18db7174301f14ccc160546cc028fd060ac31321fef92f372151684427a2206b

Sharing

Copy URL

Twitter E-mail

General

Target

18db7174301f14ccc160546cc028fd060ac31321fef92f372151684427a2206b
Size

328KB
MD5

0fd9e33708beeb135d6807842b1a5a10
SHA1

707da52b2d4f513c416e76b39c7ffff921bb727a
SHA256

18db7174301f14ccc160546cc028fd060ac31321fef92f372151684427a2206b
SHA512

abe3ef0009082acc63c1f6d79bc7bcb8bc091fd88958f0f259b75a70017de344829ade54f0abf432607a534937c1b7584b5c04aa777a83db6482d12a0df7f478
SSDEEP

6144:ngvNwcdUeNXEVZ8djVOHqezJ4Yi3Wx5wBCD+UuVrGxoYtKe4OKkeLDD2:cDdUeO8z6qnq

Score

N/A

Malware Config

Signatures

Files

18db7174301f14ccc160546cc028fd060ac31321fef92f372151684427a2206b
.exe windows x86

a6ee2b547fd74cd98512004a3ecd61bb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winspool.drv

ord204
EnumJobsW
GetPrinterA
EnumPrintersW
OpenPrinterA
DeviceCapabilitiesA
EnumPrintersA
SetPrinterW
GetPrinterW
DocumentPropertiesA
GetJobW
DeviceCapabilitiesW
ClosePrinter
OpenPrinterW
DocumentPropertiesW

comctl32

ImageList_SetOverlayImage
ImageList_GetImageInfo
ImageList_GetIconSize
ImageList_LoadImageA
DestroyPropertySheetPage
PropertySheetW
_TrackMouseEvent
ImageList_Add
ImageList_ReplaceIcon
ImageList_BeginDrag
PropertySheetA
ImageList_DrawEx
ImageList_Remove
ImageList_DragEnter
ImageList_GetImageCount
ImageList_SetBkColor
ImageList_Destroy
ImageList_GetIcon
ImageList_Create
ImageList_Read
ImageList_DragLeave
ImageList_EndDrag
ImageList_Write
CreatePropertySheetPageA
CreatePropertySheetPageW
ImageList_SetDragCursorImage
ImageList_DrawIndirect
ord17
ImageList_AddMasked
InitCommonControlsEx
ImageList_GetBkColor
ImageList_Draw
ImageList_LoadImageW

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerInstallFileA

ole32

ReleaseStgMedium
CoCreateInstance
OleRegEnumVerbs
OleLockRunning
CreateStreamOnHGlobal
OleRegGetMiscStatus
CreateILockBytesOnHGlobal
StgOpenStorage
StgCreateDocfile
CoTaskMemRealloc
CoUninitialize
RevokeDragDrop
OleSetContainedObject
OleFlushClipboard
CoFreeUnusedLibraries
OleSaveToStream
OleSetClipboard
StgOpenStorageOnILockBytes
CoTaskMemFree
CoDisconnectObject
OleCreateStaticFromData
CoTaskMemAlloc
RegisterDragDrop
CoLockObjectExternal
CreateBindCtx
StringFromCLSID
StgCreateDocfileOnILockBytes
CLSIDFromProgID
WriteClassStm
OleIsCurrentClipboard
CLSIDFromString
OleRun
CoInitializeEx
CoGetClassObject
CoInitialize
CreateOleAdviseHolder
WriteClassStg
OleInitialize
CoInitializeSecurity
IIDFromString
GetHGlobalFromILockBytes
CoRevokeClassObject
OleDuplicateData
CoRegisterMessageFilter
OleGetClipboard
OleUninitialize

