8de37688d487212559665974a58ffb7a68b6877f165f7d84e648eecb25695012

Sharing

Copy URL Twitter E-mail

General

Target

8de37688d487212559665974a58ffb7a68b6877f165f7d84e648eecb25695012
Size

232KB
MD5

22fa65d8e36ef5873e547681aad79bc0
SHA1

d5d3ccba4c470fdd4349b1dbc3e355d309bd2979
SHA256

8de37688d487212559665974a58ffb7a68b6877f165f7d84e648eecb25695012
SHA512

6188e300b630b8ab344255f92385272888f2e138baa3b5be235522bc9030e9a634857676daee8e0a410945256fb8878047be605e1fa559924bc8161e58f9af1c
SSDEEP

6144:45jUMQ7RuftslNYdLYZTCYDrzvkkwnZ+7L:1RufundJjkA

Score

N/A

Malware Config

Signatures

Files

8de37688d487212559665974a58ffb7a68b6877f165f7d84e648eecb25695012
.dll windows x86

88c39fa4854d7319713b3360d92f340e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushFileBuffers
GetCommandLineA
HeapFree
HeapAlloc
GetProcessHeap
RtlUnwind
RaiseException
HeapSize
HeapReAlloc
SetFilePointer
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
Sleep
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
VirtualAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
WriteFile
InterlockedExchange
GetThreadLocale
GetVersion
InterlockedIncrement
GetCurrentProcessId
GetModuleHandleA
GlobalFlags
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
LoadLibraryW
LoadLibraryA
lstrcmpW
GetVersionExA
MultiByteToWideChar
WideCharToMultiByte
FormatMessageW
GetLastError
SetErrorMode
lstrlenW
GetCurrentThreadId
TlsFree
GlobalFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalAlloc
GlobalHandle
GlobalUnlock
GlobalReAlloc
GlobalLock
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalFree
LocalAlloc
FreeLibrary
FindResourceW
LoadResource
LockResource
SizeofResource
InterlockedDecrement
GetModuleFileNameW
SetLastError
GetModuleHandleW
GetProcAddress
GetCurrentThread
GetCurrentProcess
ReleaseSemaphore
WaitForSingleObject
CloseHandle
ExitProcess
CreateSemaphoreW

advapi32

FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
OpenThreadToken

shlwapi

PathFindExtensionW
PathFindFileNameW

oleacc

LresultFromObject
CreateStdAccessibleObject

user32

UnregisterClassA
LoadCursorW
GetSysColorBrush
GetWindowThreadProcessId
ReleaseDC
GetDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
ClientToScreen
IsWindowEnabled
SetWindowTextW
RegisterWindowMessageW
LoadIconW
WinHelpW
GetCapture
GetClassLongW
GetClassNameW
SetPropW
RemovePropW
IsWindow
GetWindowTextW
DestroyMenu
GetLastActivePopup
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
EnableWindow
SetForegroundWindow
GetClientRect
GetMenu
PostMessageW
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
CopyRect
PtInRect
GetDlgCtrlID
PostQuitMessage
GetPropW
DefWindowProcW
CallWindowProcW
GetWindowLongW
SetWindowLongW
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetForegroundWindow
UnhookWindowsHookEx
ValidateRect
PeekMessageW
GetKeyState
SendMessageW
DispatchMessageW
CallNextHookEx
SetWindowsHookExW
UnregisterClassW
GetSubMenu
GetMenuItemCount
GetWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetMenuState
GetMenuItemID

gdi32

SetTextColor
SetBkColor
DeleteObject
SaveDC
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetClipBox
TextOutW
GetStockObject
CreateBitmap
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
GetDeviceCaps
RectVisible
PtVisible
SetMapMode
RestoreDC
ExtTextOutW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

oleaut32

VariantClear
VariantChangeType
VariantInit

Exports

Exports

AppIsRunning
HasAdminPriv

Sections

.text
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

88c39fa4854d7319713b3360d92f340e

Headers

File Characteristics

Imports

kernel32

advapi32

shlwapi

oleacc

user32

gdi32

winspool.drv

oleaut32

Exports

Exports

Sections

.text Size: 108KB - Virtual size: 104KB

.rdata Size: 28KB - Virtual size: 25KB

.data Size: 8KB - Virtual size: 22KB

.rsrc Size: 4KB - Virtual size: 176B

.reloc Size: 20KB - Virtual size: 17KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 108KB - Virtual size: 104KB

.rdata
Size: 28KB - Virtual size: 25KB

.data
Size: 8KB - Virtual size: 22KB

.rsrc
Size: 4KB - Virtual size: 176B

.reloc
Size: 20KB - Virtual size: 17KB

.rmnet
Size: 60KB - Virtual size: 60KB