56a1adcf8de60e439e5699cb63d5c0f662eef0bcb9eab2403ec17bcf1188662a

Sharing

Copy URL

Twitter E-mail

General

Target

56a1adcf8de60e439e5699cb63d5c0f662eef0bcb9eab2403ec17bcf1188662a
Size

368KB
MD5

93e60c096e5eac5b5ba036d1ab012e30
SHA1

19efd46070f3ce0a7dc8ee6dc01a0fb140b3292a
SHA256

56a1adcf8de60e439e5699cb63d5c0f662eef0bcb9eab2403ec17bcf1188662a
SHA512

20e3a507dc6b80080e680ced5170d6cc0bd9585a47bc911fba3696a8c501e35516f1d923f869b07f5060f907bf628adf28389d7e2473cc3003111d6f7a2ad26d
SSDEEP

6144:8JhxNJS0IhnBc41d/sB3NJSe/cZZToPJHXRudkqBSIBDK5IJITjpQs:8j0jBck/sB3Se/cnToPJUUvXTjl

Score

N/A

Malware Config

Signatures

Files

56a1adcf8de60e439e5699cb63d5c0f662eef0bcb9eab2403ec17bcf1188662a
.exe windows x86

c9c1404954ec9793918387ae1e125599

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CreateDialogParamA
WindowFromPoint
GetNextDlgGroupItem
ShowWindow
GetWindowThreadProcessId
EnumWindows
CreateWindowExA
AdjustWindowRectEx
SetParent
ShowWindowAsync
GetWindow
GetClipboardData

gdi32

AddFontResourceW
AngleArc
GdiFlush
BitBlt
GetBkColor
ExtEscape
CreateEllipticRgn
CreateSolidBrush
EqualRgn
GetBkMode

advapi32

AdjustTokenPrivileges
RegQueryValueA
RegNotifyChangeKeyValue
RegOpenKeyExA
RegUnLoadKeyA
NotifyChangeEventLog
OpenEventLogA
RegisterEventSourceW

kernel32

SetLastError
TlsGetValue
GetLastError
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
EnterCriticalSection
LeaveCriticalSection
GetStringTypeW
IsBadReadPtr
InitializeCriticalSection
ResetEvent
IsBadStringPtrA
CreateMutexA
ReleaseMutex
VirtualAlloc
GetStringTypeA
HeapReAlloc
VirtualQuery
CompareStringA
GetDateFormatA
ReleaseSemaphore
WritePrivateProfileStringA
GetProcAddress
GetEnvironmentVariableA
VirtualAllocEx
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
HeapAlloc
GetOEMCP
GetACP
GetCPInfo
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte

winspool.drv

DeletePrinterDriverA
GetJobW
EnumPrintersW
AddPrintProcessorW
DeletePrinter
ConnectToPrinterDlg
SetJobA
EnumJobsA
AddPrinterA

netapi32

NetSetPrimaryComputerName
NetLocalGroupDelMembers
NetErrorLogClear
NetGetDCName
NetErrorLogRead
NetAuditWrite
NetConfigSet
Netbios

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vfig
Size: 332KB - Virtual size: 331KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c9c1404954ec9793918387ae1e125599

Headers

File Characteristics

Imports

user32

gdi32

advapi32

kernel32

winspool.drv

netapi32

Sections

.text Size: 29KB - Virtual size: 28KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 80KB

.vfig Size: 332KB - Virtual size: 331KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 29KB - Virtual size: 28KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 80KB

.vfig
Size: 332KB - Virtual size: 331KB

.rsrc
Size: 3KB - Virtual size: 3KB