9596ef550005f3f5baf74d12c0451ebab3364f2342d2be887e8c8605a5fe161e

Sharing

Copy URL

Twitter E-mail

General

Target

9596ef550005f3f5baf74d12c0451ebab3364f2342d2be887e8c8605a5fe161e
Size

298KB
MD5

b2458261334be79509f5b2a6b5fdc4c5
SHA1

3112096f9216d5ea7ea9131c75230f952448ef0e
SHA256

9596ef550005f3f5baf74d12c0451ebab3364f2342d2be887e8c8605a5fe161e
SHA512

fa6ad531bead6b02a02127b2998665a90af9e65fa30122648e3df03fd2dd74a781935206edba84e1283d18e928a1428d936bde8c1db1059842b0d8287acdb4cd
SSDEEP

6144:x809zaMW9xL1lRB7/SBMcPTjhmujCz927jGanmm:eEzaMixLfTaBjTjhFjCRijGst

Score

N/A

Malware Config

Signatures

Files

9596ef550005f3f5baf74d12c0451ebab3364f2342d2be887e8c8605a5fe161e
.exe windows x86

a08fe7dedf18ceeb7bdb51e4c07d8f64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
IsValidCodePage
GetOEMCP
GetACP
HeapSize
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
FlushFileBuffers
GetConsoleMode
IsValidLocale
SetFilePointer
GetModuleFileNameW
WriteFile
ExitProcess
GetLastError
GetProcAddress
IsProcessorFeaturePresent
GetFileType
InitializeCriticalSectionAndSpinCount
GetStdHandle
SetHandleCount
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetCPInfo
MultiByteToWideChar
LCMapStringW
RtlUnwind
GetStringTypeW
HeapReAlloc
LoadLibraryW
SetStdHandle
WriteConsoleW
CreateFileA
CreateFileW
SetEndOfFile
LocalFree
CloseHandle
GetVersionExA
GetCurrentThreadId
FindNextFileA
GetSystemInfo
GetConsoleCP
LockResource
RaiseException
GetStartupInfoW
HeapSetInformation
GetCommandLineA
FindClose
ReadFile
GetThreadLocale
FindFirstFileA
lstrlenW
GetCommandLineW
GetTimeZoneInformation
HeapCreate
SizeofResource
GetLocaleInfoW
WideCharToMultiByte
FormatMessageA
GetCurrentProcess
HeapAlloc
LoadResource
GetNativeSystemInfo
FindResourceA
GetFullPathNameA
HeapFree
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
Sleep
DecodePointer
EncodePointer
InterlockedDecrement
GetComputerNameA
GetModuleHandleW
InterlockedIncrement
GetProcessHeap

user32

wsprintfA
MoveWindow
GetWindow
RegisterClassA
GetWindowThreadProcessId
TranslateMDISysAccel
CharToOemA
LookupIconIdFromDirectory
DestroyIcon
LoadCursorA
DestroyMenu
UpdateWindow
IsWindowVisible
GetCursor
DispatchMessageA
IsWindow
DrawMenuBar
ShowWindow
GetCursorPos
EndPaint
DestroyWindow
GetMessageA
EnumDisplayMonitors
GetClassNameA
GetDlgItemInt
IsMenu
CreateDialogParamA
InsertMenuItemA
PostQuitMessage
SendDlgItemMessageA
FillRect
SetWindowPos
GetSubMenu
GetParent
AttachThreadInput
LoadMenuA
LoadIconA
DrawTextA
WindowFromPoint
SendMessageA
BeginPaint
CreateIconIndirect
GetIconInfo
TranslateMessage
GetMenu
OemToCharA
CreateAcceleratorTableA
GetWindowLongA
CreateWindowExA
EnableMenuItem
GetDlgItem
DefWindowProcA
GetSysColor
CreateIconFromResource

gdi32

SetTextColor
DeleteDC
CreateFontIndirectA
SetBkColor
CreateBitmap
SetBkMode
DeleteObject
SelectObject
CreateCompatibleDC
DPtoLP
SetMapMode
GetMapMode
SetStretchBltMode
SetROP2
GetObjectA
GetStockObject
CreateSolidBrush
TextOutA
BitBlt

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

comdlg32

GetOpenFileNameW
CommDlgExtendedError

advapi32

GetTokenInformation
OpenProcessToken
GetExplicitEntriesFromAclA
GetSecurityDescriptorDacl
RegCloseKey
GetFileSecurityA
GetUserNameA
RegEnumValueA
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
GetEffectiveRightsFromAclA

shell32

CommandLineToArgvW

ole32

CoGetMalloc

netapi32

NetUserEnum
NetApiBufferFree
NetSessionEnum

avicap32

capCreateCaptureWindowW

shlwapi

PathFileExistsA
PathIsDirectoryA

gdiplus

GdipDeleteGraphics
GdipFree
GdipLoadImageFromFile
GdipDrawImageI
GdipAlloc
GdipDisposeImage
GdipCreateFromHDC
GdipCloneImage
GdiplusShutdown
GdiplusStartup

d3d9

Direct3DCreate9

Sections

.text
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 149KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a08fe7dedf18ceeb7bdb51e4c07d8f64

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

netapi32

avicap32

shlwapi

gdiplus

d3d9

Sections

.text Size: 94KB - Virtual size: 93KB

.rdata Size: 26KB - Virtual size: 25KB

.data Size: 149KB - Virtual size: 157KB

.rsrc Size: 28KB - Virtual size: 108KB

.text
Size: 94KB - Virtual size: 93KB

.rdata
Size: 26KB - Virtual size: 25KB

.data
Size: 149KB - Virtual size: 157KB

.rsrc
Size: 28KB - Virtual size: 108KB