82a106ae8847dc861a5d80b0462e85d90ca00746f37dc3ecb50668acd7e338b3

Sharing

Copy URL Twitter E-mail

General

Target

82a106ae8847dc861a5d80b0462e85d90ca00746f37dc3ecb50668acd7e338b3
Size

257KB
MD5

c172a6f04747390dc8f3749b7f83977a
SHA1

44246f8d93d6caa66336270d2a93449585cbdcca
SHA256

82a106ae8847dc861a5d80b0462e85d90ca00746f37dc3ecb50668acd7e338b3
SHA512

e65028aedc5aa73c21548e4daf1397130d8290cea37a2ea7d5cf9dea37d37bcdc5fea5d16e71098bc1d9df8521673c090d66fbd3d93b767a211060066a6ebd2b
SSDEEP

6144:0ulCh2tjwaljvX7k+t1+6VSLpQkGnu4dUD/NdCZYNEUTa29a:04ntjwaZvdU1LLGu4WbNdKYCUTa29a

Score

N/A

Malware Config

Signatures

Files

82a106ae8847dc861a5d80b0462e85d90ca00746f37dc3ecb50668acd7e338b3
.exe windows x86

766a51b640a10913e4fb0405463d57c7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA
RevertToSelf
SetSecurityDescriptorDacl
RegOpenKeyExA
RegCloseKey
InitializeSecurityDescriptor
RegSetValueExA
ImpersonateSelf

comdlg32

GetSaveFileNameW

shell32

ShellExecuteW
SHGetFileInfoW

oleaut32

SysFreeString
SysAllocStringByteLen
OleLoadPicture

ole32

CoCreateInstance
CreateStreamOnHGlobal
CoInitializeEx
CoUninitialize
IsEqualGUID

kernel32

GetCommandLineW
FormatMessageA
LocalFree
lstrcmpiA
GlobalAlloc
EnterCriticalSection
CloseHandle
GlobalLock
GetModuleHandleA
DeleteFileA
WaitForSingleObject
LoadLibraryExA
FreeLibrary
MulDiv
GetCommandLineA
HeapAlloc
FindResourceW
ReleaseMutex
WideCharToMultiByte
GetCurrentThreadId
GetCurrentDirectoryA
GetProcessHeap
DeleteCriticalSection
LeaveCriticalSection
GlobalFree
GetDateFormatA
SetLastError
GetLocalTime
HeapFree
GlobalUnlock
CreateMutexA
GetVersion
VirtualAllocEx

comctl32

ImageList_GetIconSize
ImageList_Draw

gdi32

BitBlt
CreateCompatibleDC
SetBkMode
SaveDC
GetObjectW
SelectClipRgn
CreateCompatibleBitmap
RestoreDC
CreateRectRgn
SelectObject
CreateFontIndirectW
StretchDIBits
DeleteDC
DeleteObject
GetDeviceCaps
GetTextExtentExPointW

user32

EndPaint
MessageBoxA
BeginPaint
SendMessageW
DrawTextW
ShowWindow
RegisterWindowMessageA
DrawTextExW
GetDC
OffsetRect
InvalidateRect
FindWindowA
SetForegroundWindow
RegisterClipboardFormatW
InflateRect
GetSystemMetrics
GetCursorPos
EqualRect
ScreenToClient
PostMessageA
ReleaseDC

winspool.drv

OpenPrinterA
AddJobW
SetFormA
GetPrinterA
DEVICECAPABILITIES
AddJobA
EnumPrintersW
GetPrinterDataExW
EnumPrinterDataExW
SetDefaultPrinterW
SetFormW
FindClosePrinterChangeNotification
DeletePortA
AddPrintProcessorA
AdvancedSetupDialog
SetPrinterDataExW
AddFormA
AddPrintProvidorA
AddPrinterA
EnumPortsW
GetDefaultPrinterW
XcvDataW
EnumPrinterKeyA
PrinterMessageBoxW
StartDocDlgA

icm32

CMCheckColorsInGamut
CMCheckColors

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.oeOusH
Size: 512B - Virtual size: 184B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zhaVPY
Size: 1024B - Virtual size: 963B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bLiP
Size: 512B - Virtual size: 150B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CrWvHQL
Size: 512B - Virtual size: 229B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.QHVzjsA
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.swQFf
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.laKyfH
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RZke
Size: 103KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vbEsqlr
Size: 512B - Virtual size: 194B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.DncriJ
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.KpkhOkH
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

766a51b640a10913e4fb0405463d57c7

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

comdlg32

shell32

oleaut32

ole32

kernel32

comctl32

gdi32

user32

winspool.drv

icm32

Sections

.text Size: 17KB - Virtual size: 17KB

.oeOusH Size: 512B - Virtual size: 184B

.zhaVPY Size: 1024B - Virtual size: 963B

.bLiP Size: 512B - Virtual size: 150B

.CrWvHQL Size: 512B - Virtual size: 229B

.QHVzjsA Size: 3KB - Virtual size: 2KB

.rdata Size: 3KB - Virtual size: 3KB

.swQFf Size: 3KB - Virtual size: 2KB

.laKyfH Size: 2KB - Virtual size: 2KB

.RZke Size: 103KB - Virtual size: 313KB

.data Size: 110KB - Virtual size: 1.7MB

.vbEsqlr Size: 512B - Virtual size: 194B

.rsrc Size: 6KB - Virtual size: 6KB

.DncriJ Size: 2KB - Virtual size: 2KB

.KpkhOkH Size: 1024B - Virtual size: 592B

.text
Size: 17KB - Virtual size: 17KB

.oeOusH
Size: 512B - Virtual size: 184B

.zhaVPY
Size: 1024B - Virtual size: 963B

.bLiP
Size: 512B - Virtual size: 150B

.CrWvHQL
Size: 512B - Virtual size: 229B

.QHVzjsA
Size: 3KB - Virtual size: 2KB

.rdata
Size: 3KB - Virtual size: 3KB

.swQFf
Size: 3KB - Virtual size: 2KB

.laKyfH
Size: 2KB - Virtual size: 2KB

.RZke
Size: 103KB - Virtual size: 313KB

.data
Size: 110KB - Virtual size: 1.7MB

.vbEsqlr
Size: 512B - Virtual size: 194B

.rsrc
Size: 6KB - Virtual size: 6KB

.DncriJ
Size: 2KB - Virtual size: 2KB

.KpkhOkH
Size: 1024B - Virtual size: 592B