ad06c64c7f08a57c632718769563664483a5a22675a971cc90c7728568d136f4

Sharing

Copy URL Twitter E-mail

General

Target

ad06c64c7f08a57c632718769563664483a5a22675a971cc90c7728568d136f4
Size

108KB
MD5

440d04b8ca49c6ade0f055d1573556e8
SHA1

7e62e7e62c0b8302ea90ffdcb2114ee3fe6ef1b2
SHA256

ad06c64c7f08a57c632718769563664483a5a22675a971cc90c7728568d136f4
SHA512

7938428da4ede5086ddd088c4ea2134b056cca98bdb50ea643b393feb332a98656b84be9f99fd1c0025adbfde58963857033dc707f795b9f5b38a418e438c49a
SSDEEP

3072:myxKwASHBnGuAkeMGn+fStq5IfKyux7q:myxDpepn+iq5IfN

Score

N/A

Malware Config

Signatures

Files

ad06c64c7f08a57c632718769563664483a5a22675a971cc90c7728568d136f4
.dll windows x86

0539348ba3951526ce1169dc433f7719

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetVersion
GetHandleInformation
IsValidLocale
FindCloseChangeNotification
GetModuleHandleA
GetNamedPipeHandleStateW
GetLocalTime
OutputDebugStringW
LoadLibraryA
GetPrivateProfileIntA
GetProcAddress
RaiseException
GetConsoleTitleA
CloseConsoleHandle
FreeLibrary
GetSystemTime

user32

DdeAbandonTransaction
InsertMenuItemW
IsWindowEnabled
GetKeyboardState
NotifyWinEvent
ChildWindowFromPoint
SystemParametersInfoW
GetThreadDesktop
CharLowerW
ScrollWindowEx
EndDeferWindowPos
GetWindowModuleFileNameW
FindWindowA
GetScrollInfo
InSendMessageEx
EnumPropsW
DeleteMenu
FrameRect
GetDC
MapVirtualKeyA
DdeEnableCallback
GetNextDlgGroupItem
MessageBoxW
IMPGetIMEA
GetMessageW
DdeKeepStringHandle
LoadMenuA
GetDlgCtrlID
IMPGetIMEW
GetMonitorInfoA
RegisterClipboardFormatW
CreateWindowStationW
DdeGetData
GetTabbedTextExtentA
MoveWindow
SetMenuItemInfoW
CloseWindow
SetParent
CopyImage
ChangeDisplaySettingsW
RealGetWindowClassW
GetWindowModuleFileNameA
MonitorFromRect
CopyIcon
ShowOwnedPopups
SetKeyboardState
SetWindowContextHelpId
DrawCaption
IsRectEmpty
SetProcessDefaultLayout
CharPrevW
SetScrollInfo
GetNextDlgTabItem
GrayStringW
EnumDisplaySettingsExW
SetCaretBlinkTime
BroadcastSystemMessageW
UnhookWindowsHook
CreateMenu
SendInput
CharNextA
SendMessageCallbackW
GetMessageTime
GetClipboardViewer
EnumDisplaySettingsW
LockWorkStation
SetUserObjectSecurity
IMPQueryIMEW
OemToCharBuffW
SetDlgItemInt
CreateMDIWindowA
DdeNameService
DragObject
LoadAcceleratorsW
CreateDialogParamW
IsCharLowerW
OemToCharW
UnregisterHotKey
EnumDesktopsW
SetWindowRgn
GetLastActivePopup
CreateCursor
DrawFrame
SwitchDesktop
MapVirtualKeyExW
SetDoubleClickTime
FlashWindow
FreeDDElParam
GetCaretPos
UnhookWindowsHookEx
DragDetect
DestroyMenu
PtInRect
GrayStringA
DlgDirListComboBoxA
GetIconInfo
CallNextHookEx
GetPriorityClipboardFormat
CallMsgFilterW
GetCursorPos

shell32

SHEmptyRecycleBinA
ExtractAssociatedIconW
DoEnvironmentSubstW
SHInvokePrinterCommandA
SHGetMalloc
DragQueryFileAorW
SheChangeDirA
InternalExtractIconListW
SHGetSpecialFolderPathA
StrCmpNW
DragAcceptFiles
Shell_NotifyIconW
ExtractAssociatedIconExA
StrStrA
SHGetPathFromIDListA
StrRStrIA
SheChangeDirExW
SHQueryRecycleBinW
SHFreeNameMappings
StrChrIW
SHGetPathFromIDListW
StrChrA
ExtractIconW
SHBrowseForFolderA
FindExecutableW
SHAppBarMessage
SHLoadInProc
StrChrW
ShellHookProc
InternalExtractIconListA
SHGetSpecialFolderPathW
StrChrIA
ExtractIconA
SHChangeNotify
StrStrW
CheckEscapesW
StrNCmpIW
SHFileOperationA
SHGetDiskFreeSpaceA
ExtractIconExW
StrNCmpW

winspool.drv

AddPortExA
ScheduleJob
EnumPrinterDriversA
AddMonitorA
DevicePropertySheets
DeleteFormW
ord214
GetPrinterDriverA
DeviceMode
DocumentPropertiesW
SetPrinterDataW
EnumFormsW
ExtDeviceMode
DocumentPropertiesA
GetPrinterW
DeleteMonitorA
ord202
GetPrinterDataExA
StartDocPrinterW
SetPrinterA
AddFormW
DEVICEMODE
OpenPrinterA
DeletePrinterDriverW
AddJobA
DeleteFormA
AdvancedDocumentPropertiesW
AddPortExW
AddJobW
DeletePortW
DeletePrintProvidorA
AddPrinterW
DeletePrinterKeyA
EnumPrinterDriversW
DeviceCapabilitiesW
EnumPrinterDataExA
DocumentEvent
WritePrinter
AddPrinterA
DeletePrinter
EnumPrintProcessorDatatypesW
EnumPrinterDataW

msvcrt

_mbsnbcoll
qsort
is_wctype
fwprintf
__RTtypeid
_fgetwchar
_loaddll
_set_sbh_threshold
ferror
_timezone
fsetpos
fread
_unlink
fputc
fprintf
ftell
_mbctokata
_wtoi64
_adj_fprem
wcsftime
_ltow
feof
printf
sprintf
fputs
fseek
memset
_mbsnextc
fwrite
fopen
fclose

Exports

Exports

Bgnffyqkmi
Ggwljd
Oume
Qxgtxqfq
Rltvwbs
Sslmyeeqqm
Uggzhgg
Urlqlosko

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0539348ba3951526ce1169dc433f7719

Headers

File Characteristics

Imports

kernel32

user32

shell32

winspool.drv

msvcrt

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 34KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 52KB - Virtual size: 51KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 36KB - Virtual size: 34KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 52KB - Virtual size: 51KB

.reloc
Size: 8KB - Virtual size: 5KB