kernel32

MoveFileA
GlobalLock
CreateFileA
GetFileSize
GetTempFileNameA
CreateSemaphoreA
GetCurrentThreadId
CreateThread
SetEnvironmentVariableA
GetCurrentProcessId
GetModuleHandleW
EnterCriticalSection
GetFileAttributesW
GetDriveTypeW
HeapSize
GetStringTypeExA
GlobalHandle
LeaveCriticalSection
GetTimeFormatA
IsValidCodePage
GetThreadLocale
GetCurrentDirectoryW
IsValidLocale
SetThreadPriority
GetACP
TerminateThread
VirtualFreeEx
FindNextFileA
GlobalAddAtomA
ConvertDefaultLocale
FreeEnvironmentStringsW
GetSystemInfo
WriteConsoleW
GetComputerNameW
GetModuleFileNameW
LocalFileTimeToFileTime
WritePrivateProfileStringA
QueryPerformanceFrequency
IsBadCodePtr
RaiseException
OutputDebugStringW
SetEndOfFile
RemoveDirectoryA
InterlockedDecrement
FindClose
TlsFree
LoadLibraryW
VirtualFree
GetFullPathNameA
GetProcAddress
LoadResource
IsBadWritePtr
lstrcpynA
GetCurrentProcess
VirtualAlloc
InterlockedExchange
GetSystemTime
lstrlenW
GetConsoleMode
GetEnvironmentVariableW
GetModuleFileNameA
GlobalFindAtomA
LoadLibraryA
VirtualUnlock
GetProfileStringA
QueryPerformanceCounter
SetHandleCount
InitializeCriticalSection
GetTimeZoneInformation
MultiByteToWideChar
GetCPInfo
VirtualQuery
GlobalFree
LocalUnlock
CreateMutexA
DeleteCriticalSection
GetDateFormatA
GetCommandLineA
DuplicateHandle
RtlUnwind
ReadFile
SuspendThread
TlsSetValue
LocalAlloc
GetExitCodeThread
DeleteFileA
WriteConsoleA
TerminateProcess
GetEnvironmentStringsW
GetLastError
GetOEMCP
WriteFile
GetStartupInfoA
GetTempPathA
FindResourceA
GetSystemDirectoryA
GetVersionExW
FatalAppExitA
UnhandledExceptionFilter
GetThreadPriority
GetExitCodeProcess
MulDiv
IsBadReadPtr
TlsAlloc
CompareStringA
TlsGetValue
GetFileAttributesA
CompareStringW
WinExec
ExitProcess
GetStringTypeW
FindResourceW
LoadLibraryExW
CloseHandle
GetEnvironmentStrings
lstrlenA
LocalFree
WaitForSingleObject
SetStdHandle
SizeofResource
GetLocaleInfoA
GlobalUnlock
GetTickCount
GlobalReAlloc
lstrcmpA
GetLocaleInfoW
LCMapStringW
SystemTimeToFileTime
IsDebuggerPresent
lstrcpyA
PulseEvent
GlobalAlloc
GetEnvironmentVariableA
SetCurrentDirectoryA
CreateFileMappingA
GetSystemTimeAsFileTime
GetShortPathNameW
SetErrorMode
OpenMutexA
ResetEvent
GlobalMemoryStatus
FreeEnvironmentStringsA
DeleteFileW
GetWindowsDirectoryA
GetUserDefaultLangID
SetUnhandledExceptionFilter
HeapReAlloc
GetLocalTime
GetStdHandle
SetEvent
SetFilePointer
EnumSystemLocalesA
GetModuleHandleA
FindFirstFileW
GetTempPathW
GetStringTypeA
SetLastError
GetProcessHeap
HeapDestroy
LoadLibraryExA
WideCharToMultiByte
GetFileType
FileTimeToLocalFileTime
CreateFileW
GetCurrentThread
GetPrivateProfileStringA
CreateEventA
SetFileAttributesW
GetFullPathNameW
HeapFree
HeapCreate
QueryDosDeviceA
GlobalDeleteAtom
FileTimeToSystemTime
FindNextFileW
GetDriveTypeA
ResumeThread
FlushFileBuffers
GetLogicalDrives
lstrcpyW
LockResource
CreateProcessA
GetCommandLineW
GetVersion
CreateDirectoryA
FormatMessageA
Sleep
GetDiskFreeSpaceA
LocalReAlloc
lstrcmpW
CreateProcessW
HeapAlloc
GetPrivateProfileIntA
PeekNamedPipe
GetUserDefaultLCID
OpenProcess
InterlockedIncrement
MapViewOfFile
GetShortPathNameA
FreeLibrary
GlobalGetAtomNameA
WaitForMultipleObjects
LCMapStringA

