750226cd5669b06134e5559e428eff92dbc41f9c0d30bc17985637131271d236

Sharing

Copy URL

Twitter E-mail

General

Target

750226cd5669b06134e5559e428eff92dbc41f9c0d30bc17985637131271d236
Size

344KB
MD5

eb3c7d91163c0d0988d8a131e29249eb
SHA1

5774370b5589663d48c74c68d56630d6faf53609
SHA256

750226cd5669b06134e5559e428eff92dbc41f9c0d30bc17985637131271d236
SHA512

dc2a1593cd461bc21a8365021170327841d150a081b460cb2ae2cca7ef4e48170da448d09df0260aa23e5a8b19e2b44e5c8c92614c732807ffabc6fc55cc2f87
SSDEEP

6144:jpTPjhIhGaMCFsk55AQpLeQmNGYB41FikIZAkKyb6oQWL8gANne:xLhIhGqFskXnqQqGY0Qaqt4ne

Score

N/A

Malware Config

Signatures

Files

750226cd5669b06134e5559e428eff92dbc41f9c0d30bc17985637131271d236
.exe windows x86

5e9c760a537cc4d4249aed76908d7a76

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadCursorA
GetForegroundWindow
GetDialogBaseUnits
IsWindowVisible
SetWindowPos
GetTopWindow
SetSysColors
GetDlgItemTextA
CreateDialogIndirectParamA
ChildWindowFromPoint

gdi32

CloseEnhMetaFile
GetBkMode
EnumObjects
EndDoc
DeleteObject
CopyMetaFileW

advapi32

RegEnumKeyExA
RegQueryValueExA
RegOpenKeyExA
BackupEventLogW
ClearEventLogW
PrivilegeCheck
RegSetValueExA
OpenBackupEventLogW

kernel32

GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GlobalSize
VirtualProtectEx
OpenSemaphoreA
GlobalUnlock
GetDateFormatA
VirtualQuery
HeapFree
HeapSize
GetProcAddress
SetHandleInformation
VirtualAllocEx
GetACP
GetCPInfo
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
WriteFile
RtlUnwind
HeapCreate
HeapDestroy
GetLastError
TlsGetValue
SetLastError
TlsAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
VirtualFree

winspool.drv

AddPrintProcessorA
GetPrinterW
DeletePrinterDriverW
EnumPrintProcessorsA
DeletePrinterConnectionW
GetPrinterA
DeletePrinterDriverA

netapi32

NetUseAdd
NetConfigGet
NetFileClose
NetGetAnyDCName
NetAuditWrite
NetErrorLogClear
NetGetJoinInformation

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gtcni
Size: 332KB - Virtual size: 331KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e9c760a537cc4d4249aed76908d7a76

Headers

File Characteristics

Imports

user32

gdi32

advapi32

kernel32

winspool.drv

netapi32

Sections

.text Size: 29KB - Virtual size: 28KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 80KB

.gtcni Size: 332KB - Virtual size: 331KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 29KB - Virtual size: 28KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 80KB

.gtcni
Size: 332KB - Virtual size: 331KB

.rsrc
Size: 3KB - Virtual size: 3KB