9d8e631dec64190190cbb24942cd92383c891abea67b75fc2b12774fee6dc27f

Sharing

Copy URL Twitter E-mail

General

Target

9d8e631dec64190190cbb24942cd92383c891abea67b75fc2b12774fee6dc27f
Size

288KB
MD5

cca44c4a6110376b7c3abc0a35b0623a
SHA1

e2f51331fad6f75de243f00247896baf170407d2
SHA256

9d8e631dec64190190cbb24942cd92383c891abea67b75fc2b12774fee6dc27f
SHA512

8719f74150d5cf3186d9b10a19ba0d262aa2372d9f93b65f2fe914e90747827ba19f2caa29f4faa02c3de88b89a0af4bea42ecf97a4817a01a9992f291e8c399
SSDEEP

6144:csHjoRRPjwKVZxTc8x+APk7Cg+5iBWW+zUVYKh:iRRLwKtcAtPk7C5WgaYK

Score

N/A

Malware Config

Signatures

Files

9d8e631dec64190190cbb24942cd92383c891abea67b75fc2b12774fee6dc27f
.exe windows x86

90c1f74da7025c883bfb75324a30f16a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetPixelV
DeleteObject
GetRgnBox
Arc
SelectClipRgn
EndPage
DPtoLP
SetPixel
CreatePolygonRgn
CreatePatternBrush
CreatePen
StrokePath
DeleteDC
EndDoc
StartPage
CreatePalette
GetObjectA
OffsetRgn
ExtCreatePen
CreateDCA
StretchDIBits
GetDeviceCaps
GetPaletteEntries
SelectObject
GetRegionData

winmm

waveOutPrepareHeader
timeBeginPeriod
timeEndPeriod
timeSetEvent
waveOutOpen
waveOutWrite
waveOutClose
timeGetTime
waveOutGetNumDevs
mciSendCommandA
timeGetDevCaps
waveOutGetDevCapsA
waveOutReset
waveOutUnprepareHeader
timeKillEvent

rpcrt4

RpcServerUseProtseqEpA
RpcServerRegisterIf
RpcMgmtStopServerListening
RpcServerListen
RpcServerUnregisterIf
NdrServerCall2

user32

DefWindowProcA
RegisterClassExA
DestroyWindow
DestroyAcceleratorTable
CreateWindowExA
LoadCursorA
LoadAcceleratorsA
ShowWindow
LoadBitmapA
MessageBoxA
RegisterClassA

ole32

CoRevokeClassObject
OleLoad
CoCreateInstance
OleLockRunning
CoTaskMemAlloc
CoTaskMemFree
CoInitialize
CreateILockBytesOnHGlobal
OleUninitialize
OleInitialize
CoRegisterClassObject
StgCreateDocfileOnILockBytes
CoGetClassObject
CoInitializeSecurity
CreateStreamOnHGlobal
OleGetClipboard

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
SetErrorMode
WideCharToMultiByte
SetStdHandle
CompareStringW
GetEnvironmentVariableA
GlobalGetAtomNameA
FormatMessageA
IsBadCodePtr
QueryPerformanceCounter
GlobalReAlloc
DeleteFileA
GetTimeZoneInformation
GetStringTypeA
VirtualAlloc
GetCurrentThread
GetTickCount
LoadResource
VirtualFree
GetTimeFormatA
GlobalUnlock
LocalFree
GetProcAddress
HeapSize
GetSystemTime
GetOEMCP
LoadLibraryA
CloseHandle
InitializeCriticalSection
CreateProcessA
CreateMutexA
VirtualProtect
UnhandledExceptionFilter
HeapCreate
SetEvent
GetEnvironmentStrings
TlsGetValue
GetCommandLineA
DuplicateHandle
FreeEnvironmentStringsW
GetVersion
GetLocalTime
TlsSetValue
FindNextFileA
LocalReAlloc
VirtualQuery
WinExec
WriteFile
_lclose
lstrcatA
EnterCriticalSection
lstrcmpA
GetModuleFileNameA
GlobalLock
SetUnhandledExceptionFilter
ExitProcess
MultiByteToWideChar
FreeResource
lstrcpynA
TerminateProcess
RtlUnwind
InterlockedDecrement
FindClose
CreateFileA
GetEnvironmentStringsW
WritePrivateProfileStringA
SetFilePointer
HeapReAlloc
TerminateThread
lstrlenA
LeaveCriticalSection
SuspendThread
GetStringTypeExA
SizeofResource
SetLastError
CreateDirectoryA
LockResource
IsValidCodePage
FileTimeToSystemTime
RaiseException
LCMapStringW
InterlockedIncrement
GetCurrentProcess
MulDiv
HeapFree
GlobalFree
GetModuleHandleA
GetCurrentThreadId
GetUserDefaultLangID
SetHandleCount
GlobalAlloc
ReadFile
FlushFileBuffers
GetPrivateProfileStringA
GlobalFindAtomA
CompareStringA
GetSystemDirectoryA
GetStartupInfoA
LCMapStringA
GetPrivateProfileIntA
InterlockedExchange
GetVolumeInformationA
lstrcpyA
Sleep
GetFileAttributesA
SetEnvironmentVariableA
GetLastError
DeleteCriticalSection
FreeEnvironmentStringsA
HeapAlloc
TlsAlloc
FreeLibrary
SetFileAttributesA
GetProcessHeap
GetCPInfo
HeapDestroy
GetFileType
ReleaseMutex
GetVersionExA
GetStdHandle
ExitThread
GetStringTypeW
GetACP

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

Sections

.text
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

90c1f74da7025c883bfb75324a30f16a

Headers

File Characteristics

Imports

gdi32

winmm

rpcrt4

user32

ole32

kernel32

winspool.drv

Sections

.text Size: 68KB - Virtual size: 64KB

.rdata Size: 132KB - Virtual size: 128KB

.data Size: 68KB - Virtual size: 68KB

.rsrc Size: 16KB - Virtual size: 12KB

.text
Size: 68KB - Virtual size: 64KB

.rdata
Size: 132KB - Virtual size: 128KB

.data
Size: 68KB - Virtual size: 68KB

.rsrc
Size: 16KB - Virtual size: 12KB