ab74d66a2de6402eaf962b4edbd084bf31e6d2b8eb9c4fcd39886ccfa58fea34

Sharing

Copy URL Twitter E-mail

General

Target

ab74d66a2de6402eaf962b4edbd084bf31e6d2b8eb9c4fcd39886ccfa58fea34
Size

648KB
MD5

0c889f5270ac5e69a54030eada23512b
SHA1

d0e457fc70c7985d9847e2bd77e2f163913913d1
SHA256

ab74d66a2de6402eaf962b4edbd084bf31e6d2b8eb9c4fcd39886ccfa58fea34
SHA512

0d2d2cf2bb0d10caa8cdadad46f0ac23ecc1273bc3a7396de3f6f4723f8c6ee03b2e052df8bfeb671b9f8f1a8109d049856ac2c337194bbcf2bad0b93811518f
SSDEEP

12288:25HCWEAHVvSMP3SEJxkovByxcUIQF0pBVwABNwfnwNs:uZHVvS85ZvkXIZ/wA80

Score

N/A

Malware Config

Signatures

Files

ab74d66a2de6402eaf962b4edbd084bf31e6d2b8eb9c4fcd39886ccfa58fea34
.exe windows x86

54d7ec2c45d9e1d4f1cfa06b44c7a73a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winspool.drv

OpenPrinterA
GetJobA
ClosePrinter

shell32

SHBrowseForFolderA
SHGetSpecialFolderLocation
DragAcceptFiles
SHGetFileInfoA
DragQueryFileA
ord155
SHGetSpecialFolderPathA

gdi32

GetNearestColor
PlayEnhMetaFile
Ellipse
SetMapMode
CreateBitmap
CombineRgn
RectVisible
GetOutlineTextMetricsA
FillPath
Pie
PaintRgn
SetRectRgn
Escape
SetBoundsRect
CloseEnhMetaFile
Rectangle
MaskBlt
GetTextAlign
GetRgnBox
SetPaletteEntries
GetMapMode
PolyPolygon
AbortDoc
GetCurrentPositionEx
DeleteObject
TextOutA
EndPath
ScaleViewportExtEx
ScaleWindowExtEx
GetGlyphOutlineA
RectInRegion
GetViewportOrgEx
SetBitmapBits
BeginPath
LPtoDP
CreateEnhMetaFileA
GetPaletteEntries
CreateRectRgn
FillRgn
CreateFontIndirectA
GetObjectA
StartDocA
CreatePenIndirect
GetCharWidthA
CreateDIBitmap
CreateCompatibleDC
CreateBrushIndirect
SetTextColor
ResetDCA
CreateCompatibleBitmap
StretchBlt
StrokePath
CreateHatchBrush
BitBlt
GetROP2
UpdateColors
ResizePalette
InvertRgn
SetTextJustification
GetClipBox
SetBkColor
Chord

kernel32

GlobalAlloc
GetModuleFileNameA
GetStartupInfoA
GetModuleHandleW
RaiseException
GetCommandLineW
GetCommandLineA
GetStartupInfoW
GetModuleHandleA
SetUnhandledExceptionFilter
FreeLibrary
GetLocaleInfoW
TlsSetValue
GetSystemDirectoryA
GetSystemTime
QueryPerformanceCounter
GetLastError
GetOEMCP
FindClose
FileTimeToSystemTime
CompareStringA
VirtualFree
LocalReAlloc
MulDiv
CompareStringW
VirtualQuery
TlsFree
WaitForSingleObject
FlushFileBuffers
TerminateProcess
GetFileType
IsDebuggerPresent
CreateMutexW
HeapAlloc
LCMapStringA
InitializeCriticalSection
IsBadWritePtr
EnterCriticalSection
HeapFree
MultiByteToWideChar
GetLocalTime
WriteConsoleA
SetEnvironmentVariableA
GetVersion
InterlockedDecrement
GetACP
HeapCreate
InterlockedExchange
CreateMutexA
GetEnvironmentStrings
FreeEnvironmentStringsA
LeaveCriticalSection
GetStdHandle
lstrcmpW
CloseHandle
GetCurrentProcessId
GetTickCount
GetTimeZoneInformation
UnhandledExceptionFilter
CreateProcessA
ExitProcess
SetEndOfFile
InterlockedIncrement
TlsAlloc
SetConsoleCtrlHandler
ReadFile
SystemTimeToFileTime
GetModuleFileNameW
TlsGetValue
SetStdHandle
GetFileTime
VirtualAlloc
lstrcpynA
GetVersionExA
UnlockFile
IsBadReadPtr
CompareFileTime
GetCPInfo
IsBadCodePtr
LoadLibraryA
FreeEnvironmentStringsW
GetCurrentThread
GetStringTypeA
IsValidCodePage
DeleteCriticalSection
GlobalLock
LCMapStringW
lstrlenA
LoadResource
WriteFile
CopyFileW
GetEnvironmentStringsW
FlushInstructionCache
GetLocaleInfoA
WideCharToMultiByte
CreateFileA
SetFilePointer
GetUserDefaultLCID
lstrcmpA
GetSystemTimeAsFileTime
HeapDestroy
DeleteFileW
SetErrorMode
SetLastError
Sleep
LockFile
HeapSize
GetCurrentProcess
RtlUnwind
GetStringTypeW
GetProcAddress
HeapReAlloc
GlobalSize
FatalAppExitA
SetHandleCount
GetCurrentThreadId

advapi32

CryptCreateHash
RegCreateKeyA
CryptReleaseContext
RegDeleteKeyA
RegEnumKeyExA
CryptDestroyKey
RegQueryInfoKeyA
RegDeleteValueA
CryptAcquireContextA
CryptDestroyHash
SetFileSecurityA
RegCreateKeyExA
GetFileSecurityA
CryptEncrypt
CryptDeriveKey
RegOpenKeyExA
RegSetValueA
RegCloseKey
CryptDecrypt
RegOpenKeyA
RegEnumKeyA
RegSetValueExA
RegQueryValueExA
RegQueryValueA
CryptHashData
RegEnumValueA

user32

RegisterHotKey
ReleaseDC
CallWindowProcW
CheckDlgButton
GetNextDlgGroupItem
ShowWindow
MoveWindow
GetMessageTime
ScreenToClient
IsMenu
DrawMenuBar
RegisterWindowMessageW
UnregisterHotKey
RegisterClassW
MessageBoxW
MapDialogRect
SetParent
DefFrameProcW
SetCapture
DrawFrameControl
RegisterClassExW
IsWindow
EmptyClipboard
GetMenu
UpdateWindow
GetWindowDC
MessageBoxA
CreatePopupMenu
DestroyCaret
DragDetect
GetAsyncKeyState
CopyIcon
DestroyIcon
DefWindowProcW
SetFocus
CreateWindowExW
DestroyWindow

Sections

.text
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 456KB - Virtual size: 453KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

54d7ec2c45d9e1d4f1cfa06b44c7a73a

Headers

File Characteristics

Imports

winspool.drv

shell32

gdi32

kernel32

advapi32

user32

Sections

.text Size: 64KB - Virtual size: 61KB

.rdata Size: 456KB - Virtual size: 453KB

.data Size: 100KB - Virtual size: 99KB

.rsrc Size: 24KB - Virtual size: 21KB

.text
Size: 64KB - Virtual size: 61KB

.rdata
Size: 456KB - Virtual size: 453KB

.data
Size: 100KB - Virtual size: 99KB

.rsrc
Size: 24KB - Virtual size: 21KB