b0dfdaf3035bd06ba826e547e90f39b95a4fa33b7219f10d6721070a37ef70f6

Sharing

Copy URL Twitter E-mail

General

Target

b0dfdaf3035bd06ba826e547e90f39b95a4fa33b7219f10d6721070a37ef70f6
Size

645KB
MD5

03d983cc1c78635c5fa593d7cdf11ce0
SHA1

df08bd1babc9e2eeb9e3d73fd8d89e82fa8cb950
SHA256

b0dfdaf3035bd06ba826e547e90f39b95a4fa33b7219f10d6721070a37ef70f6
SHA512

875fde12eec6f43617d86a9fd7f1dbd21443ee80b2ee00f41202f1bd3b0631186a1854070db6198e9fd5de924657b4f2c23d844881a6c31beb1ca9ecef4e125f
SSDEEP

12288:YYcP7XSQWc4Bv9ieGDywDkCS+KmvF9xma1239pGHNu4B2UhTiJle:YHs6DkCNxpXI4r108

Score

N/A

Malware Config

Signatures

Files

b0dfdaf3035bd06ba826e547e90f39b95a4fa33b7219f10d6721070a37ef70f6
.exe windows x86

846e8b0b5f67a22d3309b64e64a9d300

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetVolumeInformationA
GetFullPathNameA
MulDiv
FormatMessageA
lstrcmpA
InterlockedExchange
CompareStringA
GetLocaleInfoA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThread
GlobalDeleteAtom
FreeResource
GetCurrentProcessId
GetFileSizeEx
lstrcmpW
GlobalGetAtomNameA
GetModuleFileNameW
InterlockedDecrement
SetErrorMode
GetModuleHandleW
InterlockedIncrement
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetCurrentDirectoryA
GlobalFlags
GetCPInfo
GetOEMCP
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
SetUnhandledExceptionFilter
FlushFileBuffers
GetTimeFormatA
GetDateFormatA
GetStartupInfoA
RtlUnwind
HeapReAlloc
ExitProcess
HeapSize
GetACP
IsValidCodePage
HeapCreate
VirtualFree
GetStdHandle
LCMapStringW
LCMapStringA
GetStringTypeA
GetStringTypeW
SetHandleCount
GetFileType
GetConsoleCP
GetConsoleMode
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
InitializeCriticalSectionAndSpinCount
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
CompareStringW
SetEnvironmentVariableA
SetFilePointer
WriteFile
ReadFile
IsDebuggerPresent
SetLastError
VirtualAlloc
GetFileAttributesA
MoveFileW
MoveFileA
CreateDirectoryW
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileSize
lstrlenW
OpenMutexA
GetDriveTypeA
GetFileTime
lstrcatA
lstrcmpiA
CreateDirectoryA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
CreateFileA
LoadLibraryA
FreeLibrary
DeviceIoControl
RaiseException
OutputDebugStringA
GetCurrentThreadId
GetLocalTime
SetEvent
UnmapViewOfFile
MapViewOfFile
CreateEventA
CreateFileMappingA
GetPrivateProfileStringA
LocalFree
MultiByteToWideChar
GetTimeZoneInformation
RemoveDirectoryA
DeleteFileA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
WritePrivateProfileStringA
GetPrivateProfileIntA
WaitForSingleObject
GetVersionExA
Process32Next
Process32First
CreateToolhelp32Snapshot
CloseHandle
TerminateProcess
GetCommandLineA
Sleep
GetCurrentProcess
GlobalAddAtomA
GlobalFindAtomA
GetDiskFreeSpaceExA
GetTempPathA
SetFileAttributesA
FindNextFileW
DeleteFileW
SetFileAttributesW
RemoveDirectoryW
DeleteVolumeMountPointW
FindFirstFileW
GetLastError
lstrlenA
GetTickCount
FindClose
FindNextFileA
CopyFileA
FindFirstFileA
GetSystemDirectoryA
FindResourceA
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
UnhandledExceptionFilter
InitializeCriticalSection

user32

GetSysColorBrush
EndPaint
BeginPaint
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
ShowWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetForegroundWindow
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
UpdateWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
CopyRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
ExitWindowsEx
SetTimer
ClipCursor
EnableWindow
PtInRect
GetMenu
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetWindow
GetWindowThreadProcessId
GetLastActivePopup
MessageBoxA
SetWindowsHookExA
CallNextHookEx
IsWindowVisible
GetCursorPos
ValidateRect
SetMenuItemBitmaps
DestroyMenu
UnregisterClassA
GetSysColor
DestroyCursor
InvalidateRect
LoadCursorA
SetCursor
GetClientRect
KillTimer
FillRect
GetWindowTextA
SetCapture
wsprintfA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
GetKeyState
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
SendMessageA
EndDialog
PostQuitMessage
PostMessageA
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
CharUpperA
GetSystemMetrics

gdi32

ScaleViewportExtEx
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
GetObjectA
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
DeleteObject
SetMapMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetDeviceCaps
CreateSolidBrush
SelectObject
CreateFontIndirectA
GetStockObject

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegQueryValueA
RegEnumKeyA
RegOpenKeyA
RegEnumKeyExA
RegDeleteKeyA
RegCreateKeyA
FreeSid
SetNamedSecurityInfoA
SetEntriesInAclA
AllocateAndInitializeSid
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey

shell32

ShellExecuteExA
SHCreateDirectoryExA
SHChangeNotify
ShellExecuteA

shlwapi

PathFileExistsA
PathFindExtensionA
PathFileExistsW
PathStripToRootA
PathIsUNCA
PathFindFileNameA

oleaut32

VariantClear
VariantChangeType
VariantInit

ws2_32

htonl
ntohl

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

iphlpapi

GetAdaptersInfo
CreateIpNetEntry
GetPerAdapterInfo

Sections

.text
Size: 367KB - Virtual size: 367KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 11KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 105KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

846e8b0b5f67a22d3309b64e64a9d300

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oleaut32

ws2_32

version

iphlpapi

Sections

.text Size: 367KB - Virtual size: 367KB

.rdata Size: 75KB - Virtual size: 75KB

.data Size: 11KB - Virtual size: 30KB

.rsrc Size: 79KB - Virtual size: 79KB

.reloc Size: 105KB - Virtual size: 108KB

.text
Size: 367KB - Virtual size: 367KB

.rdata
Size: 75KB - Virtual size: 75KB

.data
Size: 11KB - Virtual size: 30KB

.rsrc
Size: 79KB - Virtual size: 79KB

.reloc
Size: 105KB - Virtual size: 108KB