b7b962950ac91a376e058147d35d4f455b46b4d120e374618141cb0cb8a21a67

Sharing

Copy URL Twitter E-mail

General

Target

b7b962950ac91a376e058147d35d4f455b46b4d120e374618141cb0cb8a21a67
Size

1024KB
MD5

639402217b9f7362a9adb2d9f38ea040
SHA1

4b4f9a00ffe887e8195c9b13ccdcab8f3c417a84
SHA256

b7b962950ac91a376e058147d35d4f455b46b4d120e374618141cb0cb8a21a67
SHA512

f9c0cc78bb454a23493afb7f89de51c2d7eb146f3713ad6d75ebedd1f249cbc288a746f61b24a21321b5441dee23dd248e9c525939a1f23f726b102040d51467
SSDEEP

12288:bFDyT/xLQdjUZ9Cu773BoWz2eHMFD/b6opkDf9ZVGZrSzE0p1h11:bFg/adIbz/JeFaeSg09T

Score

N/A

Malware Config

Signatures

Files

b7b962950ac91a376e058147d35d4f455b46b4d120e374618141cb0cb8a21a67
.exe windows x86

10ea0b984c2ff01de899ca1357acb6b8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoW
RtlUnwind
ExitProcess
HeapFree
HeapAlloc
HeapReAlloc
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
IsBadWritePtr
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadCodePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetTickCount
GetFileTime
SetErrorMode
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
WritePrivateProfileStringW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
GlobalFlags
lstrcmpiW
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetCurrentThread
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
GetLocaleInfoW
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
lstrlenA
GetModuleHandleA
lstrcatW
lstrcmpW
GetModuleHandleW
GetVersionExA
InterlockedDecrement
SetLastError
MulDiv
lstrcpyW
lstrlenW
GlobalAlloc
FormatMessageW
lstrcpynW
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
GetTimeZoneInformation
GetFileAttributesExW
SetFileAttributesW
GetFileAttributesW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetCurrentDirectoryW
FlushFileBuffers
WriteFile
LocalFree
LoadLibraryW
GetVersionExW
GetUserDefaultLangID
CreateFileW
GetFileSize
SetFilePointer
ReadFile
DeleteFileW
MoveFileW
CreateProcessW
Sleep
TerminateProcess
LoadLibraryA
GetProcAddress
OpenProcess
CloseHandle
FreeLibrary
GetTempPathW
CopyFileW
GetModuleFileNameW
FindFirstFileW
FindNextFileW
FindClose
CreateDirectoryW
RemoveDirectoryW
FileTimeToLocalFileTime
GetLastError
FileTimeToSystemTime
GetSystemTime
SystemTimeToFileTime
MultiByteToWideChar
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
HeapDestroy
SizeofResource

user32

MessageBeep
GetNextDlgGroupItem
InvalidateRgn
InvalidateRect
CopyAcceleratorTableW
SetRect
IsRectEmpty
CharNextW
CharUpperW
ReleaseCapture
SetCapture
DestroyMenu
LoadCursorW
GetSysColorBrush
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
SetWindowContextHelpId
MapDialogRect
GetMessageW
TranslateMessage
GetCursorPos
ValidateRect
SetCursor
PostQuitMessage
SetMenuItemBitmaps
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapW
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
RegisterWindowMessageW
WinHelpW
GetCapture
CreateWindowExW
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SendDlgItemMessageW
SendDlgItemMessageA
GetFocus
IsChild
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
MessageBoxW
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetClientRect
GetMenu
PostMessageW
GetSysColor
AdjustWindowRectEx
EqualRect
GetClassInfoW
RegisterClassW
UnregisterClassW
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowLongW
SetWindowPos
OffsetRect
IntersectRect
PostThreadMessageW
RegisterClipboardFormatW
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
CopyRect
PtInRect
wsprintfW
GetWindowTextLengthW
GetWindowTextW
GetWindow
SetFocus
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetDesktopWindow
GetActiveWindow
SetActiveWindow
GetSystemMetrics
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetWindowLongW
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
EnableWindow
LoadIconW
SendMessageW
GetClassInfoExW

gdi32

Escape
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
GetMapMode
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject
GetStockObject
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetDeviceCaps
SetMapMode
RestoreDC
SaveDC
CreateBitmap
GetObjectW
SetBkColor
SetTextColor
GetClipBox
SelectObject

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegCloseKey
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
RegOpenKeyW
RegQueryValueExW
RegOpenKeyExW
RegEnumKeyW
RegQueryValueW
RegDeleteKeyW

shell32

SHChangeNotify

comctl32

ord17

shlwapi

PathFindExtensionW
PathFindFileNameW
PathStripToRootW
SHDeleteKeyW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CoGetClassObject
CLSIDFromString
CLSIDFromProgID
StgOpenStorageOnILockBytes
CoTaskMemFree
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoTaskMemAlloc
CoFreeUnusedLibraries

oleaut32

OleCreateFontIndirect
SysAllocString
SystemTimeToVariantTime
SafeArrayDestroy
VariantCopy
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysStringLen
SysFreeString

Sections

.text
Size: 200KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 124KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 616KB - Virtual size: 614KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.trdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

10ea0b984c2ff01de899ca1357acb6b8

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 200KB - Virtual size: 196KB

.rdata Size: 124KB - Virtual size: 120KB

.data Size: 12KB - Virtual size: 25KB

.rsrc Size: 616KB - Virtual size: 614KB

.trdata Size: 68KB - Virtual size: 68KB

.text
Size: 200KB - Virtual size: 196KB

.rdata
Size: 124KB - Virtual size: 120KB

.data
Size: 12KB - Virtual size: 25KB

.rsrc
Size: 616KB - Virtual size: 614KB

.trdata
Size: 68KB - Virtual size: 68KB