fef5165a88dbece8005f66292b69c11cb5b061673e80d1bdf3c240b3b00398e8

Sharing

Copy URL Twitter E-mail

General

Target

fef5165a88dbece8005f66292b69c11cb5b061673e80d1bdf3c240b3b00398e8
Size

616KB
MD5

0a880536e5c819ec29e63b3a09cf8490
SHA1

e7dcf65ef6277276eb25f1877260248c8d237a1d
SHA256

fef5165a88dbece8005f66292b69c11cb5b061673e80d1bdf3c240b3b00398e8
SHA512

fa8b088f9f5ac60edd18e661000df8532580b252825467b00a8de8524bdf55d770d8ea9313cd6f9b91e382bfae6a1559e7d8389b35d71d6a6363cc3e3726a364
SSDEEP

12288:zuSQW3HjFSSG+1YDTQvbIECwQarePrlTgm:PVG++DT4dDapcm

Score

N/A

Malware Config

Signatures

Files

fef5165a88dbece8005f66292b69c11cb5b061673e80d1bdf3c240b3b00398e8
.exe windows x86

9927e4261f2f583edc9b3bbcd358ff15

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetPropA
SetPropA
GetClassNameA
GetClassInfoExA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
GetCapture
WinHelpA
RegisterWindowMessageA
IsDialogMessageA
MoveWindow
LoadBitmapA
GetMenuCheckMarkDimensions
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
ValidateRect
TranslateMessage
GetMessageA
TabbedTextOutA
DrawTextExA
GrayStringA
BeginPaint
EndPaint
DestroyMenu
GetSysColorBrush
SetForegroundWindow
IsWindowVisible
GetMenu
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
GetWindow
PostQuitMessage
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
IsWindowEnabled
GetNextDlgTabItem
CopyRect
DispatchMessageA
RemovePropA
InflateRect
GetMonitorInfoA
SetParent
OffsetRect
GetSystemMetrics
KillTimer
SetTimer
RedrawWindow
AppendMenuA
CreatePopupMenu
IsRectEmpty
GetSysColor
FillRect
SetRectEmpty
DialogBoxIndirectParamA
GetMenuItemCount
GetMenuItemID
GetSubMenu
PtInRect
GetWindowTextA
CharNextA
PeekMessageA
ClientToScreen
GetCursorPos
WindowFromPoint
ScreenToClient
IsWindow
GetDesktopWindow
IsIconic
GetWindowRect
SetWindowPos
GetWindowPlacement
GetDC
MessageBoxA
IsDlgButtonChecked
SetWindowTextA
SetWindowLongA
GetWindowLongA
PostMessageA
EndDialog
LoadCursorA
GetParent
LoadIconA
InvalidateRect
LoadStringA
GetDlgItemTextA
wsprintfA
SetDlgItemTextA
GetDlgItem
ShowWindow
SendDlgItemMessageA
UpdateWindow
DestroyIcon
DestroyWindow
SendMessageA
GetTopWindow
DrawFrameControl
GetFocus
SetFocus
GetForegroundWindow
IntersectRect
GetLastActivePopup
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenuEx
GetKeyState
DrawTextA
UnregisterClassA
CharUpperA
SetRect
SetCursor
EnableWindow
ReleaseDC
GetClientRect

