483eef401d4c1b70d3ce7a825e51ad134561dd8f3dbd3cfb4122060708128f5d

Sharing

Copy URL Twitter E-mail

General

Target

483eef401d4c1b70d3ce7a825e51ad134561dd8f3dbd3cfb4122060708128f5d
Size

340KB
MD5

626e2f1f5cf4911fbd605131cfaf60ef
SHA1

06f4621a6c75ea68ea6cee8ec5bbba2445d64afe
SHA256

483eef401d4c1b70d3ce7a825e51ad134561dd8f3dbd3cfb4122060708128f5d
SHA512

f0cd1a6cce69e2f1aaebd88366d3b3ae9121bfbee1fd298d94d051ee96dab4cfe1150f4eaca1a13b4b89284fac97da5836b80d4bf265b418fb5b8534b1de7853
SSDEEP

6144:V9dYBOfdU6cY55+JlkNpCntLjKBtJbH3psvx89TOSyjWLZcVDXXmhaA6m/nR:VvYBOf2TcLGKBTZdbyjVVDXXmwA6m/nR

Score

N/A

Malware Config

Signatures

Files

483eef401d4c1b70d3ce7a825e51ad134561dd8f3dbd3cfb4122060708128f5d
.exe windows x86

d09c61633d4efb36eaffa269050d8f5f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DispatchMessageA
CreateWindowExA
LoadIconA
SetClipboardData
LoadCursorA
DialogBoxParamA
TranslateMessage
OpenClipboard
SetWindowPlacement
DefDlgProcA
SetParent
GetWindowPlacement
FindWindowExA
FindWindowA
MessageBoxExA
GetDlgItemTextA
GetDesktopWindow
EndDialog
ArrangeIconicWindows
GetDialogBaseUnits

gdi32

GetStockObject
CloseEnhMetaFile
CancelDC
ChoosePixelFormat
ExtEscape
ExtCreateRegion
FillRgn
GdiSetBatchLimit
GetBkColor
GdiComment
Arc
CreateCompatibleDC
Escape

advapi32

RegQueryValueExA
ClearEventLogW
BackupEventLogW
RegSaveKeyA
RegEnumKeyA
RegEnumKeyExA
OpenEventLogA
ClearEventLogA

shlwapi

PathIsURLW
PathIsUNCServerA
SHRegEnumUSValueW
PathCompactPathA
PathFileExistsW
SHRegGetUSValueA
PathUnmakeSystemFolderW
PathIsURLA
SHDeleteValueA
SHRegCreateUSKeyA
PathCompactPathExA
StrCmpNW
StrToIntA
StrTrimA
PathIsSystemFolderA

kernel32

GetCPInfoExA
ResetEvent
GetDateFormatA
GetProcessHeap
GetLocaleInfoA
HeapFree
LocalFlags
IsBadStringPtrA
GetProfileStringA
GetPrivateProfileStructA
GetStartupInfoA
GetEnvironmentStrings
TlsGetValue
VirtualAllocEx
LCMapStringA
GetStdHandle
GetACP
GetLastError
GetModuleHandleA
GetProcAddress
VirtualProtect
HeapWalk
VerLanguageNameA

version

VerQueryValueA
VerFindFileA
VerInstallFileA
GetFileVersionInfoA
GetFileVersionInfoSizeA

winspool.drv

DeletePrinterDriverExA
GetJobW
GetJobA
AdvancedDocumentPropertiesA
DeletePrinterConnectionA
EnumPrinterDriversA
DeletePrinterDataA
EnumPrinterDriversW
AddPrinterConnectionW
AddPrinterA
GetPrinterDriverW
AddFormA
EnumJobsA
EnumPrintersW

secur32

DecryptMessage
AcceptSecurityContext
CompleteAuthToken
ExportSecurityContext
ApplyControlToken
MakeSignature
VerifySignature
FreeCredentialsHandle
EncryptMessage
DeleteSecurityContext

netapi32

NetMessageBufferSend
NetLocalGroupDelMembers
NetConfigSet
Netbios
NetFileClose
NetAuditWrite
NetGetAnyDCName
NetErrorLogClear
NetGetDCName
NetErrorLogWrite
NetGroupAdd
NetFileEnum
NetAuditRead

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 315KB - Virtual size: 418KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d09c61633d4efb36eaffa269050d8f5f

Headers

File Characteristics

Imports

user32

gdi32

advapi32

shlwapi

kernel32

version

winspool.drv

secur32

netapi32

msvcrt

Sections

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 315KB - Virtual size: 418KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 315KB - Virtual size: 418KB

.rsrc
Size: 4KB - Virtual size: 3KB