5aafa97454f7aba5141a4ee79165d7e5e77c173915c716ce91b5ba5d4eefe07d

Sharing

Copy URL Twitter E-mail

General

Target

5aafa97454f7aba5141a4ee79165d7e5e77c173915c716ce91b5ba5d4eefe07d
Size

280KB
MD5

b929fafd2247c2d2eeb11e4acf2dc55b
SHA1

3af8b3b61fb1f8d249f90c72a5878d83067990cc
SHA256

5aafa97454f7aba5141a4ee79165d7e5e77c173915c716ce91b5ba5d4eefe07d
SHA512

196cb88ee70219140acb8fad9c7b2a52f3474be32fc859e5423d1567f1053be8e03c631574e1b2b3a71aaa8a9ba01b8b9bb2dc77ee99f1e09a3b8ae516667f20
SSDEEP

3072:rH0iFIQGlBC5o1eHPVCH2zcqE4qt5JR6BttcmjjIR7mDoV8AoKcQyC9:got5ocMHszqt5JR6TtcmY8BH

Score

N/A

Malware Config

Signatures

Files

5aafa97454f7aba5141a4ee79165d7e5e77c173915c716ce91b5ba5d4eefe07d
.exe windows x86

a88ce0e61598b79a091360d1f93e23b1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winspool.drv

OpenPrinterW
GetJobW
FindFirstPrinterChangeNotification
EnumJobsW
GetPrinterW
ClosePrinter
EnumPortsW
SetJobW
DocumentPropertiesW
DocumentPropertiesA
SetPrinterDataW
OpenPrinterA
FreePrinterNotifyInfo
FindNextPrinterChangeNotification
EnumPrintersW
ord204

advapi32

RegEnumKeyExW
InitializeSecurityDescriptor
LookupPrivilegeValueA
OpenThreadToken
RegDeleteValueW
RegQueryValueExW
RegEnumValueA
QueryServiceStatus
OpenProcessToken
RegQueryValueA
RegCreateKeyExA
SetFileSecurityW
SetSecurityDescriptorOwner
DuplicateToken
RegOpenKeyA
RegQueryValueExA
DeleteAce
RevertToSelf
RegSetValueExW
GetTokenInformation
StartServiceW
RegEnumKeyW
CryptAcquireContextA
FreeSid
RegOpenCurrentUser
CryptImportKey
AdjustTokenPrivileges
RegEnumValueW
RegEnumKeyA
RegQueryInfoKeyA
OpenServiceA
GetFileSecurityA
SetSecurityDescriptorGroup
IsValidSecurityDescriptor
RegEnumKeyExA
CloseServiceHandle
CreateServiceA
GetLengthSid
DeleteService
GetFileSecurityW
RegSetValueA
RegCreateKeyExW
CryptReleaseContext
InitializeAcl
RegCloseKey
ChangeServiceConfigA
RegDeleteKeyA
RegSetValueExA
SetFileSecurityA
CryptEncrypt
RegDeleteKeyW
SetTokenInformation
ConvertStringSidToSidA
StartServiceCtrlDispatcherA
StartServiceA
OpenSCManagerA
CryptDestroyHash
CryptGetHashParam
AddAce
RegDeleteValueA
RegOpenKeyExA
ControlService

