5ecb190024e8116be372a16e9bd6f7c73137ad26f4740d723ee9f59d65440faf

Sharing

Copy URL Twitter E-mail

General

Target

5ecb190024e8116be372a16e9bd6f7c73137ad26f4740d723ee9f59d65440faf
Size

268KB
MD5

7206452400c5f6d079eb8944e8409b5f
SHA1

99611f24ffcda9851f06608bd73e802dac3742c0
SHA256

5ecb190024e8116be372a16e9bd6f7c73137ad26f4740d723ee9f59d65440faf
SHA512

5bf77edd427d3106226023415ba9866e88147599124e8041a53f37d2ffc4130b70e99b6d2778f2b9dd1c78a6cbc18f2e4340fca5ffe922b38e3a5d846198807c
SSDEEP

6144:KkOqrJnV0KElMnn1wfLSzvg+VAJCz28Ldi3:KepV5Wun1p7VAgS8Ld0

Score

N/A

Malware Config

Signatures

Files

5ecb190024e8116be372a16e9bd6f7c73137ad26f4740d723ee9f59d65440faf
.exe windows x86

db34ed57f2c32af7c45900460ccac279

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidCodePage
GetOEMCP
GetACP
IsDebuggerPresent
lstrcmpW
GetModuleHandleW
GlobalAlloc
LocalFree
MulDiv
SetErrorMode
lstrlenW
Beep
ExpandEnvironmentStringsA
GetWindowsDirectoryW
GetProcessHeap
FreeLibrary
FindResourceW
LoadResource
SetUnhandledExceptionFilter
RaiseException
lstrlenA
GlobalFindAtomW
GetModuleHandleA
TlsAlloc
LocalAlloc
CreateEventW
GlobalDeleteAtom
GetCurrentThreadId
lstrcmpA
GetProcAddress

user32

GetForegroundWindow
SetActiveWindow
GetTopWindow
TrackPopupMenu
SetMenu
GetScrollPos
SetForegroundWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
SetFocus
DefWindowProcW
WinHelpW
CopyRect
GetMenu
GetSubMenu
GetMenuItemCount
SetWindowLongW
SetWindowPos
IsIconic
GetCapture
SetCapture
GetDesktopWindow
SendDlgItemMessageA
SendDlgItemMessageW
LoadIconW
RegisterWindowMessageW
IsWindow
GetMenuItemID
AppendMenuW
CopyIcon
GetIconInfo
GetMenuState
PostQuitMessage
PostMessageW
CheckMenuItem
IsDlgButtonChecked
MoveWindow
ShowWindow
DestroyIcon
DestroyMenu
CreatePopupMenu
InvalidateRect
EndDialog
CreateDialogIndirectParamW
SetTimer
MessageBeep
EnableMenuItem
SendMessageW
GetFocus
LoadBitmapW
SetWindowTextW
UnregisterClassW
LoadCursorW
GetSystemMetrics
GetSysColor
GetSysColorBrush
LoadImageW
EnableWindow
MessageBoxW
SetCursor
GetMessageW
GetActiveWindow
GetKeyState
PeekMessageW
GetCursorPos

gdi32

CreateBitmap
DeleteObject
CreatePatternBrush
CreateCompatibleDC
GetStockObject
CreatePen
CreateSolidBrush
CreateFontIndirectW
CreatePalette

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

GetUserNameW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
RegDeleteKeyW
RegEnumKeyW
RegOpenKeyW
RegQueryValueW
RegCreateKeyExW
RegSetValueExW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegOpenKeyExA
LookupAccountSidW
GetTokenInformation
CreateProcessAsUserW
SetSecurityInfo
SetEntriesInAclW
BuildExplicitAccessWithNameW
GetSecurityDescriptorDacl
GetSecurityInfo
RegQueryValueExA

shell32

ShellExecuteW

shlwapi

PathFindFileNameW
PathFindExtensionW

oleaut32

VariantInit
VariantChangeType
VariantClear

winmm

sndPlaySoundW

quartz

DBToAmpFactor
DllUnregisterServer
AMGetErrorTextW
DllRegisterServer
DllGetClassObject

odbc32gt

Dispatch

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.irKG
Size: 2KB - Virtual size: 286KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.WRK
Size: 3KB - Virtual size: 198KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.O
Size: 4KB - Virtual size: 622KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.E
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.XL
Size: 4KB - Virtual size: 393KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.YO
Size: 1024B - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dMhq
Size: 84KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.YLEr
Size: 2KB - Virtual size: 512KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.KCbunK
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fkwK
Size: 135KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

db34ed57f2c32af7c45900460ccac279

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

shlwapi

oleaut32

winmm

quartz

odbc32gt

Sections

.text Size: 17KB - Virtual size: 17KB

.irKG Size: 2KB - Virtual size: 286KB

.WRK Size: 3KB - Virtual size: 198KB

.O Size: 4KB - Virtual size: 622KB

.E Size: 512B - Virtual size: 1KB

.rdata Size: 4KB - Virtual size: 14KB

.XL Size: 4KB - Virtual size: 393KB

.YO Size: 1024B - Virtual size: 51KB

.dMhq Size: 84KB - Virtual size: 156KB

.YLEr Size: 2KB - Virtual size: 512KB

.data Size: 6KB - Virtual size: 105KB

.KCbunK Size: 1024B - Virtual size: 107KB

.fkwK Size: 135KB - Virtual size: 147KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 17KB - Virtual size: 17KB

.irKG
Size: 2KB - Virtual size: 286KB

.WRK
Size: 3KB - Virtual size: 198KB

.O
Size: 4KB - Virtual size: 622KB

.E
Size: 512B - Virtual size: 1KB

.rdata
Size: 4KB - Virtual size: 14KB

.XL
Size: 4KB - Virtual size: 393KB

.YO
Size: 1024B - Virtual size: 51KB

.dMhq
Size: 84KB - Virtual size: 156KB

.YLEr
Size: 2KB - Virtual size: 512KB

.data
Size: 6KB - Virtual size: 105KB

.KCbunK
Size: 1024B - Virtual size: 107KB

.fkwK
Size: 135KB - Virtual size: 147KB

.rsrc
Size: 2KB - Virtual size: 1KB