user32

LockWindowUpdate
CreateIconFromResourceEx
SetFocus
GetWindowRect
DrawFocusRect
GetMessagePos
GetClassInfoExW
LoadAcceleratorsA
SetCursor
IsChild
GetScrollRange
LoadBitmapW
IsWindow
SystemParametersInfoA
SetWindowLongW
LoadStringA
SetDlgItemTextW
ScrollWindow
SetMenu
TranslateAcceleratorA
LoadCursorW
ValidateRect
RegisterClipboardFormatA
DrawStateA
LoadImageW
SendDlgItemMessageA
PostQuitMessage
CallWindowProcW
GetDialogBaseUnits
CloseClipboard
InflateRect
CharUpperA
SendDlgItemMessageW
GetWindowThreadProcessId
GetPropA
WinHelpW
DefWindowProcA
GetSystemMenu
GetMessageW
LoadIconA
RedrawWindow
DestroyMenu
CreateAcceleratorTableA
DeferWindowPos
wsprintfW
GetWindowTextA
PostThreadMessageA
EndDeferWindowPos
GetWindowTextW
RegisterClassExW
DestroyIcon
SetWindowLongA
EnableWindow
OffsetRect
HideCaret
GetKeyboardLayout
GetActiveWindow
GetClassInfoA
RegisterClassExA
PostThreadMessageW
DrawTextExA
DrawEdge
OpenClipboard
DrawTextW
AdjustWindowRectEx
SetWindowPlacement
DdeFreeDataHandle
RemovePropW
SetWindowsHookExA
GetCursorPos
CreateDialogParamA
MapWindowPoints
GetSubMenu
MessageBoxW
SetRectEmpty
wsprintfA
GetSysColor
DispatchMessageA
SendMessageA
CheckDlgButton
SetForegroundWindow
GetMessageA
MoveWindow
ModifyMenuA
GetCursor
CreateMenu
MessageBoxA
LoadMenuA
PeekMessageW
ChildWindowFromPoint
SetWindowTextA
DialogBoxParamW
InsertMenuA
TranslateAcceleratorW
TranslateMessage
SetCaretPos
SetWindowTextW
TrackPopupMenu
WindowFromPoint
IsWindowVisible
GetMenuCheckMarkDimensions
GetClassNameW
SystemParametersInfoW
GetCapture
MessageBeep
LoadCursorA
RegisterClassA
DrawTextExW
CheckMenuItem
GetWindow
CreateWindowExW
CreateDialogIndirectParamW
SetCapture
GetTopWindow
UnpackDDElParam
DdeNameService
MapDialogRect
GetMenuItemRect
GetClipboardFormatNameW
CreateDialogIndirectParamA
ReleaseCapture
GetForegroundWindow
DrawIconEx
GetMenu
GetClientRect
GetKeyState
FindWindowA
CopyAcceleratorTableW
RemovePropA
ChangeDisplaySettingsW
InvalidateRect
DrawIcon
ShowScrollBar
BeginDeferWindowPos
UnionRect
SetScrollPos
CopyRect
GetClassLongA
GetNextDlgTabItem
EnumWindows
UpdateWindow
TabbedTextOutA
ClientToScreen
DispatchMessageW
DdeCreateStringHandleA
SetDlgItemTextA
DialogBoxParamA
EndPaint
DestroyCursor
UnregisterClassA
EnableMenuItem
IsWindowUnicode
RegisterWindowMessageA
SetTimer
GetDesktopWindow
SetWindowRgn
IsIconic
GetSysColorBrush
DeleteMenu
ScreenToClient
GetMessageTime
FindWindowW
GetAncestor
AppendMenuA
DrawMenuBar
IsClipboardFormatAvailable
InsertMenuItemW
GetPropW
LoadImageA
GetClassNameA
GetClassInfoExA
GetAsyncKeyState
KillTimer
RemoveMenu
GetMenuStringW
ShowWindow
SetParent
RegisterWindowMessageW
GetDlgItemInt
ReleaseDC
BeginPaint
DestroyWindow
GetWindowLongA
PostMessageW
DefWindowProcW
GetMenuState
MapVirtualKeyW
GetMenuItemCount
BringWindowToTop
FillRect
FrameRect
GrayStringA
SendMessageW
IsDialogMessageA
GetMenuItemID
GetSystemMetrics
CharNextA
UnregisterClassW
IsWindowEnabled
GetDlgItem
InsertMenuItemA
EndDialog
SetRect
LoadBitmapA
GetParent
SetWindowPos
IsDlgButtonChecked
GetLastActivePopup
MonitorFromPoint
WaitMessage
GetWindowPlacement
DrawTextA
WinHelpA
GetTabbedTextExtentA
IsMenu
CallWindowProcA
GetScrollInfo
OemToCharA
IntersectRect
PtInRect
UnhookWindowsHookEx
LoadIconW
CallNextHookEx
GetScrollPos
CreateWindowExA
SetWindowsHookExW
GetNextDlgGroupItem
SetActiveWindow
GetFocus
PostMessageA
LoadMenuW
SetScrollInfo
CopyImage
PeekMessageA
SetMenuItemBitmaps
GetUpdateRect
GetDlgCtrlID
SetMenuDefaultItem
EqualRect
GetDC
ShowCaret
SetMenuItemInfoA
DefFrameProcA
GetWindowDC

