64d0a4b09f0b5ca8468eca2df0c00326add152414dca23e028fadfa7302a65b2

Sharing

Copy URL

Twitter E-mail

General

Target

64d0a4b09f0b5ca8468eca2df0c00326add152414dca23e028fadfa7302a65b2
Size

244KB
MD5

cf164f12ed2851b1ef80b88b7fb16021
SHA1

ec141ca587f88822cc138c2a2835e6eb596c3c3b
SHA256

64d0a4b09f0b5ca8468eca2df0c00326add152414dca23e028fadfa7302a65b2
SHA512

b0155451eec2f877b7de1e3ddaa35035ea0932d0e45429f44a05540fd94ade0f09241e496e23d6ce11977b6735b70ba8933fc7c87810efc6678cf9283e149399
SSDEEP

3072:PZC6QlOTr39Q/YeY/pZYIMyP4Cz4rzxbEgrWNC93M5oLpJeGVTbmELx4dXPnamTP:PM6QAHNmY9My4CKenCkoLptL+5PMq

Score

N/A

Malware Config

Signatures

Files

64d0a4b09f0b5ca8468eca2df0c00326add152414dca23e028fadfa7302a65b2
.exe windows x86

67658a0dbe5917a3c3fc7431e32ede7a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_UP_SYSTEM_ONLY

Imports

kernel32

FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetStdHandle
HeapSize
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameW
WriteFile
HeapCreate
ExitProcess
DeleteCriticalSection
GetFileType
GetStdHandle
SetHandleCount
GetCurrentThreadId
SetLastError
GetModuleHandleW
TlsFree
CreateFileA
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
RtlUnwind
InitializeCriticalSectionAndSpinCount
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
DecodePointer
EncodePointer
GetStartupInfoW
HeapSetInformation
GetCommandLineA
HeapFree
LeaveCriticalSection
EnterCriticalSection
WideCharToMultiByte
RaiseException
SetFilePointer
LCMapStringW
GetStringTypeW
HeapReAlloc
LoadLibraryW
WriteConsoleW
SetEndOfFile
ReadFile
GetCurrentThread
GetLastError
GetCurrentProcess
LocalAlloc
LocalFree
CloseHandle
MultiByteToWideChar
GetProcessHeap
GlobalAlloc
LoadLibraryA
HeapAlloc
lstrcatA
MulDiv
GetVersionExA
lstrlenA
GetModuleFileNameA
lstrcpynA
LoadLibraryExA
GlobalLock
GlobalSize
GlobalUnlock
FormatMessageA
SetPriorityClass
FileTimeToSystemTime
SetSystemTime
FileTimeToLocalFileTime
lstrcpyA
CreateNamedPipeA
ConnectNamedPipe
Sleep
OutputDebugStringA
GetProcAddress
GetModuleHandleA
TlsSetValue
CreateFileW

user32

GetWindowTextW
MoveWindow
IsGUIThread
PostQuitMessage
GetDialogBaseUnits
GetWindowLongA
GetWindowDC
SendMessageA
CloseClipboard
EnumClipboardFormats
GetClipboardData
GetClipboardFormatNameA
OpenClipboard
SetWindowLongA
DestroyWindow
IsDialogMessageA
GetSystemMetrics
SetTimer
EnableWindow
GetWindowTextA
IsDlgButtonChecked
EnableMenuItem
DialogBoxParamA
SetWindowTextA
KillTimer
BeginPaint
EndPaint
GetCursorPos
CreatePopupMenu
TrackPopupMenuEx
DefWindowProcA
LoadIconA
LoadCursorA
RegisterClassA
LoadMenuA
GetSubMenu
LoadAcceleratorsA
CreateWindowExA
GetWindow
ShowWindow
UpdateWindow
TranslateMDISysAccel
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
GetMessageA
DestroyMenu
IsWindow
ArrangeIconicWindows
wsprintfA
DefFrameProcA
GetShellWindow
GetDesktopWindow
GetWindowThreadProcessId
GetDlgItem
GetForegroundWindow
GetTitleBarInfo
GetParent
IsIconic
BringWindowToTop
SetForegroundWindow
GetClientRect
SetWindowPos
GetWindowRect
InvalidateRect
MapWindowPoints
TileWindows
SetMenuDefaultItem
TrackPopupMenu

gdi32

FillRgn
GetStockObject
CreateSolidBrush
DeleteDC
Rectangle
MoveToEx
LineTo
SaveDC
SetMapMode
SetWindowExtEx
Ellipse
SetTextAlign
TextOutA
RestoreDC
SetAbortProc
StartDocA
StartPage
EndPage
EndDoc
CreateCompatibleDC
SelectObject
BitBlt
SetStretchBltMode
StretchBlt
GdiAlphaBlend
GetDeviceCaps
DeleteObject

winspool.drv

ord201
EnumPrintersA

advapi32

OpenProcessToken
DuplicateToken
AllocateAndInitializeSid
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
IsValidSecurityDescriptor
AccessCheck
FreeSid
LookupAccountNameA
GetTokenInformation
SetNamedSecurityInfoA
CreatePrivateObjectSecurity
ImpersonateNamedPipeClient
OpenThreadToken

ole32

CLSIDFromString

netapi32

NetShareGetInfo

winmm

timeSetEvent
timeBeginPeriod
OpenDriver
DrvGetModuleHandle

shlwapi

PathFindExtensionA
wnsprintfA
StrToIntExA
PathFindFileNameA
StrChrA

comctl32

ord17
ImageList_Create

gdiplus

GdipDeletePen
GdipCreatePen1
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipCreateHatchBrush
GdipCreateFromHDC2
GdipDrawRectangleI
GdipDrawEllipseI
GdipFillRectangleI
GdipCloneBrush
GdipDeleteBrush

rasdlg

RasPhonebookDlgA

Sections

.text
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

67658a0dbe5917a3c3fc7431e32ede7a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

ole32

netapi32

winmm

shlwapi

comctl32

gdiplus

rasdlg

Sections

.text Size: 72KB - Virtual size: 72KB

.rdata Size: 120KB - Virtual size: 120KB

.data Size: 5KB - Virtual size: 13KB

.ndata Size: 44KB - Virtual size: 43KB

.rsrc Size: 1024B - Virtual size: 880B

.text
Size: 72KB - Virtual size: 72KB

.rdata
Size: 120KB - Virtual size: 120KB

.data
Size: 5KB - Virtual size: 13KB

.ndata
Size: 44KB - Virtual size: 43KB

.rsrc
Size: 1024B - Virtual size: 880B