d0d79ef9a31167731d97e0d316fbdb5a78dc92cc29da469ea23f7f6829caa85c

Sharing

Copy URL Twitter E-mail

General

Target

d0d79ef9a31167731d97e0d316fbdb5a78dc92cc29da469ea23f7f6829caa85c
Size

112KB
MD5

ca7c02d53bac9b3b75e8b36db7ef9ef3
SHA1

9e5aa05b36c319fe4d66dee0c639b2074b7deed6
SHA256

d0d79ef9a31167731d97e0d316fbdb5a78dc92cc29da469ea23f7f6829caa85c
SHA512

5d4d9adb07b55e4973ec7d7699fd87a7d36657b1c324674e1ad0ad7acc7192c8c5cab520857244ab8ae09d185072713e84f370703f2d214aa2d2db691ed32840
SSDEEP

1536:+NnlW42eXOQZcGtKI5GJyCBymyxqBckmIf8pw+8ezpqfe2CpWqbPq2aXdXR4vhfP:+N81eXOQF5YynknmIf+XpD3SdXR2x/t

Score

N/A

Malware Config

Signatures

Files

d0d79ef9a31167731d97e0d316fbdb5a78dc92cc29da469ea23f7f6829caa85c
.exe windows x86

1bbd2f87041ce8eab3f063c6e09ab45f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiW
lstrcpyW
Sleep
VirtualAlloc
SetCalendarInfoA
BeginUpdateResourceA
IsBadWritePtr
GetThreadLocale
CreateEventA
GetExpandedNameA
FindResourceA
DeleteAtom
GetFullPathNameW
OpenMutexW
GetEnvironmentStringsW
OpenFile
GetLogicalDriveStringsW
EnumTimeFormatsA
ReadDirectoryChangesW
CreateNamedPipeA
lstrcmpi
GetWindowsDirectoryW
GetLocaleInfoA
GetFileType
GetStartupInfoA
SetCalendarInfoW
CreateFiber

user32

LoadBitmapA
GetMenuItemCount
AppendMenuW
EnumDesktopsW
GetMenuItemCount
GetClassInfoExW
IsDlgButtonChecked
CreatePopupMenu
DefDlgProcA
GetCursorPos
AdjustWindowRect
UnregisterClassA
GetDC
EndDialog
GetAsyncKeyState

gdi32

GetViewportExtEx
GetTextColor
CloseEnhMetaFile
GetMetaFileW
AnimatePalette
SetTextAlign
CreatePolyPolygonRgn
GetRegionData
Polyline
SetDIBits
SetROP2
PolyDraw

shell32

ExtractIconEx
SHGetDiskFreeSpaceExW
ExtractAssociatedIconExW
ExtractAssociatedIconA
SHCreateDirectoryExW

shlwapi

StrRetToStrA
SHRegOpenUSKeyW
SHDeleteEmptyKeyA
UrlUnescapeA
PathRemoveArgsA
StrRChrA
UrlIsA
PathRemoveArgsW
PathIsSystemFolderW
StrChrIW
SHSetValueA
SHRegSetPathW

ole32

CoDosDateTimeToFileTime
CoGetInstanceFromIStorage
CreateFileMoniker
CreateErrorInfo

winspool.drv

EnumPrinterKeyA
GetJobW
EnumFormsA

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.code_01
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.V1Y99t
Size: 1024B - Virtual size: 30KB

IMAGE_SCN_MEM_READ

.j92q
Size: 1KB - Virtual size: 12KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.d35
Size: 1KB - Virtual size: 10KB

IMAGE_SCN_MEM_READ

.87f0X
Size: 1KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.H
Size: 1024B - Virtual size: 18KB

IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.c1
Size: 1024B - Virtual size: 35KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1bbd2f87041ce8eab3f063c6e09ab45f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

shlwapi

ole32

winspool.drv

Sections

.text Size: 14KB - Virtual size: 14KB

.code_01 Size: 4KB - Virtual size: 8KB

.V1Y99t Size: 1024B - Virtual size: 30KB

.j92q Size: 1KB - Virtual size: 12KB

.d35 Size: 1KB - Virtual size: 10KB

.87f0X Size: 1KB - Virtual size: 11KB

.H Size: 1024B - Virtual size: 18KB

.rdata Size: 2KB - Virtual size: 2KB

.c1 Size: 1024B - Virtual size: 35KB

.rsrc Size: 77KB - Virtual size: 76KB

.text
Size: 14KB - Virtual size: 14KB

.code_01
Size: 4KB - Virtual size: 8KB

.V1Y99t
Size: 1024B - Virtual size: 30KB

.j92q
Size: 1KB - Virtual size: 12KB

.d35
Size: 1KB - Virtual size: 10KB

.87f0X
Size: 1KB - Virtual size: 11KB

.H
Size: 1024B - Virtual size: 18KB

.rdata
Size: 2KB - Virtual size: 2KB

.c1
Size: 1024B - Virtual size: 35KB

.rsrc
Size: 77KB - Virtual size: 76KB