2cc33e40ea27ed25d82a4210d48473eceb5bc5380a57e842ae7f7c61f9778772

Sharing

Copy URL Twitter E-mail

General

Target

2cc33e40ea27ed25d82a4210d48473eceb5bc5380a57e842ae7f7c61f9778772
Size

821KB
MD5

431d48e4d69516bd2e3c0141b3cf66d0
SHA1

359102b0b9d2ead5a0f1dba8b57293360ed740c2
SHA256

2cc33e40ea27ed25d82a4210d48473eceb5bc5380a57e842ae7f7c61f9778772
SHA512

b46a11e9340623a47f767a62ec4f6d87b8807d2478931ca63ad65b1e553b3bbe4dd0ee2b8f300aade5e948191c50ca3a4d9ca581a7779ce2d5e5ac088ac8af46
SSDEEP

12288:K3atdIQ1CcAPVdrgV7HKoONXTdHKp0e3zbx4LpYDZW:K3atVCHO7HKDhdHKx3zqNYE

Score

N/A

Malware Config

Signatures

Files

2cc33e40ea27ed25d82a4210d48473eceb5bc5380a57e842ae7f7c61f9778772
.exe windows x86

57da843b458a66a1b8c40a738a057488

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GetStartupInfoW
HeapAlloc
HeapFree
RtlUnwind
Sleep
ExitProcess
HeapReAlloc
RaiseException
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
GlobalFindAtomW
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetEnvironmentVariableA
SetEnvironmentVariableW
GetConsoleCP
GetConsoleMode
SetStdHandle
GetProcessHeap
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
GetVersionExW
LoadLibraryA
GetVersionExA
SetErrorMode
lstrlenA
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
CompareStringW
GlobalFlags
GetModuleHandleA
InterlockedDecrement
WritePrivateProfileStringW
GetCurrentProcessId
GlobalAddAtomW
GetFileTime
GetFileSizeEx
GetFileAttributesW
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateFileW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetThreadLocale
FreeResource
SetLastError
GlobalFree
GlobalUnlock
lstrlenW
MulDiv
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
GetModuleFileNameW
lstrcmpA
GetLocaleInfoW
LoadLibraryW
CompareStringA
WideCharToMultiByte
InterlockedExchange
GlobalLock
lstrcmpW
GlobalAlloc
FreeLibrary
GetSystemTime
GetPrivateProfileSectionW
GetPrivateProfileStringW
LocalFree
FormatMessageW
MultiByteToWideChar
CloseHandle
WaitForSingleObject
CreateProcessW
GetCurrentProcess
FindResourceW
LoadResource
LockResource
SizeofResource
ReleaseMutex
GetLastError
CreateMutexW
GetModuleHandleW
TerminateProcess
GetProcAddress

user32

UnregisterClassW
RegisterClipboardFormatW
EndDialog
CreateDialogIndirectParamW
PostThreadMessageW
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageA
WinHelpW
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
SetActiveWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
UpdateWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
DefWindowProcW
CallWindowProcW
GetMenu
SystemParametersInfoA
GetWindowPlacement
MessageBeep
IsChild
GetTopWindow
GetNextDlgGroupItem
InvalidateRgn
InvalidateRect
GetClientRect
EqualRect
IntersectRect
SetRect
IsRectEmpty
CopyAcceleratorTableW
OffsetRect
CopyRect
CharNextW
SetFocus
ShowWindow
MoveWindow
SetWindowLongW
IsWindow
IsDialogMessageW
SendDlgItemMessageW
GetDlgItem
GetSysColorBrush
GetDlgCtrlID
GetWindowRect
GetClassNameW
PtInRect
GetWindowTextW
SetWindowTextW
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
GrayStringW
DrawTextExW
DrawTextW
PostMessageW
PostQuitMessage
GetSubMenu
TabbedTextOutW
UnhookWindowsHookEx
GetDesktopWindow
ReleaseCapture
LoadCursorW
GetCapture
SetCapture
ClientToScreen
GetWindowThreadProcessId
GetWindowLongW
DestroyMenu
GetNextDlgTabItem
GetMenuItemCount
GetMenuItemID
GetMenuState
SetWindowPos
MapDialogRect
GetParent
SetWindowContextHelpId
GetWindow
GetSystemMetrics
CharUpperW
CheckMenuItem
EnableMenuItem
ModifyMenuW
SendMessageW
GetFocus
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
GetCursorPos
PeekMessageW
GetKeyState
IsWindowVisible
GetActiveWindow
DispatchMessageW
TranslateMessage
GetMessageW
CallNextHookEx
SetWindowsHookExW
SetCursor
MessageBoxW
EnableWindow
IsWindowEnabled
GetLastActivePopup
IsIconic

gdi32

GetStockObject
GetBkColor
GetTextColor
DeleteDC
GetRgnBox
GetMapMode
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
CreateRectRgnIndirect
GetDeviceCaps
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
GetObjectW
DeleteObject
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
CreateBitmap
Escape

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegEnumKeyW
RegSetValueExW
RegCreateKeyExW
RegQueryValueW
RegOpenKeyExW
RegDeleteKeyW
RegOpenKeyW
RegCloseKey
RegQueryValueExW

comctl32

InitCommonControlsEx

shlwapi

PathIsUNCW
PathFindFileNameW
PathFindExtensionW
PathStripToRootW

oledlg

OleUIBusyW

ole32

CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleIsCurrentClipboard
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

SysStringLen
SysFreeString
SysAllocStringLen
VariantClear
VariantChangeType
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SysAllocString
VariantInit

Sections

.text
Size: 218KB - Virtual size: 218KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 11KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 532KB - Virtual size: 532KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

57da843b458a66a1b8c40a738a057488

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 218KB - Virtual size: 218KB

.rdata Size: 55KB - Virtual size: 54KB

.data Size: 11KB - Virtual size: 27KB

.rsrc Size: 532KB - Virtual size: 532KB

.text
Size: 218KB - Virtual size: 218KB

.rdata
Size: 55KB - Virtual size: 54KB

.data
Size: 11KB - Virtual size: 27KB

.rsrc
Size: 532KB - Virtual size: 532KB