7f05c3f2a54dccc852a72b23d2d8219d1edb19a4c20729926cd749737f4d0742

Sharing

Copy URL Twitter E-mail

General

Target

7f05c3f2a54dccc852a72b23d2d8219d1edb19a4c20729926cd749737f4d0742
Size

621KB
MD5

c863dd9dc1d33e039a0c362b72003222
SHA1

44fb531687235d4196aea5b3ec5d52a9c863e35c
SHA256

7f05c3f2a54dccc852a72b23d2d8219d1edb19a4c20729926cd749737f4d0742
SHA512

e317aceea366484c0702797584ee1749b718e711d4fb86300226b1d95eadcd083253c49e276f8d3649e356ef6ad75c4edab993e25d4fb2f61e85f9ebb8b7e7f1
SSDEEP

12288:wqwQm+ro7QsGqL/OPwcutVrYVjrzmJy45b/NtTiG4:wum7Ew9T0KyA/N4G4

Score

N/A

Malware Config

Signatures

Files

7f05c3f2a54dccc852a72b23d2d8219d1edb19a4c20729926cd749737f4d0742
.exe windows x86

6f1f82771978457e8d23e161057564d2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Beep
UnregisterWait
InterlockedExchangeAdd
SetDefaultCommConfigW
GetLongPathNameA
GetPrivateProfileIntA
FindNextChangeNotification
GetCommModemStatus
CreateJobObjectA
ReadFile
MapViewOfFileEx
GetFileAttributesExW
CreateFileMappingA
GetThreadLocale
CallNamedPipeA
GetTapePosition
GetCurrentConsoleFont
_hwrite
GetProcessAffinityMask
ConnectNamedPipe
IsValidLocale
ReadConsoleOutputW
GlobalHandle
HeapCompact
_lwrite
SetConsoleMenuClose
GetFileType
GlobalAlloc
ReadConsoleA
FindCloseChangeNotification
FindNextVolumeA
GetConsoleCursorInfo
OpenProfileUserMapping
GetCurrentThread
WaitForSingleObjectEx
CompareFileTime
ReadConsoleOutputA
GetConsoleKeyboardLayoutNameA
IsBadCodePtr
CloseProfileUserMapping
SetCalendarInfoA
ReadFileEx
GetProcAddress
GetHandleInformation
GetSystemTime
GlobalUnWire
OpenSemaphoreW
CallNamedPipeW
GetNextVDMCommand
GetProcessVersion
DisconnectNamedPipe
CreatePipe
EnumCalendarInfoW
GetDiskFreeSpaceW
GetVersion
GetPrivateProfileSectionNamesA
InterlockedCompareExchange
SetVolumeMountPointA
GetCommState
PulseEvent
GetConsoleKeyboardLayoutNameW
SetFilePointerEx
FindFirstFileExA
WriteFile
GetFileAttributesA
GetLargestConsoleWindowSize
CloseConsoleHandle
GetModuleHandleA
DefineDosDeviceW
lstrcatA
FreeLibrary
LCMapStringW
CreateHardLinkA
SetLocaleInfoA
GetConsoleAliasExesLengthA
VerLanguageNameW
GetFullPathNameA
FreeLibraryAndExitThread
SetLocalTime
GetLocalTime
VerLanguageNameA
FindResourceExA
FindAtomW
ScrollConsoleScreenBufferA
GetNamedPipeHandleStateW
EnumTimeFormatsA
ExpandEnvironmentStringsW
IsBadWritePtr
VerifyConsoleIoHandle
IsBadStringPtrW
GetPrivateProfileStructA
AssignProcessToJobObject
GetProfileIntW
FileTimeToDosDateTime
OpenFileMappingW
SetConsoleCtrlHandler
OpenJobObjectA
ChangeTimerQueueTimer
GetConsoleCommandHistoryW
CreateNamedPipeW
_llseek
SetCommTimeouts
ShowConsoleCursor
LoadLibraryA
VirtualAlloc
AddAtomW

user32

GetThreadDesktop
GetInputDesktop
SetWindowPlacement
GetMenuItemID
IsCharLowerW
ScreenToClient
CreateDesktopA
GetMessageW
DefMDIChildProcA
GetAncestor
RegisterHotKey
InsertMenuW
GetWindowTextW
OemKeyScan
DdeClientTransaction
ChildWindowFromPoint
WINNLSGetEnableStatus
UpdateLayeredWindow
IsWindowVisible
DefFrameProcW
MenuItemFromPoint
GetClassLongW
FlashWindow
DdeAbandonTransaction
IsCharAlphaA
MapVirtualKeyW
DdeCmpStringHandles
GetFocus
EnableMenuItem
GetCursorPos
GetMessageTime
GetMenuItemInfoA
GetClassNameW
SetWindowTextA
UnregisterClassA
SetKeyboardState
SetWindowLongW
LoadMenuIndirectW
GetCapture
DragObject
CallMsgFilterW
CreateWindowStationW
GetClipboardViewer
DeleteMenu
HiliteMenuItem

