156c734b2817afebbac8f489b206154cccae619079e95af90b83bd8aca4fb59a

Sharing

Copy URL

Twitter E-mail

General

Target

156c734b2817afebbac8f489b206154cccae619079e95af90b83bd8aca4fb59a
Size

777KB
MD5

f498b490551fb872aded182a378be645
SHA1

4a946d7700af23de8d376061fd8c3a504e08dd14
SHA256

156c734b2817afebbac8f489b206154cccae619079e95af90b83bd8aca4fb59a
SHA512

2aa9f069bd9e7ace1d689031ec6d7e08b2afe71f7b0fe5e0f0b916ca1ff74799590a2feef4e9de5155c48bf83691d307a87bbbed11b4619b25127a588842fb95
SSDEEP

12288:6ztHM/d+Ba5WQUhat0w64lyMvYL8ZxFJC0uMONbwWQsV3v7X4D7vA0lvtwC6/6U7:Nwc53xt0wjJvYLUx1uMOJvj4f9

Score

N/A

Malware Config

Signatures

Files

156c734b2817afebbac8f489b206154cccae619079e95af90b83bd8aca4fb59a
.exe windows x86

effc177519c939f30a040fd6d6e6f578

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
FlushFileBuffers
SetEndOfFile
GetCurrentProcess
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapReAlloc
HeapSize
TerminateProcess
WriteFile
HeapCreate
VirtualFree
IsBadWritePtr
SetUnhandledExceptionFilter
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetTimeFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetLocaleInfoW
SetEnvironmentVariableA
ReadFile
GetOEMCP
GetCPInfo
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
lstrcatA
lstrcmpW
lstrcpyA
GetCurrentThreadId
CloseHandle
GlobalFlags
lstrcmpA
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
GetModuleFileNameA
InterlockedIncrement
InterlockedDecrement
SetLastError
GlobalFree
LoadResource
SizeofResource
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
lstrcpynA
LocalFree
CompareStringW
CompareStringA
PrepareTape
LoadLibraryA
GetProcAddress
FileTimeToLocalFileTime
CreateEventA
LockResource
FindResourceA
GetDateFormatA
GetModuleHandleA
OpenProcess
GetSystemTime
GetVolumeInformationA
CreateFileA
QueryPerformanceCounter
lstrlenA
lstrcmpiA
GetVersion
DeleteCriticalSection
InitializeCriticalSection
GetLastError
RaiseException
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
HeapDestroy
InterlockedExchange

user32

AdjustWindowRectEx
GetClassInfoA
RegisterClassA
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
IsIconic
GetWindowPlacement
CopyRect
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowPos
SetWindowLongA
GetDlgItem
SetWindowsHookExA
CallNextHookEx
DispatchMessageA
GetMenu
PeekMessageA
ValidateRect
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetFocus
GetWindowTextA
SetWindowTextA
GetClassNameA
SendMessageA
MessageBoxA
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
UnhookWindowsHookEx
LoadCursorA
GetSystemMetrics
GetDC
ReleaseDC
PostQuitMessage
DestroyMenu
GetSysColor
GetSysColorBrush
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
UnregisterClassA
GetClientRect
SetForegroundWindow
GetKeyState
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
LoadIconA
MapWindowPoints
PostMessageA

gdi32

SetMapMode
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
DeleteObject
GetDeviceCaps

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

comctl32

ord17

ole32

OleInitialize
OleSetContainedObject
OleUninitialize

oleaut32

VariantInit
VariantClear
VariantChangeType

oleacc

CreateStdAccessibleObject
LresultFromObject

snmpapi

SnmpUtilVarBindListCpy
SnmpUtilVarBindListFree
SnmpUtilVarBindCpy
SnmpUtilPrintOid
SnmpUtilPrintAsnAny
SnmpUtilOidToA
SnmpUtilOidFree
SnmpUtilOidCpy
SnmpUtilOidCmp
SnmpUtilOidAppend
SnmpUtilOctetsNCmp
SnmpUtilOctetsFree
SnmpUtilOctetsCpy
SnmpUtilMemReAlloc
SnmpUtilMemFree
SnmpUtilMemAlloc
SnmpUtilAsnAnyFree
SnmpUtilAsnAnyCpy
SnmpSvcSetLogType
SnmpSvcSetLogLevel
SnmpSvcGetUptime
SnmpUtilVarBindFree

Sections

.text
Size: 457KB - Virtual size: 456KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 157KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

effc177519c939f30a040fd6d6e6f578

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comctl32

ole32

oleaut32

oleacc

snmpapi

Sections

.text Size: 457KB - Virtual size: 456KB

.rdata Size: 147KB - Virtual size: 146KB

.data Size: 15KB - Virtual size: 72KB

.rsrc Size: 157KB - Virtual size: 156KB

.text
Size: 457KB - Virtual size: 456KB

.rdata
Size: 147KB - Virtual size: 146KB

.data
Size: 15KB - Virtual size: 72KB

.rsrc
Size: 157KB - Virtual size: 156KB