c217fd98af3840ac76ff13e8307c78a08f14ff3cc113ea42363b900f329f067b

Sharing

Copy URL Twitter E-mail

General

Target

c217fd98af3840ac76ff13e8307c78a08f14ff3cc113ea42363b900f329f067b
Size

176KB
MD5

e2390940b9aef9e9c96f0e88517f9fb8
SHA1

8e2becb3b6cc84ea914441d949f83b6ad90e25cf
SHA256

c217fd98af3840ac76ff13e8307c78a08f14ff3cc113ea42363b900f329f067b
SHA512

3336f2e130fe25a144556ccd10b91b9217784d0671ffc69bc4776e07fc5702c63e43702ec42a874f0977e95fbb792c279784b24947d5b0f999308a0780f47763
SSDEEP

3072:pZdS3iXHFR4vvjV7/7EB+240eQYyOMDTbHEeVkyyxpJa5UlBNrr3zmzVZ5O:pZo3iXHFRejFEjmPFM7yxza5UlBNLmzJ

Score

N/A

Malware Config

Signatures

Files

c217fd98af3840ac76ff13e8307c78a08f14ff3cc113ea42363b900f329f067b
.exe windows x86

6f6fa555eac8390569bd1148cc22382f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
LoadLibraryW
MultiByteToWideChar
Sleep
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
LeaveCriticalSection
EnterCriticalSection
GetConsoleMode
GetConsoleCP
SetFilePointer
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
HeapSize
FreeEnvironmentStringsW
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetModuleFileNameW
GetStdHandle
WriteFile
ExitProcess
SetStdHandle
WriteConsoleW
LCMapStringW
GetStringTypeW
HeapReAlloc
CreateFileW
FlushFileBuffers
GetModuleHandleW
HeapCreate
CloseHandle
GetModuleFileNameA
LoadLibraryA
GlobalFree
GetProcAddress
GetLastError
HeapAlloc
GetTickCount
IsProcessorFeaturePresent
EncodePointer
DecodePointer
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RaiseException
GetStartupInfoW
HeapSetInformation
GetCurrentProcess
WideCharToMultiByte
GetCommandLineA
HeapFree

user32

GetMenu
MoveWindow
GetWindow
DestroyWindow
GetMessageA
SetActiveWindow
LoadMenuIndirectA
RegisterClassExA
PostQuitMessage
IsIconic
SetCapture
KillTimer
IsZoomed
GetFocus
LoadMenuA
LoadIconA
GetClientRect
EnumWindows
PtInRect
TranslateMessage
ChildWindowFromPoint
MessageBoxA
InvalidateRect
UnregisterClassA
GetWindowLongA
CreateWindowExA
ReleaseDC
DefWindowProcA
RedrawWindow
LoadAcceleratorsA
ShowWindow
CreatePopupMenu
DispatchMessageA
GetSystemMetrics
CloseWindow
UpdateWindow
DestroyMenu
LoadCursorA
DialogBoxParamA

gdi32

DeleteDC
CreateFontIndirectA
SetPixel
DeleteObject
SelectObject
GetStockObject

winspool.drv

EndPagePrinter
ClosePrinter

comdlg32

PrintDlgA

advapi32

RegOpenKeyExW
CheckTokenMembership
FreeSid
RegDeleteValueW

shell32

Shell_NotifyIconA

oleaut32

GetErrorInfo

ws2_32

WSAStartup

mpr

WNetCloseEnum
WNetGetUniversalNameA
WNetEnumResourceA

iphlpapi

GetIpAddrTable

shlwapi

StrStrA

Sections

.data
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 126KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f6fa555eac8390569bd1148cc22382f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

oleaut32

ws2_32

mpr

iphlpapi

shlwapi

Sections

.data Size: 34KB - Virtual size: 33KB

.rdata Size: 13KB - Virtual size: 13KB

.text Size: 126KB - Virtual size: 133KB

.rsrc Size: 1KB - Virtual size: 1KB

.data
Size: 34KB - Virtual size: 33KB

.rdata
Size: 13KB - Virtual size: 13KB

.text
Size: 126KB - Virtual size: 133KB

.rsrc
Size: 1KB - Virtual size: 1KB