6bb84184660d0fa7c6e7aebcd35c7b50a4563680b78cf292ea40bd7974b7fb46

Sharing

Copy URL Twitter E-mail

General

Target

6bb84184660d0fa7c6e7aebcd35c7b50a4563680b78cf292ea40bd7974b7fb46
Size

452KB
MD5

0bcddec8e2a36aaf128ef285aa085385
SHA1

1f22b242ee42994f7b0fb388dff66d27bb223d5c
SHA256

6bb84184660d0fa7c6e7aebcd35c7b50a4563680b78cf292ea40bd7974b7fb46
SHA512

4182d09cd2b63b4061ff069c922c0ec73f7144c4582c25f360386f7f59c6f5680441601b558cc2e4c6f7150d2a9dc1f6da263b4047633d20e836d06b3f9a27f5
SSDEEP

12288:0zPFjwtqvB/qGei5NDAHH9FJ61oHaqnaXz4t:0zPlwtqJ/eKiHH9rgcaqaD4t

Score

N/A

Malware Config

Signatures

Files

6bb84184660d0fa7c6e7aebcd35c7b50a4563680b78cf292ea40bd7974b7fb46
.exe windows x86

923769a68adace95fa07e60007fb63d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winspool.drv

ord204
DocumentPropertiesA

gdi32

GetDeviceCaps
WidenPath
CloseMetaFile
AngleArc
CreatePolyPolygonRgn
PlayMetaFile
EnumObjects
ExtEscape
CreateMetaFileA
PlgBlt
AbortPath
AnimatePalette
CreateDiscardableBitmap
FloodFill
GdiComment
GetKerningPairsA
DeleteDC
DrawEscape
CreateDCA
GetCharWidthFloatA
CloseFigure
GetAspectRatioFilterEx
GetArcDirection
SetMiterLimit
GetCharABCWidthsFloatA
CreateFontIndirectA
CreateHatchBrush
GetColorAdjustment
GetBrushOrgEx
GetObjectA
GetMiterLimit
SetViewportExtEx
DeleteObject

shell32

DragFinish
ShellExecuteA
SHGetDesktopFolder
DragAcceptFiles
SHGetFileInfoA
ord155
SHBrowseForFolderA
SHGetPathFromIDListA
Shell_NotifyIconA
DragQueryFileA

user32

RedrawWindow
CreateIconIndirect
DestroyAcceleratorTable
DefDlgProcA
LoadIconA
GetWindowRect
IsWindow
LoadStringA
GetWindowThreadProcessId
DestroyIcon
GetDCEx
wsprintfA
MessageBeep
CopyRect
DrawFrameControl
SetWindowLongA
SendDlgItemMessageA
GetMenuItemCount
GetMenuItemID
RegisterClassA
KillTimer
ShowWindow
SetCursor
RegisterClassExA
MoveWindow
MessageBoxA
DispatchMessageA
GetSystemMetrics
GetNextDlgTabItem
UnhookWindowsHookEx
IsWindowVisible
OffsetRect
DestroyMenu
OpenClipboard
GetLastActivePopup
CreateWindowExA
PostQuitMessage
GetActiveWindow
LoadBitmapA
IsRectEmpty
CharUpperA
GetWindowTextA
CheckMenuItem
LoadCursorA
GetForegroundWindow
GetFocus
DestroyWindow
GetDlgItem
CloseClipboard
ReleaseDC
GetMenuState
GetMenu
AdjustWindowRectEx
AppendMenuA
ScreenToClient
SetTimer
SetMenuDefaultItem
LoadAcceleratorsA
DefWindowProcA

kernel32

GetProcAddress
HeapAlloc
GetCommandLineA
SetEnvironmentVariableA
GetEnvironmentStrings
GetCurrentThreadId
SetStdHandle
VirtualFree
SetHandleCount
LCMapStringA
GetSystemInfo
GetModuleFileNameW
GetStdHandle
VirtualAlloc
GetVersion
GetTimeZoneInformation
FlushFileBuffers
ExitProcess
FreeEnvironmentStringsA
GetLocaleInfoA
GlobalFree
QueryPerformanceCounter
InitializeCriticalSection
LoadLibraryA
ExitThread
GetModuleFileNameA
CreateMutexA
HeapFree
FreeEnvironmentStringsW
VirtualQuery
CompareStringA
SetLastError
TerminateThread
UnhandledExceptionFilter
IsBadCodePtr
GetTimeFormatA
RtlUnwind
GetCurrentDirectoryW
CompareStringW
GetProcessHeap
EnterCriticalSection
GetDateFormatA
WideCharToMultiByte
ReadFile
GetVersionExA
HeapDestroy
HeapReAlloc
TlsGetValue
TlsFree
TerminateProcess
GetStringTypeW
MultiByteToWideChar
SetFilePointer
HeapCreate
GetStringTypeA
SetUnhandledExceptionFilter
DeleteCriticalSection
GetCPInfo
GetLastError
LCMapStringW
WriteFile
GetCurrentProcessId
TlsSetValue
TlsAlloc
VirtualProtect
CloseHandle
RaiseException
GetModuleHandleA
LeaveCriticalSection
GetFileType
GetTickCount
Sleep
GetOEMCP
GetStartupInfoA
HeapSize
GetEnvironmentStringsW
InterlockedExchange
GetACP
InterlockedDecrement
FormatMessageA
GetCurrentProcess
GetSystemTimeAsFileTime

ole32

OleFlushClipboard
WriteFmtUserTypeStg
ReadFmtUserTypeStg
CoGetMalloc
OleSave
OleCreateLinkFromData
OleLockRunning
OleInitialize
OleGetClipboard
OleCreateFromFile
OleSetMenuDescriptor
OleGetIconOfClass
StgCreateDocfileOnILockBytes
OleCreate
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoUninitialize
CoLockObjectExternal
IsAccelerator
RevokeDragDrop
OleDuplicateData
OleTranslateAccelerator
CoTaskMemAlloc
CoRegisterClassObject
CoDisconnectObject
OleIsCurrentClipboard
SetConvertStg
CreateILockBytesOnHGlobal
OleRun
CoFreeUnusedLibraries
CoTreatAsClass
OleCreateLinkToFile
CoGetClassObject
CLSIDFromProgID
ReadClassStg
CoTaskMemFree

advapi32

RegEnumValueA
QueryServiceStatus
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA
RegQueryValueExA
RegOpenKeyA
OpenProcessToken

Sections

.text
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

923769a68adace95fa07e60007fb63d4

Headers

File Characteristics

Imports

winspool.drv

gdi32

shell32

user32

kernel32

ole32

advapi32

Sections

.text Size: 88KB - Virtual size: 86KB

.rdata Size: 256KB - Virtual size: 254KB

.data Size: 68KB - Virtual size: 87KB

.rsrc Size: 36KB - Virtual size: 32KB

.text
Size: 88KB - Virtual size: 86KB

.rdata
Size: 256KB - Virtual size: 254KB

.data
Size: 68KB - Virtual size: 87KB

.rsrc
Size: 36KB - Virtual size: 32KB