gdi32

SelectPalette
GetObjectType
GetTextExtentPointW
GdiPlayJournal
GetDCBrushColor
CreateCompatibleBitmap
GetRandomRgn
SetBitmapDimensionEx
SetViewportExtEx
SetPixelV
UpdateICMRegKeyW
DescribePixelFormat
GdiResetDCEMF
GetFontData
BitBlt
RealizePalette
CombineRgn
GetGraphicsMode
PolyTextOutW
SetGraphicsMode
ScaleWindowExtEx
GetMetaFileA
GetDCOrgEx
GdiEndPageEMF
GetICMProfileA
GetViewportExtEx
WidenPath
SetTextJustification
LineDDA
SetBkColor
AddFontResourceExW
EnumFontsW
SetTextColor
SelectObject
SetPixelFormat
GetObjectA
StretchBlt
EndPage
RemoveFontResourceA
PlayEnhMetaFileRecord
CreateCompatibleDC
DeleteDC
Polyline
EndDoc
IntersectClipRect
GdiStartDocEMF
PolylineTo
EndFormPage
CancelDC
CreateRectRgnIndirect
CombineTransform
CreateDIBSection
GetRgnBox
CreateDIBPatternBrushPt
SetArcDirection
GetTextExtentPoint32W
GetCharABCWidthsW
UpdateICMRegKeyA
ColorMatchToTarget
DeleteObject
GetStockObject
GetTextExtentExPointI
EnumFontFamiliesExA
CreateHalftonePalette
ResetDCW
AddFontResourceW
OffsetRgn
LineTo
CreateFontIndirectW

advapi32

RegGetKeySecurity
LsaEnumeratePrivileges
LsaFreeMemory
OpenSCManagerA
RegEnumKeyW
LsaSetTrustedDomainInformation
EnumServiceGroupW
GetMultipleTrusteeW
GetPrivateObjectSecurity
ImpersonateNamedPipeClient
LookupPrivilegeValueA
GetMultipleTrusteeOperationA
RegQueryInfoKeyA
SystemFunction027
AddAce
ReadEventLogW
SystemFunction022
ChangeServiceConfigW
GetSidLengthRequired
EnumDependentServicesW
LookupSecurityDescriptorPartsA
GetSecurityInfoExA
SetFileSecurityW
RegOpenKeyW
QueryServiceLockStatusA
ElfDeregisterEventSource
SetNamedSecurityInfoExW
AddAccessDeniedObjectAce
CreateRestrictedToken
ReportEventA

version

VerFindFileA
GetFileVersionInfoSizeA
VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoA
VerFindFileW
GetFileVersionInfoW
VerInstallFileW
VerQueryValueA

opengl32

glRasterPos3s
glFogfv
glPopMatrix
wglRealizeLayerPalette
glIndexsv
wglMakeCurrent
wglDeleteContext
glPointSize
glTexCoord1i
glGetPixelMapuiv
wglCreateContext

winspool.drv

GetPrinterDataA
PrinterMessageBoxW
AddJobA
EnumPrinterKeyA
StartDocDlgA
OpenPrinterA
FindClosePrinterChangeNotification
SetPortA
AddPrintProcessorW
DeviceCapabilitiesA
ord213
DeletePrinterConnectionA
EndPagePrinter
XcvDataW
CreatePrinterIC
EnumPrintersA
AbortPrinter
DeletePrintProcessorW
DeleteFormA
DocumentPropertiesA
DeletePrinterIC
SpoolerDevQueryPrintW
SetJobA
ord202
EnumFormsW
AddPrinterDriverExW
EnumFormsA
ord214
AddPrinterA
ClosePrinter
GetFormW
QueryColorProfile
AddPrinterDriverA

msvcrt

_finite
_mbscoll
_mbsset
_mbsspn
_mbsnbcmp
fprintf
__CxxLongjmpUnwind
_fdopen
_wchdir
iswalpha
_wstati64
_mbsdup
_EH_prolog
vswprintf
_mbcjistojms
isleadbyte
_spawnv
_CIasin
_futime
_logb
__argv
strcat
strcmp
_rmtmp
vprintf
_wrename
_mbsnbicmp
__crtLCMapStringA
fwprintf
swscanf
_unlink
_snprintf
_CIlog
_vsnwprintf
feof
_setmbcp
ferror
_eof
fopen
_wcsnset
_wfreopen
_findfirst
_fcloseall
_inp
fclose
fwrite
_wstat
_abnormal_termination
_mbscmp
_wremove
_flsbuf
sprintf
_setjmp
_getdrive
atan2
__iscsym
_pctype
_y1
__p__pgmptr
signal
_ismbcpunct
fputs
_longjmpex
_wexecle
_sys_errlist
_mbctohira
_execlp
puts
rewind
__lconv_init
exp
islower
_msize
_XcptFilter
fwscanf
fread
system
_endthread
_rmdir
_except_handler2
wcscoll
_mbsncmp
_adj_fdiv_m32
__p__fileinfo
__p___winitenv
difftime
_mbsnbcoll
__dllonexit
_execv
strlen
printf
abs
vfprintf
vwprintf
atan
_read
qsort
fputc
wcscspn
_mkdir
_aexit_rtn
_mbctokata
__p__tzname
_wrmdir
memset
_iob
fgetpos
_memccpy
_set_sbh_threshold
fsetpos
_wspawnlpe
_umask
ftell
__lc_handle
_atoldbl
_mbsncoll
ungetc
fseek
labs
_seh_longjmp_unwind
_scalb
bsearch

Sections

.text
Size: 596KB - Virtual size: 593KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6f1f82771978457e8d23e161057564d2

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

version

opengl32

winspool.drv

msvcrt

Sections

.text Size: 596KB - Virtual size: 593KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 8KB - Virtual size: 7KB

.text
Size: 596KB - Virtual size: 593KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 8KB - Virtual size: 7KB