6297284fd4bfd89d87fe4b9826e1cab8ae5256a5ab29da47aa2c8eb1000ae549

Sharing

Copy URL Twitter E-mail

General

Target

6297284fd4bfd89d87fe4b9826e1cab8ae5256a5ab29da47aa2c8eb1000ae549
Size

372KB
MD5

a32c21505482f5951f1c6e06a311cbf2
SHA1

cb41aaeb057e27cedc39c79680296c9b5ade7ce8
SHA256

6297284fd4bfd89d87fe4b9826e1cab8ae5256a5ab29da47aa2c8eb1000ae549
SHA512

9b5e395b26b0eaff627dea60fa6986d9f36ce11da90242ffe2740f8a22d13bc9c2e564b7085cd9a0994cfccdd23daebdd7aa036c54bb2f8255c4ca404d6071af
SSDEEP

6144:LkZGjXxxhUnA6nvR2TeZl63k+x1h8MfbcpotVmNViC+ls+WNhsWU23Hs:wsjBxenTl6hx/Zcp7NxYs+Wn423Hs

Score

N/A

Malware Config

Signatures

Files

6297284fd4bfd89d87fe4b9826e1cab8ae5256a5ab29da47aa2c8eb1000ae549
.exe windows x86

65f1c7b85b09f7a3c383dc0ccd40f992

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsIconic
GetClipboardData
WindowFromPoint
FindWindowA
EnumThreadWindows
GetDesktopWindow
SetWindowTextA
GetDialogBaseUnits
TileWindows
EndDeferWindowPos
FindWindowExA
GetDlgItemTextA
MoveWindow
DefDlgProcA
SendDlgItemMessageA

gdi32

DeleteDC
Chord
GetBitmapDimensionEx
FloodFill
CopyEnhMetaFileA
ExtEscape
GetBkMode
ExtCreateRegion
EqualRgn
BitBlt
CreateSolidBrush
ExcludeClipRect
AddFontResourceA
GdiComment
CreateFontA

advapi32

RegCreateKeyExA
ReadEventLogW
OpenProcessToken
RegReplaceKeyA
RegOverridePredefKey

kernel32

SetLastError
TlsGetValue
GetLastError
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
LeaveCriticalSection
GetCPInfo
GetACP
GetStringTypeA
OpenSemaphoreA
LocalLock
OpenMutexA
VirtualQuery
GetSystemDefaultLangID
CreateSemaphoreA
GlobalLock
VirtualFreeEx
WideCharToMultiByte
GetStringTypeW
InitializeCriticalSection
EnterCriticalSection
GetPrivateProfileStringA
GetProcAddress
GetEnvironmentVariableA
VirtualAllocEx
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
HeapReAlloc
TlsAlloc
VirtualAlloc
HeapAlloc
TlsSetValue
GetCurrentThreadId
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetOEMCP

winspool.drv

EnumPrintProcessorsW
AddPrinterDriverExW
GetPrinterA
AddPrinterDriverA
DeletePrinterDataA
DeletePrinterDriverA
AddPrinterDriverW
EnumPrintProcessorsA

netapi32

NetUnjoinDomain
NetAuditClear
Netbios
NetConfigGetAll
NetAuditWrite
NetGetJoinInformation
NetAuditRead
NetErrorLogRead
NetGroupAdd
NetConfigSet
NetFileClose
NetErrorLogClear
NetConfigGet

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gqcbn
Size: 333KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

65f1c7b85b09f7a3c383dc0ccd40f992

Headers

File Characteristics

Imports

user32

gdi32

advapi32

kernel32

winspool.drv

netapi32

Sections

.text Size: 29KB - Virtual size: 28KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 79KB

.gqcbn Size: 333KB - Virtual size: 332KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 29KB - Virtual size: 28KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 79KB

.gqcbn
Size: 333KB - Virtual size: 332KB

.rsrc
Size: 3KB - Virtual size: 3KB