringFromGUID2
CoUninitialize
CoRevokeClassObject
CoSuspendClassObjects
CoInitializeEx
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoFreeUnusedLibraries
CoSetProxyBlanket
CoRegisterClassObject

oleaut32

VarUI4FromStr
SysStringLen
LoadRegTypeLi
LoadTypeLi
SysAllocString
VariantChangeType
VariantInit
RegisterTypeLi
UnRegisterTypeLi
SafeArrayCreateVector
SafeArrayPutElement
SafeArrayDestroy
VariantClear
SysFreeString

oleacc

CreateStdAccessibleObject
LresultFromObject

Sections

.text
Size: 151KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 10KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 86KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9eb818e441a0a15e4c5a45d9264ce72a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

oleacc

Sections

.text Size: 151KB - Virtual size: 150KB

.rdata Size: 50KB - Virtual size: 50KB

.data Size: 10KB - Virtual size: 33KB

.rsrc Size: 86KB - Virtual size: 88KB

.text
Size: 151KB - Virtual size: 150KB

.rdata
Size: 50KB - Virtual size: 50KB

.data
Size: 10KB - Virtual size: 33KB

.rsrc
Size: 86KB - Virtual size: 88KB