29da8538fde940d56d02a6b1e824e56406c5974707a8fa056333f65aa3d722e3

Sharing

Copy URL Twitter E-mail

General

Target

29da8538fde940d56d02a6b1e824e56406c5974707a8fa056333f65aa3d722e3
Size

336KB
MD5

0a54830682425fb67ee3c59d7f53c570
SHA1

2ab79cd14d5ee70737c0769d575d1a0fd12154f6
SHA256

29da8538fde940d56d02a6b1e824e56406c5974707a8fa056333f65aa3d722e3
SHA512

842f3556b8bfa6b87bdf77a7c8416bc41ae7abe994465d9db26cce2119aea9cd2b98bb1ac517792beb73a426cb97fa18d23074f7fefff2afec1cd7be52aa6ee9
SSDEEP

6144:OwC2232zBXn70muYtdeY9dfG4X1bDD+nXl6PCwWa1HsDFG4:jCjmzBXn7btzCCDDJPbiRx

Score

N/A

Malware Config

Signatures

Files

29da8538fde940d56d02a6b1e824e56406c5974707a8fa056333f65aa3d722e3
.exe windows x86

48f081f9659ef45918d18a978c366031

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
SetEndOfFile
HeapReAlloc
LoadLibraryW
HeapSize
FlushFileBuffers
SetStdHandle
WriteConsoleW
LCMapStringW
SetFilePointer
ReadFile
CreateFileW
Sleep
GetCurrentProcess
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
ExitProcess
MultiByteToWideChar
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
WriteFile
GetStringTypeW
GetProcAddress
GetCurrentThreadId
SetLastError
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
LockResource
GetNumberFormatW
GetLastError
ExitThread
lstrcatA
GetFileAttributesW
HeapCreate
SizeofResource
GetLocaleInfoW
GetSystemTimeAsFileTime
GetTickCount
TlsAlloc
IsValidCodePage
HeapAlloc
LoadResource
GetCurrentProcessId
FindResourceW
GetOEMCP
GetACP
GetProcessHeap
InterlockedDecrement
InterlockedIncrement
GetCPInfo
DeleteCriticalSection
GetFileType
GetStdHandle
SetHandleCount
IsProcessorFeaturePresent
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
EncodePointer
DecodePointer
RtlUnwind
HeapFree

user32

GetScrollPos
GetDlgItemTextA
FindWindowA
MoveWindow
SetDlgItemTextA
SetScrollInfo
UpdateWindow
SendMessageW
EndPaint
GetWindowRect
PostQuitMessage
SendDlgItemMessageA
TrackPopupMenu
SetForegroundWindow
LoadStringA
GetParent
SetFocus
BeginPaint
EnumWindows
GetDC
GetForegroundWindow
LoadIconW
SetWindowLongA
GetScrollInfo
MessageBoxA
InvalidateRect
GetWindowLongA
CreateWindowExA
ReleaseDC
GetDlgItem
EndDialog
DefWindowProcA
GetSysColor
SetWindowPos
GetCursorPos
ShowWindow
CreatePopupMenu
AppendMenuA
PostMessageA
IsWindowVisible
SetWindowTextA

gdi32

CreateFontIndirectW
GetDeviceCaps
GetCurrentObject
DeleteObject
SelectObject
Rectangle
GetTextExtentPointW
CreatePen
CreateSolidBrush
GetTextMetricsW

winspool.drv

ClosePrinter

shell32

Shell_NotifyIconA

ole32

CoInitializeEx
CoTaskMemFree
CoUninitialize
CoCreateInstance

winmm

mciSendStringA

shlwapi

StrCpyNW

Sections

.text
Size: 250KB - Virtual size: 249KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

48f081f9659ef45918d18a978c366031

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

shell32

ole32

winmm

shlwapi

Sections

.text Size: 250KB - Virtual size: 249KB

.rdata Size: 68KB - Virtual size: 67KB

.data Size: 6KB - Virtual size: 23KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 250KB - Virtual size: 249KB

.rdata
Size: 68KB - Virtual size: 67KB

.data
Size: 6KB - Virtual size: 23KB

.rsrc
Size: 11KB - Virtual size: 11KB