d02bb17135a4f6042914347a96686f46bf5488017169d841af895e743e354255

Sharing

Copy URL Twitter E-mail

General

Target

d02bb17135a4f6042914347a96686f46bf5488017169d841af895e743e354255
Size

119KB
MD5

ebf0b5fe1b697963dda5ab813313c355
SHA1

732872145fb33687437e5c4ceb5e8fca5a786ed3
SHA256

d02bb17135a4f6042914347a96686f46bf5488017169d841af895e743e354255
SHA512

918173a87b2911db8dced8bf9f1fc8c7cfd5822acc8306cb5f71bf30fbcff8065c49f573383bbc32b98fe7508158ee6cc84494300da704f0a35b0b9071703a15
SSDEEP

3072:BzLQWrn/FmqiIlsRePlB9+5gXjeSZiXvb:1/rn/fiIlsmj3XjT4X

Score

N/A

Malware Config

Signatures

Files

d02bb17135a4f6042914347a96686f46bf5488017169d841af895e743e354255
.exe windows x86

8f93179e23435ac318b78415cd0db440

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
GetFileAttributesA
CreateProcessA
GetExitCodeProcess
WriteConsoleW
GetProcessHeap
SetEndOfFile
SetFilePointer
ReadFile
HeapReAlloc
HeapSize
GetConsoleMode
GetConsoleCP
SetStdHandle
IsProcessorFeaturePresent
LCMapStringW
CreateFileA
MultiByteToWideChar
CloseHandle
HeapCreate
GetSystemTimeAsFileTime
GetCurrentProcessId
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
LoadLibraryW
GetStringTypeW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
DeleteCriticalSection
GetFileType
SetHandleCount
RtlUnwind
InitializeCriticalSectionAndSpinCount
GetModuleHandleA
OpenMutexA
GlobalFree
GetLastError
CreateDirectoryA
FlushFileBuffers
SetConsoleTitleA
CompareStringW
CreateFileW
Sleep
InterlockedDecrement
GetCommandLineA
GetTickCount
WaitForSingleObject
HeapFree
QueryPerformanceCounter
GetCurrentProcess
HeapAlloc
RaiseException
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LeaveCriticalSection
EnterCriticalSection
EncodePointer
GetModuleFileNameW
GetProcAddress
GetModuleHandleW
ExitProcess
DecodePointer
HeapSetInformation
GetStartupInfoW
WriteFile
GetStdHandle
SetEnvironmentVariableA

user32

MoveWindow
RegisterClassA
GetMenu
GetDlgItemTextA
FindWindowA
ClientToScreen
GetMessageA
SetTimer
TrackPopupMenu
IsZoomed
GetSubMenu
LoadMenuA
wsprintfA
GetClientRect
GetWindowTextLengthA
SendMessageA
PtInRect
EnableWindow
IsDialogMessageA
TranslateMessage
GetDC
SetWindowLongA
FlashWindowEx
MessageBoxA
GetWindowLongA
CreateWindowExA
GetDlgItem
DefWindowProcA
GetSysColor
GetCursorPos
CheckDlgButton
LoadAcceleratorsA
ShowWindow
GetMenuItemCount
DispatchMessageA
LoadImageA
CloseWindow

gdi32

GetEnhMetaFileW
LineTo
SetPixel
SelectObject
TextOutW
GetStockObject
MoveToEx

winspool.drv

ClosePrinter

advapi32

RegOpenKeyExW
OpenSCManagerA
GetTokenInformation
EnumServicesStatusA

shell32

SHGetFolderLocation
SHGetFileInfoA
SHGetFileInfoW

ws2_32

gethostname
WSAStartup

mpr

WNetGetUniversalNameA
WNetOpenEnumA
WNetEnumResourceA
WNetCloseEnum

Sections

.text
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8f93179e23435ac318b78415cd0db440

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ws2_32

mpr

Sections

.text Size: 66KB - Virtual size: 65KB

.rdata Size: 14KB - Virtual size: 13KB

.data Size: 32KB - Virtual size: 39KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 66KB - Virtual size: 65KB

.rdata
Size: 14KB - Virtual size: 13KB

.data
Size: 32KB - Virtual size: 39KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 6KB - Virtual size: 5KB