0a193194455c4ee6b4dd2eaa85b0543dc5ab1b1ca6ad93556b4c21fa39962a14

Sharing

Copy URL

Twitter E-mail

General

Target

0a193194455c4ee6b4dd2eaa85b0543dc5ab1b1ca6ad93556b4c21fa39962a14
Size

716KB
MD5

9cba5222b0a14e9b0c414ceab84c789a
SHA1

8f5c9a5176572e86803d09d112f6a6be6d6d7515
SHA256

0a193194455c4ee6b4dd2eaa85b0543dc5ab1b1ca6ad93556b4c21fa39962a14
SHA512

3d2152b06cb0a187e77c6c3517b4fb527c13ba4d2a7c71bbfedf17450ed16299743199374fd4c7758401ff19a7731de682032c426d516d1cc59edbd83333b5eb
SSDEEP

12288:t6lh7kPg7R+q/GkbwfBI3MU/1jW0BrPtVhWk0c6NON6Qd5cWnpbzbvcty:G1kPgg66ycCS0BrPtjWkz6NOPd6KTvey

Score

N/A

Malware Config

Signatures

Files

0a193194455c4ee6b4dd2eaa85b0543dc5ab1b1ca6ad93556b4c21fa39962a14
.exe windows x86

55080b82b34494b6be2f25d1e7eb95eb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DestroyWindow
GetWindowRect
EnumWindows
MoveWindow
IsWindowVisible
CascadeWindows
SetWindowTextA
GetNextDlgGroupItem
EnumThreadWindows
MessageBoxExA
IsZoomed
SendDlgItemMessageA
TileWindows
CreateDialogIndirectParamA
GetWindowTextA

gdi32

AngleArc
GetBrushOrgEx
GdiFlush
EndDoc
GdiComment
DeleteEnhMetaFile
DeleteMetaFile
CombineRgn

advapi32

RegisterEventSourceW
RegOverridePredefKey
RegisterEventSourceA
RegNotifyChangeKeyValue
AccessCheck
RegOpenKeyExA
BackupEventLogW
RegQueryValueExA
CloseEventLog
ClearEventLogA

kernel32

WritePrivateProfileSectionA
GetPrivateProfileStructA
WriteProfileStringA
GetModuleHandleA
GetProcAddress
VirtualAllocEx
GetStartupInfoA

winspool.drv

EnumPrinterDriversW
AddPrinterW
AddFormA
GetPrinterDriverW
DeletePrinterConnectionW
AddJobA
AbortPrinter
EnumPrintersW
EnumJobsW
ClosePrinter
GetJobA
EnumPrintProcessorsA
EnumPrinterDriversA

avifil32

AVIFileOpenW
AVIFileGetStream
EditStreamSetInfoW
EditStreamSetInfoA
AVIFileInfoW
AVIStreamInfoA
AVIStreamRelease
AVIStreamOpenFromFileW
AVIFileInfoA
AVIStreamSampleToTime
AVISaveVA

msvfw32

ICSeqCompressFrameStart
GetOpenFileNamePreviewW
DrawDibRealize

usp10

ScriptStringXtoCP
ScriptBreak
ScriptCPtoX
ScriptCacheGetHeight
ScriptGetFontProperties
ScriptStringOut
ScriptStringAnalyse
ScriptItemize
ScriptGetCMap
ScriptApplyLogicalWidth
ScriptStringFree
ScriptJustify
ScriptPlace
ScriptString_pcOutChars

cryptui

CryptUIWizExport
CryptUIWizDigitalSign
CryptUIDlgViewContext
CryptUIWizImport

comdlg32

ReplaceTextA
GetSaveFileNameW
ChooseColorW
ReplaceTextW
ChooseFontW

odbcbcp

ord5

msvcrt

fread
_flushall
fputs
fscanf
_except_handler3
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 692KB - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

55080b82b34494b6be2f25d1e7eb95eb

Headers

File Characteristics

Imports

user32

gdi32

advapi32

kernel32

winspool.drv

avifil32

msvfw32

usp10

cryptui

comdlg32

odbcbcp

msvcrt

Sections

.text Size: 18KB - Virtual size: 18KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 136KB

.rsrc Size: 692KB - Virtual size: 692KB

.text
Size: 18KB - Virtual size: 18KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 136KB

.rsrc
Size: 692KB - Virtual size: 692KB