27c79d10900a117d0954fad7ea4dfa883375140af451a6412647dc77d7a24dca

Sharing

Copy URL Twitter E-mail

General

Target

27c79d10900a117d0954fad7ea4dfa883375140af451a6412647dc77d7a24dca
Size

92KB
MD5

9fb0f031e9e49eca71fa86344c4c3ac7
SHA1

bca5858dcafed8696ab677c2648bbb88ae3343b4
SHA256

27c79d10900a117d0954fad7ea4dfa883375140af451a6412647dc77d7a24dca
SHA512

8ba4833222ebf46d60c563ab29d0c512735be5197a1690a9e0ae5e2ccf662654123285910d624f4cf22b55691fee1b47bb12bc3e76e7b5ca0a097a6a97b03332
SSDEEP

1536:rmgm9cjlMRYs6TWhk1toI8qFiKwrOvVDN0BUeeOcUmd:agMRYak1to6FWWV50B9Fs

Score

N/A

Malware Config

Signatures

Files

27c79d10900a117d0954fad7ea4dfa883375140af451a6412647dc77d7a24dca
.exe windows x86

2c6d1cc2a4b54085c05843eefa424e5c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

kernel32

LoadLibraryExA
FreeLibrary
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
HeapReAlloc
VirtualAlloc
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
GetOEMCP
GetCommandLineA
GetCPInfo
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
RtlUnwind
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
HeapAlloc
TlsGetValue
SetLastError
TlsAlloc
HeapFree
ExitProcess
GetVersion
GetStartupInfoA
ExitThread
TlsSetValue
GetCurrentThreadId
CreateThread
lstrlenW
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
GetWindowsDirectoryA
CreateDirectoryA
GetFileAttributesA
SetFileAttributesA
FindFirstFileW
DeleteFileW
FindNextFileW
RemoveDirectoryW
LoadLibraryA
FindFirstFileA
DeleteFileA
FindNextFileA
FindClose
RemoveDirectoryA
Sleep
lstrcpynA
lstrcatA
MoveFileExA
GetProcAddress
CreateFileMappingA
GetLastError
CloseHandle
GetPrivateProfileStringA
lstrcmpA
lstrlenA
lstrcpyA
GetModuleHandleA
SetEvent
CreateEventA
WaitForSingleObject
GlobalAlloc
MultiByteToWideChar
GlobalFree
GetACP

user32

wsprintfA
DispatchMessageA
LoadBitmapA
GetWindowLongA
GetWindowRect
GetDesktopWindow
GetSystemMetrics
MoveWindow
SetForegroundWindow
MessageBoxA
LoadStringA
GetClassNameA
PostMessageA
EnumWindows
DefWindowProcA
GetParent
GetDlgCtrlID
CallWindowProcA
GetDlgItem
GetWindowTextA
SetWindowTextA
SetWindowLongA
EnableWindow
PostQuitMessage
DestroyWindow
SetFocus
InvalidateRect
SendMessageA
LoadIconA
LoadCursorA
RegisterClassExA
CreateWindowExA
ShowWindow
CreateDialogParamA
GetMessageA
TranslateMessage

gdi32

DeleteObject
GetStockObject
SetDIBitsToDevice
GetObjectA
CreatePalette
RealizePalette
SelectPalette

winspool.drv

EnumPrintersA

advapi32

RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryInfoKeyA
RegDeleteKeyA

shell32

SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListW
CommandLineToArgvW

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2c6d1cc2a4b54085c05843eefa424e5c

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

Sections

.text Size: 24KB - Virtual size: 24KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 52KB - Virtual size: 52KB

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 52KB - Virtual size: 52KB