d84ca3c3ddcd4b76aeeca50c57bdfa3d24d43d4431c8104ad7acba291e6b5554

Sharing

Copy URL Twitter E-mail

General

Target

d84ca3c3ddcd4b76aeeca50c57bdfa3d24d43d4431c8104ad7acba291e6b5554
Size

340KB
MD5

da8a8456ea9c87b57ea4e191896dd77e
SHA1

4453326dd76c4ff8e6321d7b28e1646cf691546e
SHA256

d84ca3c3ddcd4b76aeeca50c57bdfa3d24d43d4431c8104ad7acba291e6b5554
SHA512

47e6de1e54957496e1ec3c9b73cba854d4f0aefeb4db9fd0bd411ad75d95798698cbd93bc1d1feceed9564380ef54ea1e5e30b6ff39c8068c0990f65cb7eb8a3
SSDEEP

6144:tHnZ+OwgkUfyNDFpfgEBvmpw41E7VTcQV0N3bfTu1+QQ3Gx6nzNUObBYoP0cqBVp:tHZOPYO8hE7VTw4+Q9xexU8Bec0Dq2

Score

N/A

Malware Config

Signatures

Files

d84ca3c3ddcd4b76aeeca50c57bdfa3d24d43d4431c8104ad7acba291e6b5554
.exe windows x86

1837b8dcb3c677fdf2b78bcbc91965b5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetWindowTextA
LoadIconA
DispatchMessageA
CreateWindowExA
TranslateMessage
SetClipboardData
GetClipboardData
SetSysColors
GetDlgItemTextA
IsDialogMessageA
GetClientRect
DestroyWindow
ShowOwnedPopups
GetSysColor
CascadeWindows
SetDlgItemInt
MessageBoxExA
CreateDialogParamA
GetTopWindow

gdi32

GetStockObject
EndPage
CreateSolidBrush
GetAspectRatioFilterEx
ExtSelectClipRgn
CombineRgn
CopyEnhMetaFileW
ExtFloodFill
BitBlt
DescribePixelFormat
CreateFontW
CreateDCA
GdiGetBatchLimit

advapi32

AdjustTokenPrivileges
OpenThreadToken
CloseEventLog
DeregisterEventSource
GetTokenInformation
OpenEventLogA
AccessCheck
RegFlushKey

shlwapi

PathCommonPrefixA
SHRegGetUSValueA
SHGetValueW
StrStrA
PathCompactPathExW
PathRenameExtensionW
PathIsUNCServerA
PathSetDlgItemPathA
PathRemoveBlanksA
PathMakeSystemFolderA
StrSpnW
PathSkipRootA
PathUnquoteSpacesA
PathIsDirectoryW
StrRStrIA

kernel32

VirtualAllocEx
IsBadReadPtr
GlobalFree
GetCPInfoExA
GetTimeFormatA
IsBadStringPtrA
HeapAlloc
DeleteCriticalSection
ReleaseSemaphore
GetACP
GetStartupInfoA
GetProfileIntA
GetPrivateProfileSectionNamesA
GetProcAddress
TlsGetValue
GetStdHandle
LCMapStringA
GetModuleHandleA
GetProfileSectionA
VerLanguageNameA

version

VerFindFileA
VerInstallFileA
GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

winspool.drv

AdvancedDocumentPropertiesA
EnumPrinterDriversA
DeletePrinterDriverW
DeletePrinterDataA
AddPrinterA
AddPrinterConnectionA
ConfigurePortA
DeletePrinterDriverExW
ClosePrinter
SetJobA
SetPrinterA
SetPrinterW

secur32

ApplyControlToken
FreeCredentialsHandle
DeleteSecurityContext
CompleteAuthToken
DecryptMessage
AcceptSecurityContext
VerifySignature
EncryptMessage
MakeSignature
ExportSecurityContext

netapi32

NetConfigGetAll
NetAuditWrite
NetConnectionEnum
NetGroupAddUser
NetGetDCName
NetFileEnum
NetConfigGet
NetErrorLogWrite
NetConfigSet
NetErrorLogClear
NetMessageNameAdd
NetAuditClear
NetErrorLogRead

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 314KB - Virtual size: 419KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1837b8dcb3c677fdf2b78bcbc91965b5

Headers

File Characteristics

Imports

user32

gdi32

advapi32

shlwapi

kernel32

version

winspool.drv

secur32

netapi32

msvcrt

Sections

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 314KB - Virtual size: 419KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 314KB - Virtual size: 419KB

.rsrc
Size: 4KB - Virtual size: 3KB