c849ff5ddc4a64e4bef798f1ba4757be16a7b4c01fb5fc4157650ac9d1ef9073

Sharing

Copy URL Twitter E-mail

General

Target

c849ff5ddc4a64e4bef798f1ba4757be16a7b4c01fb5fc4157650ac9d1ef9073
Size

340KB
MD5

63e9df9d561bfbbe485f197ee58ef89f
SHA1

f3e2fab5c8322ec6ed0ee660bb7455208f99afd4
SHA256

c849ff5ddc4a64e4bef798f1ba4757be16a7b4c01fb5fc4157650ac9d1ef9073
SHA512

08563eaf845c91006026841edb1a6ec29725bdea2f1c05fc5367771c967936f22cb5b7ae3c3db55314d978c139dedb91a39ce97c1915b49ef0880d484f3fc6b0
SSDEEP

3072:RsCu/DgDtQgfVZ3DcjKSOiaik31o8dkaXQ81qgDio+7an0fAo9IueyYyg0my9ZCU:RsJb90MiVH38GZqgDiof0f/Y9OKHSzm

Score

N/A

Malware Config

Signatures

Files

c849ff5ddc4a64e4bef798f1ba4757be16a7b4c01fb5fc4157650ac9d1ef9073
.exe windows x86

5b6bdd99e332e30032a5169e345d5dc7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsSetValue
LocalReAlloc
GlobalAlloc
TlsGetValue
GetModuleHandleA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
LockResource
LoadResource
FindResourceA
FreeLibrary
GlobalReAlloc
MulDiv
GlobalFree
GlobalHandle
GetOEMCP
HeapFree
RtlUnwind
HeapAlloc
GetProcessVersion
GlobalFlags
GetCommandLineA
ExitProcess
SetStdHandle
GetFileType
GetCPInfo
GetACP
GetVersion
lstrcpynA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
lstrcmpiA
LocalFree
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedIncrement
ExpandEnvironmentStringsA
TlsAlloc
LocalAlloc
FileTimeToLocalFileTime
lstrcatA
GlobalUnlock
FileTimeToSystemTime
GlobalLock
SetLastError
GetCurrentThreadId
EnterCriticalSection
InitializeCriticalSection
LeaveCriticalSection
DeleteCriticalSection
lstrcmpA
GetVolumeInformationA
GetFullPathNameA
GetProcAddress
lstrcpyA
LoadLibraryA
SetEndOfFile
FlushFileBuffers
UnlockFile
LockFile
ReadFile
SetFilePointer
WriteFile
SetFileAttributesA
GetCurrentProcess
DuplicateHandle
CloseHandle
CreateFileA
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetLastError
GetFileTime
FindFirstFileA
FindClose
GetTickCount
GetFileSize
GetFileAttributesA
HeapSize
HeapReAlloc
InterlockedDecrement
TerminateProcess
RaiseException
GetStartupInfoA
GetTimeZoneInformation

user32

GetDC
GetClassNameA
PtInRect
ClientToScreen
PostQuitMessage
DestroyMenu
TabbedTextOutA
DrawTextA
GrayStringA
CreateDialogIndirectParamA
EndDialog
GetClientRect
CopyRect
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetDlgCtrlID
DefWindowProcA
DestroyWindow
CreateWindowExA
GetClassLongA
LoadCursorA
CallWindowProcA
RemovePropA
ReleaseDC
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
PostThreadMessageA
GetWindowTextA
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
PeekMessageA
SetWindowsHookExA
UnhookWindowsHookEx
LoadStringA
GetSystemMetrics
ShowWindow
SetWindowTextA
IsDialogMessageA
CharUpperA
RegisterClipboardFormatA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
SendMessageA
EnableWindow
MessageBoxA
GetMessageTime
GetSysColorBrush
GetMessagePos
UpdateWindow
LoadIconA
PostMessageA
GetSysColor
SendDlgItemMessageA
MapWindowPoints
SetFocus
SetActiveWindow
IsWindow
AdjustWindowRectEx
SetPropA
GetPropA
SetWindowPos
GetMenu

ole32

OleIsCurrentClipboard
OleFlushClipboard
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoRevokeClassObject
CoRegisterMessageFilter
CoUninitialize
CoInitializeEx
CoInitializeSecurity
CoCreateInstance

oleaut32

VariantClear
SysStringLen
SysAllocString
SysFreeString
SysAllocStringLen

comctl32

ord17

oledlg

ord8

gdi32

SaveDC
DeleteDC
GetDeviceCaps
GetObjectA
SetBkColor
SetTextColor
GetClipBox
DeleteObject
GetStockObject
SetMapMode
SetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
OffsetViewportOrgEx
SetWindowExtEx
ScaleWindowExtEx
RestoreDC
PtVisible
TextOutA
ExtTextOutA
RectVisible
Escape
SelectObject
CreateBitmap

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

comdlg32

GetFileTitleA

Sections

.text
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 192KB - Virtual size: 496KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5b6bdd99e332e30032a5169e345d5dc7

Headers

File Characteristics

Imports

kernel32

user32

ole32

oleaut32

comctl32

oledlg

gdi32

winspool.drv

comdlg32

Sections

.text Size: 100KB - Virtual size: 98KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 20KB - Virtual size: 30KB

.vmp0 Size: 192KB - Virtual size: 496KB

.text
Size: 100KB - Virtual size: 98KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 20KB - Virtual size: 30KB

.vmp0
Size: 192KB - Virtual size: 496KB