advapi32

RevertToSelf
GetSecurityInfo
FreeSid
SetServiceStatus
RegCreateKeyExA
RegCreateKeyExW
DeregisterEventSource
RegDeleteValueW
ControlService
RegSetValueExA
RegDeleteKeyW
RegSetValueA
AccessCheck
RegEnumValueA
MapGenericMask
GetSecurityDescriptorDacl
RegEnumValueW
RegEnumKeyExW
DeleteService
AddAce
ImpersonateSelf
OpenServiceA
InitializeSecurityDescriptor
IsValidSecurityDescriptor
StartServiceA
RegDeleteValueA
AllocateAndInitializeSid
AddAccessAllowedAce
DuplicateToken
OpenProcessToken
SetSecurityDescriptorGroup
CreateProcessAsUserA
RegDeleteKeyA
RegOpenCurrentUser
RegCreateKeyA
CopySid
RegOpenKeyExW
SetSecurityDescriptorDacl
GetUserNameA
SetSecurityDescriptorOwner
RegQueryInfoKeyW
RegQueryValueA
GetLengthSid
SetFileSecurityA
InitializeAcl
RegEnumKeyW
RegQueryValueExW
RegEnumKeyA
RegSetValueExW
RegOpenKeyA
RegEnumKeyExA
QueryServiceStatus
CloseServiceHandle
EqualSid
OpenSCManagerA
RegOpenKeyExA
RegQueryValueExA
GetTokenInformation
AdjustTokenPrivileges
RegCloseKey
LookupPrivilegeValueA
GetFileSecurityA

oleaut32

LoadTypeLi

shell32

Shell_NotifyIconA
SHGetDesktopFolder
DragFinish
SHGetPathFromIDListA
SHGetSpecialFolderLocation
ShellExecuteW
SHGetFolderPathW
SHGetPathFromIDListW
SHBrowseForFolderA
ShellExecuteExW
ord155
SHFileOperationW
ShellExecuteA
ExtractIconA
DragQueryFileA
SHGetMalloc
DragAcceptFiles
SHGetFileInfoW
SHChangeNotify

