89449048c26e55260368ad62591d10b3a39025976809f52e139c6f09ed51f6c3

Sharing

Copy URL

Twitter E-mail

General

Target

89449048c26e55260368ad62591d10b3a39025976809f52e139c6f09ed51f6c3
Size

254KB
MD5

3d0bf6404492f810c28ab00883017fa6
SHA1

22c73f60822883553e6e566246e62ab9931b44a7
SHA256

89449048c26e55260368ad62591d10b3a39025976809f52e139c6f09ed51f6c3
SHA512

a7de5b5c09748754380cac3a76dda3f2661e7c01f3e31e5eb0c098b4d4e5f1ffe422be60a6eaa3b38dff73c074534ad1d7742937f1574c4dcef5f3dae903d37f
SSDEEP

6144:R2gFzYOVUgVw+5wtAmsSpkZoKPNw8ZOz/7brjdjOc8oZUYu+:R5+OVUgJa30+n/jdjCRF+

Score

N/A

Malware Config

Signatures

Files

89449048c26e55260368ad62591d10b3a39025976809f52e139c6f09ed51f6c3
.zip
Details.Pdf_____________________________________________________________.exe
.exe windows x86

5e0b56bc4ddbcaef258a0f2825e58165

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableA
CompareStringW
HeapSize
ReadFile
GetProcessHeap
SetEndOfFile
CreateFileW
GetStringTypeW
LCMapStringW
LoadLibraryW
HeapReAlloc
IsValidCodePage
GetOEMCP
GetACP
SetStdHandle
SetFilePointer
MultiByteToWideChar
WriteConsoleW
GetCPInfo
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
ExitProcess
IsProcessorFeaturePresent
GetProcAddress
_lclose
InterlockedDecrement
GetCurrentThreadId
SetLastError
GetModuleHandleW
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
Sleep
RtlUnwind
GetFileType
GetStdHandle
SetHandleCount
EnterCriticalSection
SystemTimeToFileTime
LocalFileTimeToFileTime
GetVersion
CreateFileA
SetFileTime
CloseHandle
GetCurrentProcess
GetTimeZoneInformation
SetTimeZoneInformation
GetSystemTime
GetLastError
HeapCreate
HeapAlloc
GetUserDefaultLCID
_lopen
LocalLock
GetTickCount
_lwrite
LocalUnlock
GetConsoleWindow
GlobalAlloc
GlobalLock
GlobalUnlock
lstrlenA
GetVolumeNameForVolumeMountPointW
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
FlushFileBuffers
GetConsoleMode
GetConsoleCP
WriteFile
WideCharToMultiByte
TerminateProcess
DecodePointer
EncodePointer
GetProfileIntA
WriteProfileStringA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapFree
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GetSystemTimeAsFileTime
GetProfileStringA
LoadLibraryA

user32

SetMenu
CreatePopupMenu
AppendMenuA
SetMenuItemBitmaps
CheckMenuItem
CreateMenu
PostQuitMessage
EndDialog
DestroyWindow
GetKeyNameTextA
wsprintfA
EndPaint
BeginPaint
SetCursor
SendDlgItemMessageA
GetDlgItemTextA
SetClipboardViewer
MessageBoxA
DrawTextA
DestroyMenu
GetKeyState
GetKeyboardState
ToAsciiEx
CallNextHookEx
GetMonitorInfoA
GetDlgItem
GetClientRect
GetWindowTextLengthA
SendMessageA
UpdateWindow
SetFocus
GetSystemMenu
DeleteMenu
DrawMenuBar
GetDC
ReleaseDC
InvalidateRect
LoadBitmapA
CreateWindowExA
DefWindowProcA
SetRectEmpty
PtInRect
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
FindWindowA
FindWindowExA
IsWindowVisible
GetWindowTextA
SetWindowTextA

gdi32

SetTextColor
CreateSolidBrush
SelectObject
GetTextExtentPointA
DeleteObject
CreateCompatibleDC
GetMapMode
SetMapMode
GetObjectA
DPtoLP
BitBlt
DeleteDC
TextOutA
SetBkColor
GetStockObject
MoveToEx
LineTo
SetBkMode

advapi32

OpenProcessToken
RegSetValueExA
RegCreateKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
RegCloseKey

shell32

SHGetFolderPathW

ole32

OleInitialize
CLSIDFromProgID
CoCreateInstance
OleUninitialize
CoInitialize
CLSIDFromString

oleaut32

VariantInit
OleTranslateColor

avicap32

capCreateCaptureWindowW

msacm32

acmDriverOpen
acmDriverDetailsA
acmFormatTagDetailsA
acmDriverClose
acmMetrics
acmFormatChooseA

shlwapi

PathRemoveFileSpecW
PathAddBackslashW
PathRemoveBackslashW
StrDupA

comctl32

ImageList_Create
ord17
ImageList_Add

gdiplus

GdipAlloc
GdipDeleteGraphics
GdipLoadImageFromFile
GdipDisposeImage
GdipCloneImage
GdipFree
GdipCreateFromHWND

Sections

.text
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 209KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e0b56bc4ddbcaef258a0f2825e58165

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

avicap32

msacm32

shlwapi

comctl32

gdiplus

Sections

.text Size: 66KB - Virtual size: 65KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 209KB - Virtual size: 217KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 7KB - Virtual size: 78KB

.text
Size: 66KB - Virtual size: 65KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 209KB - Virtual size: 217KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 7KB - Virtual size: 78KB