gdi32

EqualRgn
Polygon
Ellipse
GetArcDirection
GetTextFaceA
EndPage
CreatePatternBrush
TextOutA
FlattenPath
SetBoundsRect
FillPath
ModifyWorldTransform
GetCurrentObject
SetMapMode
Escape
SetTextCharacterExtra
GetObjectType
SetMiterLimit
GetTextExtentPoint32W
SetTextJustification
CreatePolygonRgn
GetStretchBltMode
EndPath
EnumFontFamiliesExW
PtVisible
DeleteObject
PolylineTo
GetBkMode
RestoreDC
GetTextMetricsA
GdiComment
SetStretchBltMode
GetAspectRatioFilterEx
ScaleWindowExtEx
GetMiterLimit
GetSystemPaletteEntries
GetPolyFillMode
CreateRectRgnIndirect
GetCharABCWidthsA
CreateRectRgn
AngleArc
PlayEnhMetaFile
SetWindowOrgEx
GetPixel
WidenPath
OffsetViewportOrgEx
CloseFigure
RectInRegion
OffsetRgn
Rectangle
GetTextCharset
SelectObject
GetCurrentPositionEx
GetTextFaceW
CombineRgn
ExtCreateRegion
SetPolyFillMode
CreateFontIndirectW
EnumFontFamiliesExA
SetWinMetaFileBits
AbortPath
CreateSolidBrush
SelectClipPath
SetBrushOrgEx
GdiFlush
CreateDCW
ExcludeClipRect
GetKerningPairsA
CreateHatchBrush
GetViewportExtEx
SaveDC
SetArcDirection
SetViewportExtEx
GetWindowExtEx
GetBoundsRect
Polyline
GetRgnBox
GetObjectA
SetRectRgn
GetPath
CreateEllipticRgn
PathToRegion
StretchBlt
GetClipBox
CloseEnhMetaFile
ResizePalette
PatBlt
GetTextExtentPoint32A
ExtEscape
GetDIBits
GetNearestPaletteIndex
TextOutW
DrawEscape
PolyBezier
CreateMetaFileA
CreatePen
CreatePalette
RectVisible
ExtTextOutA
GetRegionData
CreateDiscardableBitmap
ExtTextOutW
CreateCompatibleBitmap
MoveToEx
SetPaletteEntries
GetViewportOrgEx
SetTextColor
PtInRegion
CreateCompatibleDC
GetTextColor
LPtoDP
IntersectClipRect
EnumFontFamiliesW
SelectPalette
SetViewportOrgEx
ExtCreatePen
DPtoLP
RoundRect
SetWindowExtEx
PolyPolygon
SetBitmapBits
StartPage
EnumObjects
PolyBezierTo
SetDIBits
Arc
CreateFontW
GetNearestColor
SetTextAlign
CreateEnhMetaFileA
CopyMetaFileA
GetTextCharacterExtra
GetTextExtentPointA
GetCharABCWidthsFloatA
CreateDIBitmap
SetPixel
GetFontData
GetBkColor
RealizePalette
ScaleViewportExtEx
BeginPath
GetGlyphOutlineA
CreateDIBSection
StrokePath
FrameRgn
UnrealizeObject
SetEnhMetaFileBits
PlayMetaFile
GetPaletteEntries
CreateDCA
ResetDCA
PlgBlt
CreateEllipticRgnIndirect
LineTo
SelectClipRgn
ExtSelectClipRgn
Chord
OffsetClipRgn
SetWorldTransform
GetClipRgn
CreateBitmap
CloseMetaFile
AbortDoc
SetDIBitsToDevice
GetStockObject
CreateICA
SetAbortProc
StartDocA
GetWindowOrgEx
GetCharWidthA
UpdateColors
ExtFloodFill
CreatePenIndirect
BitBlt
GetObjectW
OffsetWindowOrgEx
StrokeAndFillPath
GetMapMode
SetROP2
EndDoc
AnimatePalette
CreateFontA
PolyPolyline
GetTextAlign
GetBrushOrgEx
StretchDIBits
Pie
CreateFontIndirectA
SetBkMode
GetDeviceCaps
MaskBlt
GetCharABCWidthsW
GetColorAdjustment
DeleteDC
SetBkColor
CreateBitmapIndirect
GetCharWidthFloatA

shell32

DragAcceptFiles
SHBrowseForFolderW
SHFileOperationW
SHGetFileInfoA
SHGetMalloc
ShellExecuteW
DragQueryFileW
ord155
Shell_NotifyIconW
SHAppBarMessage
DragFinish
SHGetSpecialFolderLocation
SHGetFolderPathW
CommandLineToArgvW
SHGetFileInfoW
DragQueryFileA
SHGetPathFromIDListA
ShellExecuteA
SHBrowseForFolderA

