55d59f5398735ba84ba3a57ccdf97c3e81dcc321b585497868152a1f2bbf2e8b

Sharing

Copy URL Twitter E-mail

General

Target

55d59f5398735ba84ba3a57ccdf97c3e81dcc321b585497868152a1f2bbf2e8b
Size

189KB
MD5

0776b1f75617fd7434bfdc33f118d421
SHA1

93100e0fd65d3c6af582f7db2975419dffde0f59
SHA256

55d59f5398735ba84ba3a57ccdf97c3e81dcc321b585497868152a1f2bbf2e8b
SHA512

d5e912960d180fb2704f1a63209446aa15b030194b4eb45b35b95add6dc7ba4784017c1586f5864cc7c3562c791fdfb433a33ae520165c5a5f9985b4fd55eef3
SSDEEP

3072:pXiJmwgV1gIROMNRecKtboTlVw9eai+G8v734uF7jM8NWtNBntAie:lwgV78d8b8vfFE8WzBtA/

Score

N/A

Malware Config

Signatures

Files

55d59f5398735ba84ba3a57ccdf97c3e81dcc321b585497868152a1f2bbf2e8b
.exe windows x86

773c587e91702f2c121c356f533cdc78

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

WSACleanup
WSAStartup
gethostbyname
WSAGetLastError

kernel32

GetProcessVersion
lstrcmpA
GlobalFlags
GetCPInfo
GetOEMCP
GetCurrentProcess
WriteFile
SetFilePointer
FlushFileBuffers
CreateThread
ExitThread
RtlUnwind
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapAlloc
HeapFree
RaiseException
HeapSize
HeapReAlloc
TerminateProcess
GetACP
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
SetStdHandle
IsBadReadPtr
IsBadCodePtr
lstrcatA
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetModuleHandleA
GetCurrentThreadId
ResumeThread
GetVersion
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalAlloc
GlobalReAlloc
GlobalLock
GlobalHandle
GlobalUnlock
GlobalFree
TlsAlloc
LocalAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrcpynA
SetLastError
MultiByteToWideChar
InterlockedDecrement
InterlockedIncrement
LocalFree
lstrlenA
WideCharToMultiByte
GetVersionExA
GetModuleFileNameA
CreateProcessA
CloseHandle
GetLastError
GetCurrentThread
SetThreadPriority
OpenMutexA
CreateMutexA
ReleaseMutex
LoadLibraryA
GetProcAddress
FreeLibrary

user32

GetClientRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
LoadIconA
SetWindowTextA
LoadCursorA
GetSysColorBrush
ReleaseDC
GetDC
GetClassNameA
PtInRect
ClientToScreen
DestroyMenu
TabbedTextOutA
DrawTextA
GrayStringA
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
CopyRect
GetWindowTextA
GetDlgCtrlID
DestroyWindow
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
GetFocus
GetNextDlgTabItem
GetKeyState
CallNextHookEx
PeekMessageA
SetWindowsHookExA
UnhookWindowsHookEx
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
SendMessageA
MessageBoxA
EnableWindow
LoadStringA
PostMessageA
DefWindowProcA
PostQuitMessage
CreateWindowExA
RegisterClassExA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
GetDlgItem
EnableMenuItem

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyA
RegCloseKey
RegQueryValueExA

shell32

ShellExecuteA

comctl32

ord17

gdi32

GetStockObject
SelectObject
SetMapMode
RestoreDC
SaveDC
DeleteDC
DeleteObject
GetDeviceCaps
GetObjectA
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
SetBkColor
SetTextColor
GetClipBox
ScaleViewportExtEx
CreateBitmap
SetWindowExtEx
ScaleWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

773c587e91702f2c121c356f533cdc78

Headers

File Characteristics

Imports

wsock32

kernel32

user32

advapi32

shell32

comctl32

gdi32

winspool.drv

Sections

.text Size: 64KB - Virtual size: 63KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 16KB - Virtual size: 27KB

.rsrc Size: 84KB - Virtual size: 84KB

.text
Size: 64KB - Virtual size: 63KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 16KB - Virtual size: 27KB

.rsrc
Size: 84KB - Virtual size: 84KB