f06aaf5c0d16859c61841883cc6387321a545689102ef061f7e9e637fee8acee

Sharing

Copy URL Twitter E-mail

General

Target

f06aaf5c0d16859c61841883cc6387321a545689102ef061f7e9e637fee8acee
Size

405KB
MD5

52819bac00f37a461be302cb3a600310
SHA1

268846d29de40a726b7a00f13c997da88bac5900
SHA256

f06aaf5c0d16859c61841883cc6387321a545689102ef061f7e9e637fee8acee
SHA512

fc04b33c83611302dee799bcce7d8641478d179247593e199f09332ead12bdefb390afae1ddc5e7f76dbcc9a77e85920035b2fb0eebba726f7265fc656ce3be0
SSDEEP

6144:SgAOAiKDlgbmbGjQRZU8uG0doCkW8rji1FHjG4B/GVg0cWOwFmMtMEmWjIZFo8:ZmiKDSbRkZU2T9e1BdFEcWd9rmL9

Score

N/A

Malware Config

Signatures

Files

f06aaf5c0d16859c61841883cc6387321a545689102ef061f7e9e637fee8acee
.exe windows x86

a455d0e78b84463dfa3155eb731859f3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EnumDisplaySettingsW
GetDC
ReleaseDC
GetWindowRgn
ChangeMenuW
DrawFrameControl
SetWindowRgn
MonitorFromPoint
GetTabbedTextExtentW
WindowFromDC
DestroyCursor
GetDCEx
CreateMenu
InSendMessage
IsClipboardFormatAvailable
TranslateMDISysAccel
LoadCursorW
UpdateWindow
MessageBoxW
GetDesktopWindow
ReleaseCapture
LoadImageW
GetParent
SetWindowLongW
GetWindowLongW
CopyRect
GetWindowRect
SetWindowTextW
EnableWindow
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
FrameRect
CharUpperBuffW
ModifyMenuW
SetMenuDefaultItem
CopyIcon
IsDlgButtonChecked
CheckDlgButton
GetDlgItem
MoveWindow
ShowWindow
SendMessageW
GetDoubleClickTime
LockWindowUpdate
SetParent
SetCursorPos
DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
GetProcessWindowStation
GetUserObjectInformationW
MessageBoxA
ToUnicodeEx
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
GetSystemMenu
GetComboBoxInfo
ReuseDDElParam
UnpackDDElParam
GetMenuBarInfo
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
IntersectRect
BringWindowToTop
SetMenuItemBitmaps
IsMenu
SetCursor
IsWindowVisible
GetCaretPos
MsgWaitForMultipleObjectsEx
SetDlgItemTextA
EnumWindowStationsA
CharUpperBuffA
GetClipboardFormatNameA
GetClientRect

shell32

DragAcceptFiles
ExtractAssociatedIconW
DragQueryFileA
DragFinish
Shell_NotifyIconW
SHGetFolderPathW
SHCreateDirectoryExW
SHAddToRecentDocs
ExtractIconW
SHGetFileInfoW
SHGetPathFromIDListW
SHGetMalloc
ShellExecuteExW
FindExecutableW
SHGetSpecialFolderPathW
CommandLineToArgvW
SHBrowseForFolderW
SHAppBarMessage
DragQueryFileW
SHGetDesktopFolder
SHGetSpecialFolderLocation
ShellExecuteW

advapi32

RegQueryValueW
RegSetValueW
RegCreateKeyW
GetUserNameW
OpenThreadToken
DuplicateTokenEx
CreateProcessAsUserW
GetLengthSid
SetTokenInformation
RegQueryInfoKeyW
RegOpenKeyW
RegEnumValueW
RegEnumKeyW
RegDeleteValueW
ReportEventA
RegisterEventSourceA
DeregisterEventSource
RegDeleteKeyW
LookupPrivilegeValueW
EqualSid
AdjustTokenPrivileges
GetTokenInformation
OpenProcessToken
LookupAccountNameW
LookupAccountSidW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegEnumKeyExW
RegCreateKeyExW
RegCloseKey
SetFileSecurityW
RegUnLoadKeyW
RegCreateKeyA
AddAce
CreatePrivateObjectSecurity
RegSetValueA
UnlockServiceDatabase
PrivilegedServiceAuditAlarmW
GetFileSecurityW

