7a00b2b5c188fdc8b4f316bea082f59712684d7f26f5f85c28a19cd288055ae2

Sharing

Copy URL

Twitter E-mail

General

Target

7a00b2b5c188fdc8b4f316bea082f59712684d7f26f5f85c28a19cd288055ae2
Size

160KB
MD5

c82411300c726f9e6fb98c6adde60a52
SHA1

9a28aeb5badf6158b0eeec32754f4344c25217d2
SHA256

7a00b2b5c188fdc8b4f316bea082f59712684d7f26f5f85c28a19cd288055ae2
SHA512

0acca53345aae455688a483df63f084321ecdee8ed7a77ae75cd0b538d9abd9b8056a29b21fd762914c7d49df4ac324b1183ddf87c5afe34f603c37436de730b
SSDEEP

1536:KlUIACLbAZ9R9EXkOnLLfoyDAco7iT6uH0I2rov9YEwi/SFcN/lmg43m1HwHbQoH:Kq9EXkOAyNuQ0+5/kcNNbHwkoI8xgF

Score

N/A

Malware Config

Signatures

Files

7a00b2b5c188fdc8b4f316bea082f59712684d7f26f5f85c28a19cd288055ae2
.dll windows x86

15901b98c1aa703b472a7d37e8592414

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

dv

?IsFloppyDisk@@YAHW4_MEDIA_TYPE@@@Z

fe

?CreateDirectoryA@CFileWriter@@SAHPBDPAD@Z
??0CFileWriter@@QAE@XZ
??1CFileWriter@@UAE@XZ
?CreateFileA@CFileWriter@@QAEHPBDPADKK@Z
?WriteFile@CFileWriter@@QAEHPAXK@Z
?CloseFile@CFileWriter@@QAEHXZ

li

?CreateLogInfo@@YAPAVILogInfo@@XZ

kernel32

FlushFileBuffers
GetCPInfo
GetOEMCP
SetFilePointer
RtlUnwind
GetCommandLineA
HeapAlloc
HeapFree
ExitProcess
TerminateProcess
RaiseException
HeapSize
HeapReAlloc
GetACP
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
WriteFile
GetProcessVersion
GetCurrentProcess
LoadLibraryA
FreeLibrary
GlobalGetAtomNameA
GetModuleHandleA
GlobalAddAtomA
GlobalFindAtomA
WritePrivateProfileStringA
GetProcAddress
GlobalFlags
SetLastError
GetLastError
lstrcpyA
DebugBreak
GetVersion
lstrcpynA
TlsGetValue
lstrcatA
SetErrorMode
LocalReAlloc
GetCurrentThreadId
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
GlobalUnlock
GlobalFree
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
LocalFree
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
CloseHandle
GetModuleFileNameA
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetTickCount

user32

GetSystemMetrics
GetWindowPlacement
IsIconic
SystemParametersInfoA
SetFocus
RegisterWindowMessageA
SetForegroundWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CreateWindowExA
DestroyWindow
DefWindowProcA
GetMenuItemID
GetSubMenu
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
GetSysColor
MapWindowPoints
LoadIconA
LoadCursorA
GetSysColorBrush
LoadStringA
DestroyMenu
SetWindowPos
ShowWindow
GetDlgItem
GrayStringA
DrawTextA
TabbedTextOutA
ReleaseDC
GetDC
GetMenuItemCount
wsprintfA
GetWindowTextA
SetWindowTextA
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetClassNameA
UnregisterClassA
UnhookWindowsHookEx
LoadBitmapA
GetMenuState
ModifyMenuA
SetWindowLongA
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
EnableWindow
SetCursor
SendMessageA
PostMessageA
PostQuitMessage
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckMenuItem

gdi32

DeleteObject
CreateBitmap
DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject
SetBkColor
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
GetDeviceCaps
RectVisible
TextOutA
PtVisible
Escape
ExtTextOutA
GetObjectA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA

comctl32

ord17

Exports

Exports

?DestroyRawFileSystem@@YAXXZ
?GetRawFileSystem@@YAPAVIFileSystem@@XZ

Sections

.text
Size: 112KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

15901b98c1aa703b472a7d37e8592414

Headers

File Characteristics

Imports

dv

fe

li

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

Exports

Exports

Sections

.text Size: 112KB - Virtual size: 109KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 12KB - Virtual size: 24KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 112KB - Virtual size: 109KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 12KB - Virtual size: 24KB

.reloc
Size: 12KB - Virtual size: 11KB