ad0be18a584745a7b80f94a28cfc4456ea6f69f4e72a791823f613b749d098f3

Sharing

Copy URL Twitter E-mail

General

Target

ad0be18a584745a7b80f94a28cfc4456ea6f69f4e72a791823f613b749d098f3
Size

157KB
MD5

0e03b1517af0d966aed28df2ae4b40ab
SHA1

08ac249646f81b108acba0d5079c9ab9af468f51
SHA256

ad0be18a584745a7b80f94a28cfc4456ea6f69f4e72a791823f613b749d098f3
SHA512

90184a669c8904c30b2999ef1fb352d28f6ca6709f3697e9677df9a6181a3b8936f37ca3ef66772c931226731aba9b31ce082bde872fcfe0c83a17c286f6b621
SSDEEP

3072:QWRM4J2XrBQu6o3jeRSEbWY9LKHzRvG3KBG3IDXz550CDxIn43Qw8ijf:QUfJ2XP6BSEbWY9+HVG6BG3WD5iCDmnW

Score

N/A

Malware Config

Signatures

Files

ad0be18a584745a7b80f94a28cfc4456ea6f69f4e72a791823f613b749d098f3
.dll windows x86

3c68e978c780cb62b9cb5c1fb99e4ed1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
InterlockedDecrement
InterlockedIncrement
GetLocaleInfoW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
DeleteCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DisableThreadLibraryCalls
Sleep
lstrlenW
lstrcmpW
GetTempPathW
GetTempFileNameW
GetFileSize
ReadFile
DeleteFileW
GetSystemTimeAsFileTime
FormatMessageW
LocalFree
GetCurrentDirectoryW
SetCurrentDirectoryW
OutputDebugStringA
GetModuleFileNameW
SetLastError
GetLastError
GetVersion
GetProcAddress
GetModuleHandleW
GetModuleHandleA
LoadLibraryW
LoadLibraryA
GetPrivateProfileSectionNamesW
GetPrivateProfileIntW
WritePrivateProfileStringW
GetFileAttributesW
SetFileAttributesW
GetPrivateProfileStringW
GetTimeZoneInformation
FileTimeToSystemTime
GetSystemTime
SystemTimeToTzSpecificLocalTime
GetDateFormatW
GetTimeFormatW
GlobalFree
lstrlenA
OpenFile
GlobalReAlloc
_lclose
_llseek
CreateFileW
CreateFileMappingW
MapViewOfFile
GlobalAlloc
UnmapViewOfFile
CloseHandle
_lread
GlobalLock
GlobalUnlock
MulDiv
GetCurrentProcessId

msvcrt

?terminate@@YAXXZ
_onexit
__dllonexit
??1type_info@@UAE@XZ
_adjust_fdiv
_initterm
wcsncmp
wcsstr
_wcslwr
swscanf
_vsnwprintf
malloc
free
wcschr
iswdigit
_except_handler3
__RTDynamicCast
_wtoi
_itow
_purecall
wcscmp
wcstod
??2@YAPAXI@Z
wcslen
_vsnprintf
??3@YAXPAX@Z
__CxxFrameHandler
wcsrchr

user32

DestroyMenu
TrackPopupMenu
AppendMenuW
CreatePopupMenu
ChildWindowFromPointEx
GetDlgCtrlID
ReleaseDC
GetDC
MessageBeep
ReleaseCapture
MapWindowPoints
GetWindowRect
GetDlgItem
SetWindowLongW
GetWindowLongW
PtInRect
EndPaint
BeginPaint
MessageBoxW
GetWindowTextW
GetWindowTextLengthW
SetWindowPos
SetRect
GetSystemMetrics
GetWindow
DialogBoxParamW
FillRect
LoadStringW
SetWindowTextW
ShowWindow
SetCapture
GetCapture
ScreenToClient
IsWindowVisible
EndDialog
SetFocus
GetSysColor
WinHelpW
GetDlgItemInt
MoveWindow
SendMessageW
SetDlgItemInt
IsDlgButtonChecked
SetDlgItemTextW
InflateRect

winspool.drv

GetPrinterDataW
GetPrinterDriverW
OpenPrinterW
ClosePrinter
DeviceCapabilitiesW
GetFormW

gdi32

RealizePalette
SelectPalette
LPtoDP
EndPath
TextOutW
BeginPath
Escape
GetPath
RestoreDC
StrokeAndFillPath
CreateSolidBrush
FillPath
SetTextColor
CreatePatternBrush
CreateBitmap
StrokePath
SetROP2
CreatePen
SetBkMode
SetTextAlign
GetTextMetricsW
SelectObject
SetStretchBltMode
SetViewportOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetMapMode
GetDeviceCaps
SaveDC
IntersectClipRect
DeleteDC
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
ModifyWorldTransform
SetGraphicsMode
SelectClipRgn
CreateRectRgn
EndDoc
EndPage
StartPage
StartDocW
CreateDCW
ExtEscape
GetTextExtentPoint32W
StretchDIBits
CreatePalette
CreateFontIndirectW
DeleteObject

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

Exports

Exports

?WmEditorDlgProc@@YGHPAUHWND__@@IIJ@Z
?XfcDefaultDlgProc@@YGHPAUHWND__@@IIJ@Z
xGenerateWmPDL
xGenerateWmPDLCleanup
xWmDelete
xWmDraw
xWmDrawPreview
xWmEdit
xWmFindWatermark
xWmGetMacroId
xWmGetNumOfWatermarks
xWmGetType
xWmNew
xWmSetMacroId

Sections

.text
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3c68e978c780cb62b9cb5c1fb99e4ed1

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

winspool.drv

gdi32

advapi32

Exports

Exports

Sections

.text Size: 82KB - Virtual size: 82KB

.data Size: 65KB - Virtual size: 65KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 82KB - Virtual size: 82KB

.data
Size: 65KB - Virtual size: 65KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 5KB - Virtual size: 4KB