652758696ade3fd260061d123d2dbe29ec9ca6507e7e150762ed2dced313f614

Sharing

Copy URL Twitter E-mail

General

Target

652758696ade3fd260061d123d2dbe29ec9ca6507e7e150762ed2dced313f614
Size

736KB
MD5

5f1526f00eb97b5de4f2828aedc8b1c4
SHA1

d9bf3281abcb83c0befcc34eeea18813fda1969d
SHA256

652758696ade3fd260061d123d2dbe29ec9ca6507e7e150762ed2dced313f614
SHA512

e0750a7fccb08632de92ca4aa03e2f544e7d570287ecbb54d9ed4588ab9fee33ecea5ea5aeafb0a00cfc4ddef744188802d65e9166781c03e1cdf1cde3cc061e
SSDEEP

12288:eLMMVeH8ef1w7Ti/N60glmpSVu/w2LGMc6c1nuMBWW8eS:eLMUy1w7TJB2g//7nT

Score

N/A

Malware Config

Signatures

Files

652758696ade3fd260061d123d2dbe29ec9ca6507e7e150762ed2dced313f614
.exe windows x86

3e3f0a552d98f1e49b0f26b16ac6e40e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

comctl32

CreatePropertySheetPageW
ImageList_SetOverlayImage
ImageList_GetImageInfo
ImageList_GetBkColor
CreatePropertySheetPageA
ImageList_GetImageCount
CreateToolbarEx
ImageList_DragShowNolock
ImageList_DragLeave
ImageList_GetIconSize
ImageList_SetBkColor
PropertySheetW
ImageList_LoadImageW
ImageList_Destroy
ImageList_Write
ImageList_LoadImageA
ImageList_DrawIndirect
ImageList_Remove
ImageList_DrawEx
ImageList_SetDragCursorImage

msvcrt

wcscspn
_time64
__p__commode
_winminor
isdigit
memmove
_filelengthi64
setlocale
_ecvt
fopen
_ismbblead
_mktemp
_i64tow
??_V@YAXPAX@Z
setvbuf
_CItanh
_wgetcwd
_ismbstrail
ldiv
acos
_rmdir
__set_app_type
longjmp
??0exception@@QAE@XZ

kernel32

BackupRead
FormatMessageW
CreateJobObjectW
MoveFileWithProgressA
HeapCreate
QueryPerformanceCounter
GetComputerNameA
OpenMutexA
GetConsoleCursorInfo
WriteConsoleW
GetComputerNameExW
GetCompressedFileSizeA
GetComputerNameExA
FindNextFileW
GetModuleHandleW
AreFileApisANSI
GetCurrencyFormatA
IsProcessorFeaturePresent
VirtualAlloc
EnumResourceNamesW
GetSystemTime
SignalObjectAndWait
DeleteFileA
SetConsoleCP
GetStartupInfoA
Sleep
GetComputerNameW
WaitForSingleObjectEx
FindFirstFileExW
SetConsoleScreenBufferSize
CopyFileW
SetUnhandledExceptionFilter
WritePrivateProfileStructW
CommConfigDialogW
GetCurrentThreadId
Module32NextW
ReplaceFileA
CopyFileA

advapi32

SetNamedSecurityInfoW
LsaRetrievePrivateData
AccessCheckByType
SystemFunction031
RegRestoreKeyA
RegCreateKeyExW
SetTokenInformation
GetTraceEnableFlags
GetSecurityInfo
InitializeSecurityDescriptor
TraceMessage
ReportEventA
CreateRestrictedToken
AreAllAccessesGranted
GetKernelObjectSecurity
CryptDeriveKey
DuplicateTokenEx
ImpersonateSelf
DeleteService
RevertToSelf
GetServiceDisplayNameA
CreateProcessAsUserA
SetSecurityInfo
LookupAccountSidA
FreeSid
RegQueryValueExA
SetFileSecurityW
CryptVerifySignatureW
SetServiceStatus
StartTraceW
SystemFunction029
CryptEnumProvidersA
SystemFunction012
AbortSystemShutdownA
CommandLineFromMsiDescriptor

winspool.drv

GetJobW
DeletePrinter
GetPrinterDriverA
EnumPortsW
DeletePrinterDataW
EnumPrintersA
SetFormW
AddFormW
DeletePrinterDataExW
EnumPrintProcessorDatatypesW
GetPrintProcessorDirectoryA
SetPrinterDataExW
AddMonitorA
FindClosePrinterChangeNotification
ClosePrinter
StartPagePrinter
EndDocPrinter
EnumPrinterDataW
EnumPortsA
GetJobA
WritePrinter
AddPrintProcessorW
GetPrintProcessorDirectoryW
GetPrinterDriverDirectoryW
SetPrinterDataW

crypt32

CryptVerifyCertificateSignature

Sections

.text
Size: 25KB - Virtual size: 413KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

CRT
Size: 550KB - Virtual size: 938KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 226B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3e3f0a552d98f1e49b0f26b16ac6e40e

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

msvcrt

kernel32

advapi32

winspool.drv

crypt32

Sections

.text Size: 25KB - Virtual size: 413KB

CRT Size: 550KB - Virtual size: 938KB

.rsrc Size: 159KB - Virtual size: 159KB

.reloc Size: 512B - Virtual size: 226B

.text
Size: 25KB - Virtual size: 413KB

CRT
Size: 550KB - Virtual size: 938KB

.rsrc
Size: 159KB - Virtual size: 159KB

.reloc
Size: 512B - Virtual size: 226B