user32

GetMonitorInfoW
EndDeferWindowPos
GetMenu
GetClassInfoA
IntersectRect
OffsetRect
GetActiveWindow
TabbedTextOutA
GetDlgItemTextA
LockWindowUpdate
SetWindowContextHelpId
SetTimer
SetCursorPos
InvalidateRgn
GetSystemMenu
SetDlgItemTextW
GetFocus
HideCaret
RemoveMenu
SystemParametersInfoW
LoadIconW
FrameRect
CreateDialogIndirectParamW
SetActiveWindow
UnionRect
IsChild
RegisterClassExA
FindWindowW
InsertMenuItemA
GetWindowLongW
IsMenu
DispatchMessageW
GetCursorPos
PostThreadMessageA
BeginPaint
TrackMouseEvent
EnableWindow
SendMessageA
DrawIcon
SetPropA
DialogBoxParamW
GetPropA
CopyAcceleratorTableW
AppendMenuA
CharUpperA
PostQuitMessage
ShowWindow
SendDlgItemMessageA
CallWindowProcW
LoadBitmapA
DrawTextA
WinHelpA
SetRectEmpty
MoveWindow
DdeNameService
GetSysColor
wvsprintfA
GetWindowLongA
FindWindowA
LoadImageA
GetMenuItemCount
GetClassLongA
EndDialog
IsWindowEnabled
GetClipboardOwner
EnumWindows
GetMenuItemID
CreatePopupMenu
BringWindowToTop
GetNextDlgTabItem
CreateCaret
GetParent
CreateWindowExA
ReleaseCapture
InflateRect
WindowFromDC
LoadCursorW
MessageBeep
CopyIcon
GetUpdateRect
CallWindowProcA
DrawTextExA
DrawEdge
EnableMenuItem
TranslateAcceleratorA
InsertMenuA
DrawMenuBar
RemovePropA
SetWindowLongA
SetWindowTextA
SetWindowRgn
SetWindowPlacement
GetWindowTextLengthW
SetCapture
SetForegroundWindow
CheckMenuItem
DestroyIcon
GetScrollInfo
BeginDeferWindowPos
GetAsyncKeyState
GetMenuState
GetDlgCtrlID
SetMenuInfo
EnableScrollBar
ClientToScreen
CreateCursor
MessageBoxW
CopyRect
UnpackDDElParam
CopyAcceleratorTableA
SetCursor
ScrollWindow
CheckDlgButton
DrawFrameControl
GetLastActivePopup
GetWindowRect
SetClipboardData
SetMenu
DeleteMenu
FillRect
InvalidateRect
LoadMenuA
IsIconic
GetMessageTime
DispatchMessageA
MonitorFromPoint
SendDlgItemMessageW
PostMessageW
GetDlgItem
GetDC
ExitWindowsEx
CopyImage
PeekMessageA
IsWindowVisible
IsRectEmpty
IsWindowUnicode
DefDlgProcA
GetDCEx
ReleaseDC
MapVirtualKeyW
GetClipboardViewer
CharLowerA
GetMessageW
AttachThreadInput
UnregisterClassA
TrackPopupMenu
GetMessagePos
RedrawWindow
ShowCaret
SetScrollInfo
IsClipboardFormatAvailable
LoadIconA
SetMenuItemBitmaps
DialogBoxParamA
InsertMenuW
RegisterWindowMessageW
LoadAcceleratorsA
LoadStringA
GetWindowThreadProcessId
wsprintfA
DefWindowProcW
DestroyWindow
ClipCursor
LoadAcceleratorsW
SetScrollPos
UnhookWindowsHookEx
CallNextHookEx
IsCharLowerA
GetMessageA
RegisterClassA
SendMessageTimeoutW
RegisterHotKey
TranslateMessage
DestroyMenu
DrawTextW
CreateMenu
MessageBoxA
GetWindowDC
UnregisterClassW
EndPaint
LoadCursorA
SetWindowsHookExW
SetWindowPos
EmptyClipboard
PostMessageA
CreateWindowExW
DrawIconEx
OpenClipboard
WindowFromPoint
ScreenToClient
ModifyMenuA
GetWindow
UpdateWindow
DrawStateA
SetFocus
DefFrameProcW
PtInRect
CreateIconIndirect
DefMDIChildProcA
KillTimer
IsZoomed
GetNextDlgGroupItem
MapWindowPoints
DestroyCursor
ReuseDDElParam
IsDlgButtonChecked
DefWindowProcA
GetForegroundWindow
CreateDialogParamW
GetWindowTextA
SetRect
GetKeyState
GetDesktopWindow
GetWindowPlacement
SetScrollRange
SetMenuDefaultItem
GetOpenClipboardWindow
GetClassLongW
GrayStringA
SetWindowLongW
GetClientRect
GetDlgItemInt
SystemParametersInfoA
GetMenuCheckMarkDimensions
DrawFocusRect
GetSystemMetrics
GetSubMenu
EqualRect
CharNextA
GetCapture
GetWindowTextLengthA
WaitForInputIdle
IsDialogMessageA
IsWindow
LoadMenuW
GetKeyNameTextW
GetSysColorBrush
SetMenuItemInfoA
GetKeyboardLayout
ValidateRect
CloseClipboard
SetPropW
GetClassNameA
AdjustWindowRectEx

