660dcd4fae1cf45e30723b1fdb3a50f55e73a1770765458e3aebc673c02320bf

Sharing

Copy URL Twitter E-mail

General

Target

660dcd4fae1cf45e30723b1fdb3a50f55e73a1770765458e3aebc673c02320bf
Size

218KB
MD5

14ae3f6466a1e1dd26d4611db5256630
SHA1

26b453f8282a21a7fa8243bb101b66208cb1768b
SHA256

660dcd4fae1cf45e30723b1fdb3a50f55e73a1770765458e3aebc673c02320bf
SHA512

d56099d922b3459bc6a6c8f93d7a7242551d3999085ef7f43336765ca5434206b53bdba52a2e71c2b0ddf501f5495444b737025b65cad7f2f35c02801fcec47b
SSDEEP

3072:g/rYOVOKWIJc4ERC4VBR2iWU3bFR7FlUpwrT7VMh8Ivrbmk2vA7wjpKZkLt:GEOVZh7S/r0mApWvVMSAOrAkjpJt

Score

N/A

Malware Config

Signatures

Files

660dcd4fae1cf45e30723b1fdb3a50f55e73a1770765458e3aebc673c02320bf
.exe windows x86

e6252ea19b9f64e4616ca7ee342079d0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFindAtomA
GlobalGetAtomNameA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
SetErrorMode
GetCPInfo
GetOEMCP
GetLocalTime
GetTimeZoneInformation
RtlUnwind
HeapAlloc
HeapFree
VirtualProtect
GetSystemInfo
VirtualQuery
lstrcmpW
GetCommandLineA
ExitProcess
HeapReAlloc
HeapSize
HeapDestroy
HeapCreate
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GlobalFlags
InterlockedDecrement
InterlockedIncrement
WritePrivateProfileStringA
GlobalAddAtomA
SetLastError
GlobalFree
FindResourceA
LoadResource
LockResource
SizeofResource
GlobalUnlock
FormatMessageA
lstrcpynA
LocalFree
GetCurrentThread
GetCurrentThreadId
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
VirtualAlloc
VirtualFree
GetModuleHandleA
TerminateProcess
CompareStringW
CompareStringA
GetVersion
WideCharToMultiByte
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
lstrcmpiA
CreateMutexA
GetLastError
GetModuleFileNameA
GetTickCount
lstrcpyA
CopyFileA
CreateProcessA
lstrcatA
LoadLibraryA
GetProcAddress
FreeLibrary
GetSystemDirectoryA
GetCurrentProcessId
lstrlenA
Sleep
OpenFileMappingA
MapViewOfFile
CreateFileA
DeviceIoControl
GetCurrentProcess
CreateToolhelp32Snapshot
Process32First
CloseHandle
MultiByteToWideChar
GetStartupInfoA
Process32Next

user32

RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
LoadIconA
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
IsIconic
GetWindowPlacement
CopyRect
SetWindowPos
ShowWindow
SetWindowLongA
GetDlgItem
LoadCursorA
GetSystemMetrics
GetSysColorBrush
UnregisterClassA
GetSysColor
ReleaseDC
GetDC
GrayStringA
DrawTextExA
DispatchMessageA
TranslateMessage
GetMessageA
DrawTextA
TabbedTextOutA
UnhookWindowsHookEx
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetWindowTextA
SetWindowTextA
GetClassNameA
wsprintfA
SetMenuItemBitmaps
GetFocus
ModifyMenuA
DestroyMenu
PostQuitMessage
PostMessageA
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
SetCursor
SendMessageA
EnableWindow
IsWindowEnabled
GetLastActivePopup
GetWindowLongA
GetParent
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowsHookExA
CallNextHookEx
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
MessageBoxA

gdi32

GetStockObject
ExtTextOutA
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
GetDeviceCaps
TextOutA
RectVisible
PtVisible
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
DeleteObject
CreateBitmap
Escape

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegDeleteKeyA
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
AdjustTokenPrivileges
RegOpenKeyExA
RegOpenKeyA
RegQueryValueExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA

comctl32

ord17

shlwapi

PathFindFileNameA
PathFindExtensionA

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e6252ea19b9f64e4616ca7ee342079d0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

shlwapi

oleaut32

Sections

.text Size: 92KB - Virtual size: 90KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 8KB - Virtual size: 20KB

.rsrc Size: 84KB - Virtual size: 84KB

.text
Size: 92KB - Virtual size: 90KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 8KB - Virtual size: 20KB

.rsrc
Size: 84KB - Virtual size: 84KB