dd92a0754a1281fbfdf387659661c3530f504e0bb797d7127c941bb52ed4264c

Sharing

Copy URL Twitter E-mail

General

Target

dd92a0754a1281fbfdf387659661c3530f504e0bb797d7127c941bb52ed4264c
Size

324KB
MD5

08bc87d16c0eb7db9b114d2f0f2f7543
SHA1

642e6650c65e6c3b8cb96c24278e375ca31a8357
SHA256

dd92a0754a1281fbfdf387659661c3530f504e0bb797d7127c941bb52ed4264c
SHA512

a753991315258169c65dbb0d4c91c8ca6b15eede28a37d09c70a7fcac11945668826c05c4cd1c90b7b4f7be6469359d687a8787551670e0bdea54e19afdb3cdf
SSDEEP

6144:RnNkugxbePdeLKxS80VUNnxH62E4ZZB5PwpOhvYWkNtubIkoO+lpUN2GD:Rn+uAbePdeLw1z6Kbw4Q8Iko/GD

Score

N/A

Malware Config

Signatures

Files

dd92a0754a1281fbfdf387659661c3530f504e0bb797d7127c941bb52ed4264c
.exe windows x86

e3e54d430d1d485e506746a27af5eee0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

EnumProcesses
EnumProcessModules
GetModuleFileNameExA

kernel32

GetFileAttributesA
GetFileTime
lstrcmpW
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
WritePrivateProfileStringA
GlobalFlags
GetCPInfo
GetOEMCP
HeapAlloc
HeapFree
GetFileType
ExitProcess
RtlUnwind
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
HeapSize
HeapDestroy
FileTimeToLocalFileTime
VirtualFree
IsBadWritePtr
SetHandleCount
GetStdHandle
GetStartupInfoA
SetStdHandle
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
FileTimeToSystemTime
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetCurrentThread
GetCurrentThreadId
FreeLibrary
GlobalDeleteAtom
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
SetErrorMode
lstrcatA
LoadLibraryA
GetProcAddress
GetModuleFileNameA
GetFullPathNameA
GetVolumeInformationA
lstrcpyA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
InterlockedDecrement
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
lstrcpynA
LocalFree
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
MultiByteToWideChar
GetCommandLineA
GetModuleHandleA
CreateEventA
CreateThread
WaitForMultipleObjects
GetLastError
SetEvent
WaitForSingleObject
TerminateProcess
OpenProcess
GetTempPathA
GetTempFileNameA
GetWindowsDirectoryA
DeleteFileA
FreeResource
FindFirstFileA
FindClose
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
CreateFileA
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
CloseHandle
SetFileAttributesA
HeapCreate

user32

ShowWindow
SetWindowTextA
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetCursor
GetMessageA
TranslateMessage
GetActiveWindow
GetCursorPos
ValidateRect
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
GetForegroundWindow
DispatchMessageA
GetDlgItem
GetTopWindow
GetMessageTime
GetMessagePos
LoadIconA
PeekMessageA
MapWindowPoints
GetKeyState
SetForegroundWindow
IsWindowVisible
GetClientRect
GetMenu
AdjustWindowRectEx
CharUpperA
GetSubMenu
GetMenuItemCount
GetClassInfoA
RegisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
CopyRect
PtInRect
GetWindow
DestroyMenu
ClientToScreen
DestroyWindow
GetMenuItemID
GetMenuState
UnhookWindowsHookEx
GetSystemMetrics
wsprintfA
PostQuitMessage
PostMessageA
UnregisterClassA
GetSysColorBrush
GetSysColor
ReleaseDC
GetDC
LoadCursorA
EnableWindow
IsWindowEnabled
GetLastActivePopup
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetWindowTextA
SendMessageA
MessageBoxA
GetParent
GetWindowLongA

gdi32

OffsetViewportOrgEx
GetStockObject
CreateBitmap
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SaveDC
GetDeviceCaps
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
DeleteObject
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SetViewportExtEx

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
QueryServiceStatus
RegCloseKey
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
CreateProcessAsUserA
OpenProcessToken
OpenSCManagerA
OpenServiceA
CloseServiceHandle

comctl32

ord17

shlwapi

PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathFindExtensionA

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 116KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e3e54d430d1d485e506746a27af5eee0

Headers

File Characteristics

Imports

psapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

shlwapi

oleaut32

Sections

.text Size: 116KB - Virtual size: 114KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 8KB - Virtual size: 29KB

.rsrc Size: 172KB - Virtual size: 171KB

.text
Size: 116KB - Virtual size: 114KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 8KB - Virtual size: 29KB

.rsrc
Size: 172KB - Virtual size: 171KB