gdi32

GetDCOrgEx
GetViewportExtEx
SetTextAlign
SetViewportOrgEx
AbortDoc
SetPolyFillMode
SetTextColor
SetColorAdjustment
CreateFontIndirectA
CreatePolygonRgn
GetDIBits
GetPaletteEntries
CreateSolidBrush
GetCurrentPositionEx
MoveToEx
CreateCompatibleBitmap
SetMiterLimit
StartDocA
GetTextExtentPoint32W
SetAbortProc
BeginPath
CreateDCW
CopyMetaFileA
GetWindowExtEx
DrawEscape
PlgBlt
CreateFontIndirectW
PatBlt
CreateEllipticRgn
UpdateColors
ExtFloodFill
GetCharWidthW
ArcTo
CreateDiscardableBitmap
GetCharWidthA
RestoreDC
CreateBrushIndirect
SetBkMode
LPtoDP
SetViewportExtEx
Polygon
CreateEllipticRgnIndirect
PolyDraw
CreateHatchBrush
CreateFontA
CreateBitmap
ScaleViewportExtEx
GetTextExtentPoint32A
GetClipBox
SetWindowExtEx
GdiComment
GetRegionData
StretchBlt
SetDCPenColor
PolyPolyline
GetCharABCWidthsFloatA
ScaleWindowExtEx
FrameRgn
GetBrushOrgEx
CreateFontW
SelectClipRgn
GetColorAdjustment
DeleteDC
GetBkColor
StartPage
GetNearestColor
GetMapMode
GetTextMetricsW
EnumFontFamiliesExA
GetKerningPairsA
EnumMetaFile
EndDoc
Ellipse
OffsetViewportOrgEx
EnumFontFamiliesExW
AbortPath
PlayMetaFileRecord
EnumObjects
ExtSelectClipRgn
WidenPath
InvertRgn
RectVisible
EndPage
ExcludeClipRect
CreatePatternBrush
PtVisible
BitBlt
GetStretchBltMode
CreateDIBitmap
SelectObject
AngleArc
FillRgn
SetDCBrushColor
EndPath
StrokePath
RectInRegion
GetEnhMetaFilePaletteEntries
SetBrushOrgEx
GetRgnBox
SetPixelV
CreateDIBPatternBrushPt
GetMiterLimit
LineDDA
TextOutW
GetObjectW
DeleteObject
GetCharWidthFloatA
GetDeviceCaps
SetDIBitsToDevice
LineTo
AnimatePalette
DPtoLP
Rectangle
RealizePalette
CombineRgn
FillPath
RoundRect
StrokeAndFillPath
CreateDCA
OffsetRgn
CloseFigure
SelectPalette
ExtTextOutA
CreateCompatibleDC
IntersectClipRect
GetViewportOrgEx
GetObjectA
ExtCreateRegion
GetCurrentObject
GetGlyphOutlineA
GetTextMetricsA
Polyline
GetTextColor
PaintRgn
GetTextAlign
OffsetWindowOrgEx
TextOutA
Escape
GetObjectType
StretchDIBits
CreateRectRgn
SetTextCharacterExtra
GetStockObject
GetTextCharsetInfo
GetTextExtentPointA
SetTextJustification
PtInRegion
GetPolyFillMode
SetROP2
SaveDC
CreateRoundRectRgn
SetBkColor
GetCharABCWidthsW
CreatePen
GetAspectRatioFilterEx
GetBoundsRect
CreateRectRgnIndirect
SetMapMode
SetStretchBltMode
GetWindowOrgEx
GetFontData
GetPixel
SetPixel
SetMapperFlags

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a6ee2b547fd74cd98512004a3ecd61bb

Headers

File Characteristics

Imports

winspool.drv

comctl32

version

ole32

kernel32

user32

advapi32

oleaut32

shell32

gdi32

Sections

.text Size: 64KB - Virtual size: 63KB

.rdata Size: 84KB - Virtual size: 81KB

.data Size: 72KB - Virtual size: 85KB

.rsrc Size: 104KB - Virtual size: 100KB

.text
Size: 64KB - Virtual size: 63KB

.rdata
Size: 84KB - Virtual size: 81KB

.data
Size: 72KB - Virtual size: 85KB

.rsrc
Size: 104KB - Virtual size: 100KB