kernel32

CloseHandle
IsBadWritePtr
CompareStringW
GetLastError
GetDriveTypeW
SetFilePointer
GetVolumeInformationA
InterlockedDecrement
GetShortPathNameA
GetFileAttributesA
TerminateThread
TlsSetValue
GetStringTypeA
GetThreadLocale
HeapSize
GlobalReAlloc
GetSystemInfo
LockFile
GlobalGetAtomNameA
GetStringTypeExW
GetTempPathA
CreateProcessW
VirtualFree
GlobalLock
GetFileType
EnterCriticalSection
MapViewOfFile
GetCommandLineW
FindFirstFileA
GetFileTime
ReadFile
GetCurrentDirectoryW
GlobalHandle
SetEnvironmentVariableA
GlobalUnlock
LocalFileTimeToFileTime
QueryDosDeviceA
FindResourceA
GetStartupInfoA
GlobalAlloc
GetCurrentProcess
ResetEvent
GetUserDefaultLCID
QueryPerformanceCounter
FatalAppExitA
CreateFileW
SetFileTime
GetProcAddress
GetTickCount
FindNextFileA
OpenProcess
RaiseException
GetEnvironmentVariableA
LocalFree
GetSystemDirectoryA
RtlUnwind
GetStringTypeW
GetOEMCP
VirtualQuery
GetFullPathNameW
GetFileAttributesW
DeviceIoControl
LoadLibraryW
GetConsoleCP
FreeEnvironmentStringsW
GetProcessVersion
VirtualProtect
GetLocaleInfoA
FormatMessageW
GetVolumeInformationW
GlobalFree
EnumResourceLanguagesA
CreateProcessA
LCMapStringA
GetFullPathNameA
lstrcmpiW
GetEnvironmentVariableW
GetCurrentThread
GetCurrentDirectoryA
lstrcpynA
GetCPInfo
WinExec
MulDiv
HeapFree
SizeofResource
SetLastError
GetEnvironmentStrings
InitializeCriticalSection
MoveFileA
Sleep
ExitProcess
GetLocaleInfoW
SetFileAttributesW
FreeLibrary
UnmapViewOfFile
GetTimeFormatW
HeapDestroy
lstrcmpW
FormatMessageA
GetTempFileNameA
TlsFree
TerminateProcess
SetStdHandle
GetModuleHandleA
RemoveDirectoryW
GetModuleFileNameW
SetErrorMode
CopyFileA
SetHandleCount
GetPrivateProfileIntA
WriteConsoleW
FreeResource
WriteFile
HeapCreate
GetDateFormatW
WideCharToMultiByte
GetDateFormatA
GetCommandLineA
GetWindowsDirectoryA
CreateToolhelp32Snapshot
IsDebuggerPresent
LockResource
GlobalDeleteAtom
WaitForSingleObject
lstrcatA
InterlockedExchange
GetPrivateProfileStringA
CreateDirectoryW
GetStdHandle
WriteConsoleA
CreateFileA
IsValidCodePage
DeleteCriticalSection
LocalAlloc
MultiByteToWideChar
DebugBreak
GetDriveTypeA
ExitThread
IsBadCodePtr
lstrcmpA
_llseek
FileTimeToLocalFileTime
GetEnvironmentStringsW
GetTempFileNameW
IsValidLocale
GetCurrentProcessId
WaitForMultipleObjects
SetUnhandledExceptionFilter
CompareStringA
ResumeThread
OpenMutexA
GetLocalTime
UnlockFile
InterlockedCompareExchange
HeapAlloc
GetVersion
FlushFileBuffers
GetStringTypeExA
CreateMutexA
GetTimeFormatA
lstrcmpiA
GetModuleHandleW
FreeEnvironmentStringsA
GetACP
EnumSystemLocalesA
SetEndOfFile
CreateEventA
GlobalFlags
GetFileSize
TlsAlloc
DuplicateHandle
GetSystemTimeAsFileTime
GetModuleFileNameA
WritePrivateProfileStringA
LoadLibraryExW
lstrlenA
CreateMutexW
LoadLibraryA
FindNextFileW
GetSystemTime
GetTimeZoneInformation
GetVersionExA
SetThreadContext
GetCurrentThreadId
HeapReAlloc
FileTimeToSystemTime
FindClose
SetThreadPriority
LeaveCriticalSection
SuspendThread
InterlockedIncrement
UnhandledExceptionFilter
TlsGetValue
IsBadReadPtr
lstrcpyA
LCMapStringW
GetConsoleOutputCP
VirtualAlloc
LocalReAlloc
SetEvent
GetStartupInfoW
GetConsoleMode
lstrlenW