kernel32

InterlockedDecrement
GlobalFlags
InterlockedIncrement
LocalAlloc
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetCPInfo
GetOEMCP
FlushFileBuffers
GetCurrentProcess
SetErrorMode
RtlUnwind
ExitProcess
TerminateProcess
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
VirtualQuery
GetStartupInfoA
GetCommandLineA
IsBadReadPtr
HeapReAlloc
ExitThread
HeapSize
QueryPerformanceCounter
GetCurrentProcessId
HeapDestroy
HeapCreate
VirtualFree
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
SuspendThread
SetHandleCount
GetFileType
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
lstrcmpiA
InterlockedExchange
ResumeThread
SetThreadPriority
SetLastError
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcmpW
GetCurrentThread
GetCurrentThreadId
GlobalDeleteAtom
GetModuleHandleA
ConvertDefaultLocale
EnumResourceLanguagesA
SetThreadExecutionState
ResetEvent
PulseEvent
OutputDebugStringA
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
FreeLibrary
LoadLibraryA
SizeofResource
LockResource
LoadResource
FindResourceA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
MulDiv
SetFilePointer
WideCharToMultiByte
DeleteFileA
CloseHandle
WriteFile
CreateFileA
GetEnvironmentStringsW
GetTempPathA
GetModuleFileNameA
GlobalUnlock
GlobalLock
GlobalAlloc
GetProcessHeap
lstrcpyA
MultiByteToWideChar
RaiseException
GetLastError
InitializeCriticalSection
DeleteCriticalSection
GetVersion
GetSystemInfo
FreeResource
GetTempFileNameA
IsBadWritePtr
GetTickCount
LocalFree
FormatMessageA
GetFullPathNameA
GlobalReAlloc
GetFileSize
WritePrivateProfileStringA
LoadLibraryExA
LeaveCriticalSection
EnterCriticalSection
lstrcpynA
GetProcAddress
CreateThread
CreateEventA
WaitForMultipleObjects
GlobalFree
GetSystemTimeAsFileTime
lstrcmpA
SetEvent
WaitForSingleObject
ReleaseSemaphore
FindResourceExA
Sleep
CreateSemaphoreA
lstrcatA
ReadFile
GetFileAttributesA
CompareStringW
CompareStringA
lstrlenA

msimg32

AlphaBlend

advapi32

RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyA
RegQueryValueA
RegQueryValueExA

shell32

ExtractIconExA
SHGetMalloc

comctl32

ord17

shlwapi

PathFindFileNameA
PathFindExtensionA

gdi32

GetPixel
GetClipBox
CreateBitmap
SaveDC
RestoreDC
SetStretchBltMode
SetMapMode
LineTo
MoveToEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetTextColor
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
StretchDIBits
SetDIBitsToDevice
SetBkColor
GetBkMode
SetBkMode
Rectangle
CreatePen
CreateSolidBrush
PlayEnhMetaFile
DeleteEnhMetaFile
CreatePalette
GetDIBColorTable
CreateFontIndirectA
CreateDIBSection
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
GetStockObject
GetObjectA
DeleteObject
SetViewportOrgEx
GetDeviceCaps

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

comdlg32

GetFileTitleA

ole32

CoTaskMemAlloc
CoUninitialize
CoInitialize
CoTaskMemFree
CoCreateInstance

oleaut32

VariantInit
VariantChangeType
VariantClear
SysAllocString
SysFreeString
SysAllocStringLen

winmm

timeBeginPeriod
timeGetTime
timeSetEvent
timeGetDevCaps
timeKillEvent
timeEndPeriod

Sections

.text
Size: 324KB - Virtual size: 323KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 128KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9927e4261f2f583edc9b3bbcd358ff15

Headers

File Characteristics

Imports

user32

kernel32

msimg32

advapi32

shell32

comctl32

shlwapi

gdi32

winspool.drv

comdlg32

ole32

oleaut32

winmm

Sections

.text Size: 324KB - Virtual size: 323KB

.rdata Size: 68KB - Virtual size: 66KB

.data Size: 24KB - Virtual size: 45KB

.tls Size: 4KB - Virtual size: 4B

.rsrc Size: 128KB - Virtual size: 126KB

.text Size: 64KB - Virtual size: 64KB

.text
Size: 324KB - Virtual size: 323KB

.rdata
Size: 68KB - Virtual size: 66KB

.data
Size: 24KB - Virtual size: 45KB

.tls
Size: 4KB - Virtual size: 4B

.rsrc
Size: 128KB - Virtual size: 126KB

.text
Size: 64KB - Virtual size: 64KB