962415f3c606bf34c57d6c593fbc97c54551cc382ab6d290ae7581783321f57b

Sharing

Copy URL

Twitter E-mail

General

Target

962415f3c606bf34c57d6c593fbc97c54551cc382ab6d290ae7581783321f57b
Size

188KB
MD5

4ce1603b41e5c5c343c1371a7a0cd14c
SHA1

d893583c083ad4e3905ab09170c7925807c8c3c8
SHA256

962415f3c606bf34c57d6c593fbc97c54551cc382ab6d290ae7581783321f57b
SHA512

e1a87a21d6b101c115bdf37f73831b4514376b25cdd8d6f2fbe623fb4236f5c59aae013ed7c8f31aaa36a4c1abcef7e64c74bd900d708f660a14a08c81fb890d
SSDEEP

3072:pB36Yk901s8VCNtSRXhISoTjnpDhmFLzbL85fTWGT:Q0a3fpKz6TW

Score

N/A

Malware Config

Signatures

Files

962415f3c606bf34c57d6c593fbc97c54551cc382ab6d290ae7581783321f57b
.exe windows x86

fa2d244e595bdaf766df19bfba3c34a4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpynW
LocalAlloc
TlsAlloc
GetLastError
GlobalFree
GlobalUnlock
GlobalHandle
GlobalLock
GlobalReAlloc
GlobalAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GetVersion
SetLastError
GetModuleHandleW
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
FindFirstFileW
LocalFree
GetProcessVersion
lstrcmpiW
lstrcmpW
GlobalFlags
lstrcpyW
CreateFileW
ReadFile
GetLogicalDrives
lstrcatW
SetEndOfFile
FindNextFileW
RtlUnwind
GetStartupInfoA
ExitProcess
HeapAlloc
HeapFree
RaiseException
HeapSize
HeapReAlloc
TerminateProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetCPInfo
GetACP
GetOEMCP
GetStringTypeA
GetStringTypeW
GetDriveTypeW
FindClose
GetModuleFileNameW
GetLogicalDriveStringsW
GetSystemDirectoryW
GetDiskFreeSpaceExW
FlushFileBuffers
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
WideCharToMultiByte
lstrcatA
lstrcpyA
LoadLibraryA
GetProcAddress
FreeLibrary
GetModuleFileNameA
GetModuleHandleA
GetShortPathNameA
lstrlenA
MultiByteToWideChar
lstrlenW
InitializeCriticalSection
GetCommandLineA
GetCurrentThreadId
lstrcmpiA
Sleep
DeleteCriticalSection
HeapDestroy
CreateEventA
CreateThread
WaitForSingleObject
CloseHandle
SetEvent
WriteFile
SetFilePointer
GetCurrentProcess
InterlockedIncrement

user32

CreateWindowExW
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
PostMessageW
LoadIconW
SetWindowTextW
LoadCursorW
GetSysColorBrush
ReleaseDC
GetDC
GetClassNameW
PtInRect
ClientToScreen
PostQuitMessage
WinHelpW
GetCapture
GetMessagePos
DrawTextW
GrayStringW
GetClassInfoW
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongW
SetWindowPos
RegisterWindowMessageW
SystemParametersInfoW
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetMenuCheckMarkDimensions
LoadBitmapW
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
DispatchMessageW
GetKeyState
CallNextHookEx
PeekMessageW
SetWindowsHookExW
UnhookWindowsHookEx
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongW
SendMessageW
LoadStringW
RegisterClassW
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextW
GetDlgCtrlID
DefWindowProcW
DestroyWindow
SetPropW
GetPropW
CallWindowProcW
RemovePropW
GetMessageTime
DestroyMenu
TabbedTextOutW
GetMessageA
DispatchMessageA
CharNextA
PostThreadMessageA
wsprintfW
MessageBoxW
EnableWindow

advapi32

RegOpenKeyExW
RegCloseKey
RegQueryValueExW

ole32

CoCreateFreeThreadedMarshaler
CoInitialize
CoRegisterClassObject
CoRevokeClassObject
CoUninitialize
CoCreateInstance

oleaut32

VariantClear
SafeArrayDestroy
SysStringByteLen
SysFreeString
SysAllocString
SysStringLen
SafeArrayCreate
SysAllocStringByteLen
SafeArrayPutElement
SafeArrayRedim
LoadTypeLi
RegisterTypeLi
LoadRegTypeLi

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

comctl32

ord17

gdi32

SetTextColor
SetBkColor
GetObjectW
GetDeviceCaps
DeleteObject
DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
CreateBitmap
GetClipBox

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

Sections

.text
Size: 92KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fa2d244e595bdaf766df19bfba3c34a4

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

version

comctl32

gdi32

winspool.drv

Sections

.text Size: 92KB - Virtual size: 89KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 16KB - Virtual size: 28KB

.rsrc Size: 56KB - Virtual size: 56KB

.text
Size: 92KB - Virtual size: 89KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 16KB - Virtual size: 28KB

.rsrc
Size: 56KB - Virtual size: 56KB