537a409f8482e412bbcc421b065e9680fd89909a3784fba2042e0c067ebc666a

Sharing

Copy URL Twitter E-mail

General

Target

537a409f8482e412bbcc421b065e9680fd89909a3784fba2042e0c067ebc666a
Size

744KB
MD5

f148f7966086f88e8ca1365ac4903bb8
SHA1

0aca8b0f69c3b0695b5db8ed3725f66ff4cabb3a
SHA256

537a409f8482e412bbcc421b065e9680fd89909a3784fba2042e0c067ebc666a
SHA512

3e90d485937ae9b0016c58a68018e2ebdf9466a57194a72a36b71e904d6ef6288fafd0c5a8bc29cbcbca624ab9aa70b5cefd934bfd0bd9313a89babef4432218
SSDEEP

12288:24UIyu1w0NREEqW5fKEIrdGtDZ/Fo2w0ob4BEeTCmF5uioQSSrqm:1yu1pNRHGGFZto2xoOF3rq

Score

N/A

Malware Config

Signatures

Files

537a409f8482e412bbcc421b065e9680fd89909a3784fba2042e0c067ebc666a
.exe windows x86

65021493a211a28ab70c9f2d1c50ce61

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetUnhandledExceptionFilter
SetErrorMode
DuplicateHandle
OpenMutexA
CreateMutexA
ReleaseMutex
FlushFileBuffers
CreateThread
GetVersion
LocalFree
LocalAlloc
LoadLibraryA
ExitProcess
GetCurrentProcessId
GetFileTime
GetModuleFileNameA
RemoveDirectoryA
FindFirstFileA
FindNextFileA
TlsSetValue
TlsAlloc
CreatePipe
VirtualProtect
LCMapStringA
SetEndOfFile
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
CreateFileA
SetStdHandle
HeapReAlloc
VirtualAlloc
HeapAlloc
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
WriteFile
RtlUnwind
VirtualFree
LCMapStringW
HeapCreate
GetVersionExA
GetEnvironmentVariableA
GetShortPathNameA
PeekNamedPipe
WriteConsoleW
GetCurrentThread
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
HeapFree
GetLastError
CloseHandle
ReadFile
TerminateProcess
GetCurrentProcess
SetFilePointer
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy

user32

RegisterWindowMessageA
FindWindowA
SendMessageA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

comdlg32

ChooseFontA
GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError
ReplaceTextA

ole32

OleUninitialize
CoCreateInstance
CoUninitialize
OleInitialize
CoInitialize

comctl32

ImageList_Draw
CreatePropertySheetPageA
ImageList_SetDragCursorImage
ImageList_LoadImageA
PropertySheetA

Sections

.text
Size: 124KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 328KB - Virtual size: 327KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 268KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

65021493a211a28ab70c9f2d1c50ce61

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

winspool.drv

comdlg32

ole32

comctl32

Sections

.text Size: 124KB - Virtual size: 121KB

.rdata Size: 328KB - Virtual size: 327KB

.data Size: 268KB - Virtual size: 1.2MB

.tls Size: 4KB - Virtual size: 80B

.rsrc Size: 16KB - Virtual size: 12KB

.text
Size: 124KB - Virtual size: 121KB

.rdata
Size: 328KB - Virtual size: 327KB

.data
Size: 268KB - Virtual size: 1.2MB

.tls
Size: 4KB - Virtual size: 80B

.rsrc
Size: 16KB - Virtual size: 12KB