b2a2f0a03e042172f950920d2020046ceceb5db5bd94562c6235c265c385bd6e

Sharing

Copy URL Twitter E-mail

General

Target

b2a2f0a03e042172f950920d2020046ceceb5db5bd94562c6235c265c385bd6e
Size

328KB
MD5

de5093c2d93b78110b8c8f2b60a12eeb
SHA1

e393f92d014603bec873eb04f66db765ac8b6cca
SHA256

b2a2f0a03e042172f950920d2020046ceceb5db5bd94562c6235c265c385bd6e
SHA512

1ac17e3da77c736a00a8dd9969defa4c960dd6abc3a4212c2712b99597b8e527b97c59ae291f578bf93d14ff2380d7e361ef16101bcd97cbfe8628167c8f0c55
SSDEEP

6144:mLRQtgKpmjbj890iS+LJvMNBEZfF+nXR70aLYS3WlD:m1QtTOliRlk7O2ya0

Score

N/A

Malware Config

Signatures

Files

b2a2f0a03e042172f950920d2020046ceceb5db5bd94562c6235c265c385bd6e
.exe windows x86

1a61bbb81a442cf80eaffd2d8f8e7e9c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueA
RegCreateKeyA
ControlService
RegDeleteKeyA
InitializeSecurityDescriptor
RegQueryInfoKeyA
RegDeleteValueA
StartServiceA
RegOpenKeyA
RegCloseKey
RegEnumKeyA
OpenSCManagerA
RegEnumKeyExA
GetUserNameA
DeleteService
RegOpenKeyExA
OpenProcessToken
RegCreateKeyExA
SetSecurityDescriptorDacl
RegQueryValueExA
RegSetValueA
AdjustTokenPrivileges
CreateServiceA
RegSetValueExA
OpenServiceA

gdi32

GetTextColor
GetBkColor
Escape
SaveDC
SetRectRgn
SetMapMode
TextOutA
GetBkMode
RestoreDC
CreateEllipticRgnIndirect
FloodFill
SelectObject
DeleteMetaFile
OffsetViewportOrgEx
BitBlt
Polyline

wininet

InternetOpenW
HttpSendRequestW
InternetGetLastResponseInfoW
InternetSetStatusCallbackW
InternetSetFilePointer
InternetConnectW
InternetReadFile
InternetWriteFile

ole32

CoDisconnectObject
CreateStreamOnHGlobal
OleInitialize
OleIsCurrentClipboard
OleRun
CoTaskMemAlloc
CLSIDFromString
CoLockObjectExternal
WriteClassStg

kernel32

InterlockedDecrement
HeapDestroy
Sleep
InitializeCriticalSection
HeapCreate
QueryPerformanceCounter
GetProcessHeap
SetUnhandledExceptionFilter
VirtualQuery
GetCurrentProcess
GetModuleFileNameW
SetFilePointer
GetSystemTimeAsFileTime
GetConsoleMode
FreeEnvironmentStringsW
GetTimeZoneInformation
OpenMutexW
GetEnvironmentStrings
DeleteCriticalSection
TlsGetValue
GetCommandLineW
TerminateProcess
CloseHandle
WriteFile
GetConsoleCP
FlushFileBuffers
GetFileType
GetModuleHandleA
LeaveCriticalSection
SetEnvironmentVariableA
CompareStringA
VirtualAlloc
GetCurrentProcessId
RtlUnwind
SetStdHandle
GetLocaleInfoA
WriteConsoleW
HeapReAlloc
FreeEnvironmentStringsA
GetConsoleOutputCP
GetDateFormatA
CreateFileA
LCMapStringA
SetLastError
HeapAlloc
TlsAlloc
GetProcAddress
ExitProcess
TlsFree
LoadLibraryA
WideCharToMultiByte
RaiseException
GetOEMCP
CompareStringW
GetModuleFileNameA
GetModuleHandleW
LoadLibraryW
IsValidCodePage
VirtualFree
GetVersionExA
WriteConsoleA
HeapSize
GetTimeFormatA
IsDebuggerPresent
GetEnvironmentStringsW
GetStartupInfoA
InterlockedExchange
InterlockedIncrement
EnterCriticalSection
ReadFile
MultiByteToWideChar
UnhandledExceptionFilter
GetStartupInfoW
GetStdHandle
CreateMutexW
LCMapStringW
GetCPInfo
HeapFree
GetTickCount
SetHandleCount
GetCommandLineA
TlsSetValue
GetACP
GetStringTypeA
GetStringTypeW
GetLastError
GetCurrentThreadId

user32

GetKeyState
DestroyCursor
CreateWindowExW
RegisterClassW
MapWindowPoints
GetForegroundWindow
DefWindowProcW
RegisterClassExW
GetWindow
LoadStringW
DispatchMessageW
IsIconic
LoadCursorW
IsWindowEnabled
GetClassLongW
ShowWindow
LoadIconW
DrawFocusRect
DestroyWindow
SetWindowsHookExW
CopyImage
GetCursorPos
SetTimer
MessageBoxW
UpdateWindow
DeferWindowPos
ReleaseDC
DestroyIcon
LoadAcceleratorsW

comctl32

InitCommonControlsEx
ImageList_Draw
ImageList_AddMasked
ImageList_Create

winspool.drv

ord204
OpenPrinterA

Sections

.text
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1a61bbb81a442cf80eaffd2d8f8e7e9c

Headers

File Characteristics

Imports

advapi32

gdi32

wininet

ole32

kernel32

user32

comctl32

winspool.drv

Sections

.text Size: 104KB - Virtual size: 102KB

.rdata Size: 84KB - Virtual size: 81KB

.data Size: 64KB - Virtual size: 76KB

.rsrc Size: 72KB - Virtual size: 71KB

.text
Size: 104KB - Virtual size: 102KB

.rdata
Size: 84KB - Virtual size: 81KB

.data
Size: 64KB - Virtual size: 76KB

.rsrc
Size: 72KB - Virtual size: 71KB