07b7567a969fc847197a004a928743ff0ce6386028241915c4583d17cf02c478

Sharing

Copy URL Twitter E-mail

General

Target

07b7567a969fc847197a004a928743ff0ce6386028241915c4583d17cf02c478
Size

268KB
MD5

246995df33d74744ed7c5f15cc9c5882
SHA1

0987a27575d2f0630d9441809f5ae222030db35b
SHA256

07b7567a969fc847197a004a928743ff0ce6386028241915c4583d17cf02c478
SHA512

309f74632a81a09230ba1fa49a1c9ff774dc8ad63eb13d862f935429168a2a089ef61498abeb0d6db089e5f793d21592e3d92d4ec92f1b2e1112cd76dc32f14c
SSDEEP

6144:spVXfNChLAgfUyB8HHkI2nFmJE0FsP4y7Equ9RUF0mH:iVfNChL1n1I2Fqubxu9Pm

Score

N/A

Malware Config

Signatures

Files

07b7567a969fc847197a004a928743ff0ce6386028241915c4583d17cf02c478
.exe windows x86

f26dfc03f2121e99284bbe05ce7ca0e1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

newdev

UpdateDriverForPlugAndPlayDevicesW

kernel32

ExitProcess
TerminateProcess
RtlUnwind
GetStartupInfoW
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
HeapFree
UnhandledExceptionFilter
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
HeapDestroy
FreeEnvironmentStringsW
VirtualFree
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
SetUnhandledExceptionFilter
GetCPInfo
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetACP
GetOEMCP
CloseHandle
GetModuleFileNameW
GlobalLock
lstrcmpW
GlobalAlloc
GlobalDeleteAtom
lstrlenW
WideCharToMultiByte
GetCurrentThread
GetCurrentThreadId
GetLastError
FormatMessageW
LocalFree
WriteFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
SetErrorMode
GetProcessVersion
SetLastError
WritePrivateProfileStringW
MulDiv
GlobalFlags
lstrcmpiW
LocalReAlloc
lstrcpynW
TlsGetValue
GlobalReAlloc
TlsSetValue
EnterCriticalSection
GlobalHandle
LeaveCriticalSection
TlsFree
InitializeCriticalSection
DeleteCriticalSection
TlsAlloc
LoadLibraryA
LocalAlloc
GetModuleHandleA
lstrcatW
FreeLibrary
GetVersion
lstrcpyW
GlobalAddAtomW
GlobalFindAtomW
InterlockedDecrement
GetModuleHandleW
GetProcAddress
MultiByteToWideChar
InterlockedIncrement
lstrlenA
LockResource
GlobalUnlock
GlobalFree
FindResourceW
LoadResource
VirtualAlloc
IsBadWritePtr
GetEnvironmentVariableA
GetVersionExA
HeapCreate

user32

UpdateWindow
LoadIconW
SendDlgItemMessageA
MapWindowPoints
GetClassNameW
ClientToScreen
PtInRect
TabbedTextOutW
DrawTextW
GrayStringW
LoadCursorW
GetSysColorBrush
LoadStringW
DestroyMenu
GetTopWindow
GetCapture
WinHelpW
wsprintfW
GetClassInfoW
RegisterClassW
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
DefWindowProcW
CreateWindowExW
SetPropW
UnhookWindowsHookEx
GetPropW
CallWindowProcW
RemovePropW
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
SystemParametersInfoW
GetSysColor
IsIconic
AdjustWindowRectEx
SetFocus
ShowWindow
SetWindowPos
SetWindowLongW
GetDlgCtrlID
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
IsDialogMessageW
SendDlgItemMessageW
CopyRect
GetClientRect
GetDC
ReleaseDC
EndDialog
SetActiveWindow
IsWindow
GetSystemMetrics
CreateDialogIndirectParamW
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapW
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageW
GetCursorPos
SetWindowsHookExW
GetParent
GetLastActivePopup
GetWindow
RegisterWindowMessageW
IsWindowEnabled
GetWindowLongW
MessageBoxW
SetCursor
PostMessageW
PostQuitMessage
EnableWindow
SendMessageW
SetTimer
GetWindowPlacement
GetWindowRect
UnregisterClassW

gdi32

SetBkColor
DeleteDC
DeleteObject
RestoreDC
SelectObject
SaveDC
GetStockObject
SetViewportOrgEx
OffsetViewportOrgEx
SetMapMode
ScaleViewportExtEx
SetViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
GetDeviceCaps
PtVisible
RectVisible
ExtTextOutW
Escape
TextOutW
SetTextColor
GetObjectW
CreateBitmap

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW

comctl32

ord17

setupapi

SetupDiGetINFClassW
SetupFindFirstLineW
SetupGetStringFieldW
SetupDiClassGuidsFromNameW
SetupFindNextLine
SetupGetFieldCount
SetupOpenInfFileW
SetupDiDestroyDeviceInfoList
SetupDiCreateDeviceInfoList
SetupDiSetDeviceRegistryPropertyW
SetupDiCreateDeviceInfoW
SetupDiCallClassInstaller
SetupCloseInfFile

Sections

.text
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PACK
Size: 144KB - Virtual size: 380KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f26dfc03f2121e99284bbe05ce7ca0e1

Headers

File Characteristics

Imports

newdev

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

setupapi

Sections

.text Size: 76KB - Virtual size: 72KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 20KB - Virtual size: 31KB

.rsrc Size: 4KB - Virtual size: 448B

PACK Size: 144KB - Virtual size: 380KB

.text
Size: 76KB - Virtual size: 72KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 20KB - Virtual size: 31KB

.rsrc
Size: 4KB - Virtual size: 448B

PACK
Size: 144KB - Virtual size: 380KB