002b11504791e8647d55f5382ce33586723a8ac7bdfb5e904072ede10b74009f

Sharing

Copy URL Twitter E-mail

General

Target

002b11504791e8647d55f5382ce33586723a8ac7bdfb5e904072ede10b74009f
Size

489KB
MD5

0a95a2355feb071e6dff7651650bec12
SHA1

dd69dc5422838f438f0f49d6647eb5c033c1fd40
SHA256

002b11504791e8647d55f5382ce33586723a8ac7bdfb5e904072ede10b74009f
SHA512

14db5051a49a6caf815471a847541963f55f31d2c442ca816d991f8049880ccf9fc2775a56a8f55945c9f30010faa1be2ffc9537d039b2e10c51c5cf151866b6
SSDEEP

12288:0fstQL0XF2wQZDunf1tEpSLyj6lswT80:0fyEZD88QWmf

Score

N/A

Malware Config

Signatures

Files

002b11504791e8647d55f5382ce33586723a8ac7bdfb5e904072ede10b74009f
.exe windows x86

942deb25abb02e00746193aa94726516

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
HeapFree
HeapAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
ExitProcess
RtlUnwind
HeapSize
TerminateProcess
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
FlushFileBuffers
SetFilePointer
WriteFile
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcatW
GetModuleHandleW
GetVersionExA
GetModuleHandleA
GetProcAddress
GetCurrentThreadId
GlobalFlags
lstrcmpW
GetVersion
InterlockedIncrement
InterlockedDecrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
GetModuleFileNameW
GlobalFree
FindResourceW
LoadResource
LockResource
SizeofResource
lstrcpyW
lstrlenW
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
SetLastError
lstrcpynW
WideCharToMultiByte
MultiByteToWideChar
CreateThread
LocalFree
DeleteFileW
CloseHandle
DeleteCriticalSection
LocalAlloc
GetLocalTime
VirtualProtectEx
MoveFileW
GetLastError
InterlockedExchange
RaiseException
GetStartupInfoW
GetACP
CreateFileW
SetSystemTimeAdjustment
Sleep
InitializeCriticalSection
GetTickCount
CreateProcessW
GetLocaleInfoA
GetNativeSystemInfo
FreeEnvironmentStringsA
GetCommandLineW

user32

DestroyMenu
SetMenuItemBitmaps
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapW
RegisterWindowMessageW
WinHelpW
GetCapture
GetClassInfoExW
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
PostMessageW
AdjustWindowRectEx
GetClassInfoW
CallWindowProcW
SystemParametersInfoA
IsIconic
GetWindowPlacement
CopyRect
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
SetWindowsHookExW
CallNextHookEx
GetKeyState
PeekMessageW
ValidateRect
SetWindowPos
SetWindowLongW
GetDlgItem
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetFocus
SetWindowTextW
GetClassNameW
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
UnhookWindowsHookEx
SendMessageW
MessageBoxW
GetParent
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
EnableWindow
GetWindowTextW
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
EndPaint
GetMessageW
PostQuitMessage
UnregisterClassW
LoadCursorW
BeginPaint
TranslateMessage
LoadIconW
ShowWindow
CreateWindowExW
RegisterClassW
UpdateWindow
DefWindowProcW
DispatchMessageW

gdi32

OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
CreateBitmap
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
GetDeviceCaps
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
DeleteObject
GetStockObject
SetViewportExtEx

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

GetSidSubAuthority
GetLengthSid
InitializeSid
GetSidLengthRequired
IsValidSid
CopySid

comctl32

ord17

ole32

CoInitialize
OleUninitialize
OleInitialize
OleSetContainedObject
CLSIDFromString
CoUninitialize
CoCreateInstance

oleaut32

VariantInit
VariantChangeType
VariantClear

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 251KB - Virtual size: 250KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 149KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

942deb25abb02e00746193aa94726516

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

ole32

oleaut32

oleacc

Sections

.text Size: 251KB - Virtual size: 250KB

.rdata Size: 64KB - Virtual size: 63KB

.data Size: 8KB - Virtual size: 113KB

.rsrc Size: 149KB - Virtual size: 148KB

.reloc Size: 16KB - Virtual size: 15KB

.text
Size: 251KB - Virtual size: 250KB

.rdata
Size: 64KB - Virtual size: 63KB

.data
Size: 8KB - Virtual size: 113KB

.rsrc
Size: 149KB - Virtual size: 148KB

.reloc
Size: 16KB - Virtual size: 15KB