38bfdbc443bc36e682a2e6d7f8fb1f0a9b66a7db8c400142564c574615bcce7b

Sharing

Copy URL

Twitter E-mail

General

Target

38bfdbc443bc36e682a2e6d7f8fb1f0a9b66a7db8c400142564c574615bcce7b
Size

30KB
MD5

b829dfae6a5fbddae5d153f97ab2c868
SHA1

63a2d7536e60aa9e644fafe9bbbb5993c4854739
SHA256

38bfdbc443bc36e682a2e6d7f8fb1f0a9b66a7db8c400142564c574615bcce7b
SHA512

c83c5ab7eda06a0623821477047242a4f2c98d3f4b9c6b486035bdbcc218a94e77fbddd3ff72df8b60b1b6303365c0df825ac672e504313dc7c55d114ca14cef
SSDEEP

768:HnQFDxGVZAUl87gLw0oBYAC/VoVQqKyW4jSIFT/oeH:aDYAV7g8wAC/G584dTgM

Score

N/A

Malware Config

Signatures

Files

38bfdbc443bc36e682a2e6d7f8fb1f0a9b66a7db8c400142564c574615bcce7b
.exe windows x86

1837b8dcb3c677fdf2b78bcbc91965b5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetWindowTextA
LoadIconA
DispatchMessageA
CreateWindowExA
TranslateMessage
SetClipboardData
GetClipboardData
SetSysColors
GetDlgItemTextA
IsDialogMessageA
GetClientRect
DestroyWindow
ShowOwnedPopups
GetSysColor
CascadeWindows
SetDlgItemInt
MessageBoxExA
CreateDialogParamA
GetTopWindow

gdi32

GetStockObject
EndPage
CreateSolidBrush
GetAspectRatioFilterEx
ExtSelectClipRgn
CombineRgn
CopyEnhMetaFileW
ExtFloodFill
BitBlt
DescribePixelFormat
CreateFontW
CreateDCA
GdiGetBatchLimit

advapi32

AdjustTokenPrivileges
OpenThreadToken
CloseEventLog
DeregisterEventSource
GetTokenInformation
OpenEventLogA
AccessCheck
RegFlushKey

shlwapi

PathCommonPrefixA
SHRegGetUSValueA
SHGetValueW
StrStrA
PathCompactPathExW
PathRenameExtensionW
PathIsUNCServerA
PathSetDlgItemPathA
PathRemoveBlanksA
PathMakeSystemFolderA
StrSpnW
PathSkipRootA
PathUnquoteSpacesA
PathIsDirectoryW
StrRStrIA

kernel32

VirtualAllocEx
IsBadReadPtr
GlobalFree
GetCPInfoExA
GetTimeFormatA
IsBadStringPtrA
HeapAlloc
DeleteCriticalSection
ReleaseSemaphore
GetACP
GetStartupInfoA
GetProfileIntA
GetPrivateProfileSectionNamesA
GetProcAddress
TlsGetValue
GetStdHandle
LCMapStringA
GetModuleHandleA
GetProfileSectionA
VerLanguageNameA

version

VerFindFileA
VerInstallFileA
GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

winspool.drv

AdvancedDocumentPropertiesA
EnumPrinterDriversA
DeletePrinterDriverW
DeletePrinterDataA
AddPrinterA
AddPrinterConnectionA
ConfigurePortA
DeletePrinterDriverExW
ClosePrinter
SetJobA
SetPrinterA
SetPrinterW

secur32

ApplyControlToken
FreeCredentialsHandle
DeleteSecurityContext
CompleteAuthToken
DecryptMessage
AcceptSecurityContext
VerifySignature
EncryptMessage
MakeSignature
ExportSecurityContext

netapi32

NetConfigGetAll
NetAuditWrite
NetConnectionEnum
NetGroupAddUser
NetGetDCName
NetFileEnum
NetConfigGet
NetErrorLogWrite
NetConfigSet
NetErrorLogClear
NetMessageNameAdd
NetAuditClear
NetErrorLogRead

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1837b8dcb3c677fdf2b78bcbc91965b5

Headers

File Characteristics

Imports

user32

gdi32

advapi32

shlwapi

kernel32

version

winspool.drv

secur32

netapi32

msvcrt

Sections

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 7KB - Virtual size: 28KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 7KB - Virtual size: 28KB

.rsrc
Size: 2KB - Virtual size: 1KB