gdi32

GetRgnBox
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetDIBits
RealizePalette
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
StretchBlt
SetDIBColorTable
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
Rectangle
EnumFontFamiliesExW
OffsetRgn
GetCurrentObject
CreateFontW
GetCharWidthW
RoundRect
FrameRgn
PtInRegion
SetPixelV
ExtFloodFill
SetPaletteEntries
FillRgn
GetBkColor
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetTextFaceW
CloseMetaFile
CreateMetaFileW
DeleteMetaFile
RestoreDC
RectVisible
PtVisible
PlayMetaFile
SetROP2
SetPolyFillMode
SetLayout
SetMapMode
SetGraphicsMode
SetMapperFlags
SelectPalette
DPtoLP
SetRectRgn
GetMapMode
PatBlt
CreateRectRgnIndirect
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SaveDC
SetViewportExtEx
PolylineTo
PolyBezierTo
ExtTextOutW
TextOutW
MoveToEx
ExtCreatePen
SetArcDirection
SelectClipPath
PolyDraw
ArcTo
StartDocW
SetColorAdjustment
ModifyWorldTransform
SetWorldTransform
EnumMetaFile
PlayMetaFileRecord
SetTextJustification
SetTextAlign
SetTextCharacterExtra
GetLogColorSpaceW
GetColorSpace
SetICMMode
SetBrushOrgEx
SetStretchBltMode
StretchDIBits
SetDIBitsToDevice
GetBoundsRect
GetLayout
AddFontResourceExA
Arc
CombineRgn
CombineTransform
AddFontResourceExW
AddFontMemResourceEx
CreateCompatibleBitmap
CreateDCA
SelectClipRgn
GdiAlphaBlend
CreateRectRgn
CreateRoundRectRgn
SetBkColor
GetTextMetricsW
CopyMetaFileW
CreateDCW
CreateBitmap
CreateDIBPatternBrushPt
CreateHatchBrush
CreatePen
CreatePatternBrush
Escape
ExcludeClipRect
GetClipBox
GetClipRgn
GetCurrentPositionEx
GetObjectType
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
OffsetClipRgn
CreateFontIndirectW
GetSystemPaletteEntries
GetDeviceCaps
GetObjectW
DeleteObject
SelectObject
AddFontResourceW
BitBlt
CreateCompatibleDC
CreateSolidBrush
DeleteDC
GetPixel
GetStockObject
GetTextExtentPoint32W
SetBkMode
SetTextColor
CreateDIBSection
GetObjectA
GetBitmapBits
SetViewportOrgEx
GdiFlush
GetTextColor
ExtSelectClipRgn
SetDIBits

winspool.drv

ClosePrinter
OpenPrinterW
GetJobW
DocumentPropertiesW

kernel32

VirtualAlloc
SetCommBreak
GetWriteWatch
LocalFlags
GetConsoleCursorInfo
GlobalWire
FileTimeToDosDateTime
IsDebuggerPresent
GetCurrentProcess
TerminateProcess
GetCurrentThread
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoA
GetProcessHeap
GetCommandLineA
HeapFree
HeapAlloc
CreateProcessA
GetCommandLineW
GetVersionExA
Sleep
LeaveCriticalSection
EnterCriticalSection
GetStdHandle
CreateEventA
CompareFileTime
SetEndOfFile
WriteFile
GetSystemTimeAsFileTime
RaiseException
SetHandleCount
GetFileType
DeleteCriticalSection
HeapSize
GetLastError
GetProcAddress
GetModuleHandleW
HeapReAlloc
GetModuleHandleA
ExitProcess
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
InterlockedIncrement
InterlockedDecrement
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
MultiByteToWideChar
SetFilePointer
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
LoadLibraryA
FlushFileBuffers
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
ReadFile
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CloseHandle
CreateFileA
VerLanguageNameA

Sections

.text
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 32.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 248KB - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a455d0e78b84463dfa3155eb731859f3

Headers

DLL Characteristics

File Characteristics

Imports

user32

shell32

advapi32

gdi32

winspool.drv

kernel32

Sections

.text Size: 140KB - Virtual size: 140KB

.data Size: 15KB - Virtual size: 32.6MB

.rsrc Size: 248KB - Virtual size: 247KB

.text
Size: 140KB - Virtual size: 140KB

.data
Size: 15KB - Virtual size: 32.6MB

.rsrc
Size: 248KB - Virtual size: 247KB