53c7f2b5077a6902a5487f057fd4877691cefae6613bb220b34c0f37a1ce16e3

Sharing

Copy URL Twitter E-mail

General

Target

53c7f2b5077a6902a5487f057fd4877691cefae6613bb220b34c0f37a1ce16e3
Size

68KB
MD5

bc24d61ae5967155eaa5bc89bc78b340
SHA1

d1a1376d5e04822ca59d67db34d2f89db806d66b
SHA256

53c7f2b5077a6902a5487f057fd4877691cefae6613bb220b34c0f37a1ce16e3
SHA512

14b3c924f097d412171a898cfd172b9b6e9ac4ebe99dd4f32ea756f7bdb801d53c4970d33c6300faf9c66401f8c3adf83d73de952d9d223c375dff020ced5c89
SSDEEP

1536:aTYfvdhBJ900TDOH3AlmoZL6ERKWXPZzVXrn92:aTc5TOXAlmoZ+EYW/ZzVXrn92

Score

N/A

Malware Config

Signatures

Files

53c7f2b5077a6902a5487f057fd4877691cefae6613bb220b34c0f37a1ce16e3
.exe windows x86

5e9c760a537cc4d4249aed76908d7a76

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadCursorA
GetForegroundWindow
GetDialogBaseUnits
IsWindowVisible
SetWindowPos
GetTopWindow
SetSysColors
GetDlgItemTextA
CreateDialogIndirectParamA
ChildWindowFromPoint

gdi32

CloseEnhMetaFile
GetBkMode
EnumObjects
EndDoc
DeleteObject
CopyMetaFileW

advapi32

RegEnumKeyExA
RegQueryValueExA
RegOpenKeyExA
BackupEventLogW
ClearEventLogW
PrivilegeCheck
RegSetValueExA
OpenBackupEventLogW

kernel32

GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GlobalSize
VirtualProtectEx
OpenSemaphoreA
GlobalUnlock
GetDateFormatA
VirtualQuery
HeapFree
HeapSize
GetProcAddress
SetHandleInformation
VirtualAllocEx
GetACP
GetCPInfo
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
WriteFile
RtlUnwind
HeapCreate
HeapDestroy
GetLastError
TlsGetValue
SetLastError
TlsAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
VirtualFree

winspool.drv

AddPrintProcessorA
GetPrinterW
DeletePrinterDriverW
EnumPrintProcessorsA
DeletePrinterConnectionW
GetPrinterA
DeletePrinterDriverA

netapi32

NetUseAdd
NetConfigGet
NetFileClose
NetGetAnyDCName
NetAuditWrite
NetErrorLogClear
NetGetJoinInformation

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fzimoa
Size: 332KB - Virtual size: 331KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e9c760a537cc4d4249aed76908d7a76

Headers

File Characteristics

Imports

user32

gdi32

advapi32

kernel32

winspool.drv

netapi32

Sections

.text Size: 29KB - Virtual size: 28KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 80KB

.fzimoa Size: 332KB - Virtual size: 331KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 29KB - Virtual size: 28KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 80KB

.fzimoa
Size: 332KB - Virtual size: 331KB

.rsrc
Size: 3KB - Virtual size: 3KB