277157f04563b6b3d1e065f687deefc155ef43f526978ef5c1d0cb18f36f2ec3

Sharing

Copy URL Twitter E-mail

General

Target

277157f04563b6b3d1e065f687deefc155ef43f526978ef5c1d0cb18f36f2ec3
Size

761KB
MD5

31651e0c14719ed9fcdc5bfd5ab87ae0
SHA1

2a6c31596bcf8132d9e0b075805532faff038542
SHA256

277157f04563b6b3d1e065f687deefc155ef43f526978ef5c1d0cb18f36f2ec3
SHA512

5a3abd0eb05150b494efe4618b8bd18384ee59e52db5eb60a99a91b1912ee53ec169b12655922667fe0c8f282da41af82bd42737ae1d09d1bacd2a6feef96581
SSDEEP

12288:wStMTR4YcKnqh2nu6Mw7sSlZDPj66ValXJv+a0GC1hWj:w51c8qi/3eQyX2GMhW

Score

N/A

Malware Config

Signatures

Files

277157f04563b6b3d1e065f687deefc155ef43f526978ef5c1d0cb18f36f2ec3
.exe windows x86

235b7159fbc9cdb82ba44c5dfa0d51fb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CreateEventW
WriteConsoleInputW
VirtualAlloc
GetFileAttributesA
GetLastError
LocalReAlloc
GetQueuedCompletionStatus
VirtualProtect
SetFileTime
GetVolumePathNameW
DeleteTimerQueueTimer
CreateMutexW
LocalAlloc
HeapSetInformation
GetDiskFreeSpaceExA
AssignProcessToJobObject
GetProcessAffinityMask
GetCurrencyFormatW
LockFileEx
GlobalUnlock
GetCurrentProcessId
GlobalHandle
RemoveDirectoryA
ReleaseMutex
VirtualFree
SearchPathA
UnmapViewOfFile
SetProcessShutdownParameters
GlobalAlloc
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount

mpr

WNetCancelConnection2W
WNetUseConnectionW
WNetGetUserW
WNetCloseEnum
WNetEnumResourceW
WNetGetLastErrorW
WNetAddConnection2W
WNetOpenEnumA
WNetGetUserA
WNetAddConnection3W
WNetGetUniversalNameW
WNetGetProviderNameW
WNetGetConnectionA
WNetGetUniversalNameA
WNetEnumResourceA
WNetOpenEnumW
WNetGetConnectionW
WNetGetResourceInformationW

msvcrt

__crtLCMapStringA
_acmdln
tolower
_CItanh
modf
_snprintf
_flushall
_wfindnext64
_kbhit
_mbsstr
_wtempnam
_tolower
?terminate@@YAXXZ
_vsnprintf
_local_unwind2
__CxxFrameHandler
_wcsicmp
iswprint
iswspace
__mb_cur_max
??3@YAXPAX@Z
__argv
_ultoa
getc
clearerr
?what@exception@@UBEPBDXZ
ferror
_strlwr
__dllonexit

user32

SetCaretPos
CloseClipboard
SetWindowsHookExW
GetMenuItemInfoA
IsRectEmpty
MapVirtualKeyW
AppendMenuA
SendMessageA
GetWindow
LoadCursorW
SetDlgItemTextA
ActivateKeyboardLayout
EndDialog
OpenWindowStationW
AlignRects
RegisterClassA
CreateCursor
CharLowerW
GetMenuCheckMarkDimensions
RegisterWindowMessageW
FreeDDElParam
SetRectEmpty
MessageBoxIndirectA
LoadIconW
IsZoomed
SetTimer
VkKeyScanW
BringWindowToTop
SetUserObjectSecurity
PostQuitMessage
GetThreadDesktop
CreateIconIndirect
GetKeyState
SetScrollInfo
SendNotifyMessageW
GetWindowInfo
GetClipboardFormatNameA
ShowCaret
MonitorFromPoint
SetMenuItemInfoA
GetKeyboardLayoutList
FillRect
CharToOemBuffA
DispatchMessageW
MonitorFromWindow
ChangeClipboardChain
GetClassInfoW
LockSetForegroundWindow
LoadBitmapW
DefWindowProcA
GetMenuDefaultItem
SendMessageCallbackW
LoadMenuA

imm32

ImmUnlockIMC
ImmUnlockIMCC
ImmGetHotKey
ImmSetOpenStatus
ImmSetCompositionWindow
ImmRegisterWordW
ImmGetProperty
ImmDisableIME
ImmConfigureIMEW
ImmSetHotKey
ImmAssociateContext
ImmSetCompositionStringW
ImmDestroyContext
ImmReleaseContext
ImmEscapeW
ImmNotifyIME
ImmIsIME
ImmGetIMEFileNameW
ImmGetDefaultIMEWnd
ImmGetConversionStatus
ImmLockIMCC
ImmSetCandidateWindow
ImmGetIMEFileNameA
ImmGetOpenStatus
ImmGetCompositionStringW

winspool.drv

StartPagePrinter
EndDocPrinter
GetPrinterDriverDirectoryA
DeleteMonitorW
OpenPrinterA
XcvDataW
EnumMonitorsW
EnumPortsW
EnumPortsA
SetPrinterDataExW
DocumentPropertiesW
SetPrinterW
GetPrinterDriverW
GetPrinterDataA
GetPrintProcessorDirectoryA
FindFirstPrinterChangeNotification
EnumPrintProcessorDatatypesW
GetPrinterA
EnumFormsW
PrinterProperties
FreePrinterNotifyInfo
DeletePrinter
GetPrinterDriverA
DeviceCapabilitiesW
EnumPrinterDriversW

msacm32

acmMetrics
acmDriverEnum
acmGetVersion
acmFormatSuggest
acmStreamUnprepareHeader
acmFormatDetailsW
acmStreamOpen
acmDriverOpen
acmStreamClose
acmStreamSize
acmStreamPrepareHeader
acmStreamConvert

crypt32

CertResyncCertificateChainEngine

Sections

.text
Size: 14KB - Virtual size: 503KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 519KB - Virtual size: 1008KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 226KB - Virtual size: 225KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 368B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

235b7159fbc9cdb82ba44c5dfa0d51fb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

mpr

msvcrt

user32

imm32

winspool.drv

msacm32

crypt32

Sections

.text Size: 14KB - Virtual size: 503KB

.idata Size: 519KB - Virtual size: 1008KB

.rsrc Size: 226KB - Virtual size: 225KB

.reloc Size: 1024B - Virtual size: 368B

.text
Size: 14KB - Virtual size: 503KB

.idata
Size: 519KB - Virtual size: 1008KB

.rsrc
Size: 226KB - Virtual size: 225KB

.reloc
Size: 1024B - Virtual size: 368B