comctl32

ImageList_DragShowNolock
ImageList_DrawEx
ord17
ImageList_SetImageCount
ImageList_Remove
ImageList_GetIcon
ImageList_SetBkColor
_TrackMouseEvent
ImageList_GetBkColor
ImageList_Create
ImageList_GetIconSize
ImageList_Destroy
PropertySheetA
ImageList_Draw
ImageList_Add
ImageList_SetDragCursorImage
ImageList_DragLeave
ImageList_GetImageCount
ImageList_EndDrag
CreateStatusWindowW
ImageList_BeginDrag
ImageList_Read
ImageList_LoadImageA
CreatePropertySheetPageA
ImageList_SetOverlayImage
ImageList_AddMasked
ImageList_DragMove
DestroyPropertySheetPage
ImageList_ReplaceIcon
InitCommonControlsEx
CreateToolbarEx
ImageList_DragEnter
ImageList_GetImageInfo
ImageList_Write

Sections

.text
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a88ce0e61598b79a091360d1f93e23b1

Headers

File Characteristics

Imports

winspool.drv

advapi32

gdi32

shell32

user32

kernel32

comctl32

Sections

.text Size: 76KB - Virtual size: 73KB

.rdata Size: 112KB - Virtual size: 109KB

.data Size: 72KB - Virtual size: 79KB

.rsrc Size: 16KB - Virtual size: 13KB

.text
Size: 76KB - Virtual size: 73KB

.rdata
Size: 112KB - Virtual size: 109KB

.data
Size: 72KB - Virtual size: 79KB

.rsrc
Size: 16KB - Virtual size: 13KB