a81211b191db7896ea1145620f08c8f36c90f07e5864827d3574ef89ff3b44e8

Sharing

Copy URL

Twitter E-mail

General

Target

a81211b191db7896ea1145620f08c8f36c90f07e5864827d3574ef89ff3b44e8
Size

267KB
MD5

12d0fcb3db01869d8062749351c8e2c3
SHA1

a4b7a33f14880d12c3287eec3194cf26379f358f
SHA256

a81211b191db7896ea1145620f08c8f36c90f07e5864827d3574ef89ff3b44e8
SHA512

28f744b6fcbe6975917fdc3d5fb0de33fa4092a4c6c4fe83494ab3d27786e5848d1d24feffdc72d30046c53b78a1cfd7161197d9758a0ac0ba1537b793d0525a
SSDEEP

6144:5lidcfBxePr0XH/ivEyCgezQTNKfb6zMouqk1k5:593ea/ACgezQTIfOzMoHk25

Score

N/A

Malware Config

Signatures

Files

a81211b191db7896ea1145620f08c8f36c90f07e5864827d3574ef89ff3b44e8
.exe windows x86

571397db8f1eb1687eeb3fefb8e3e09e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
GetLastError
GetTickCount
GetCurrentProcess
MultiByteToWideChar
GetSystemDirectoryW
GetVersionExA
GetProcessHeap
GetStartupInfoW
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
TlsAlloc
GetCurrentThreadId
HeapCreate
ExitProcess
GetModuleFileNameA
GetEnvironmentStringsW
GetStartupInfoA
QueryPerformanceCounter
GetCurrentProcessId
GetStringTypeA
GetStringTypeW
Sleep
GetLocaleInfoA
InitializeCriticalSection
LoadLibraryA
GetLocalTime
GetProcAddress

user32

GetSystemMetrics
wsprintfA
GetDlgItemTextW
SetActiveWindow
DestroyMenu
SendDlgItemMessageW
OpenClipboard
SetCursorPos
ShowCursor
InvalidateRect
EndMenu
CreateDesktopW
SetFocus
GetDCEx
SetWindowRgn
CheckMenuItem
CreateWindowExW
ShowWindow
SetWindowLongW
InvalidateRgn
SendMessageW

advapi32

RegSetValueExW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegDeleteKeyW
CloseServiceHandle
StartServiceW
OpenServiceW
OpenSCManagerW

usp10

ScriptGetProperties
ScriptGetGlyphABCWidth
ScriptGetFontProperties
ScriptTextOut
ScriptString_pLogAttr
UspAllocTemp

gdi32

CreateBitmapIndirect
RemoveFontResourceExA
CreateBrushIndirect
AddFontResourceW
CreateFontIndirectExA
CreateScalableFontResourceA
AddFontResourceA

printui

vQueueCreate
ConnectToPrinterDlg
bFolderEnumPrinters
UnregisterPrintNotify
bFolderRefresh

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 4KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 85KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.icode
Size: 4KB - Virtual size: 330KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 135KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 4KB - Virtual size: 458KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

571397db8f1eb1687eeb3fefb8e3e09e

Headers

File Characteristics

Imports

kernel32

user32

advapi32

usp10

gdi32

printui

Sections

.text Size: 14KB - Virtual size: 13KB

.edata Size: 4KB - Virtual size: 112KB

.rdata Size: 2KB - Virtual size: 35KB

.rdata Size: 4KB - Virtual size: 244KB

.edata Size: 85KB - Virtual size: 148KB

.icode Size: 4KB - Virtual size: 330KB

.data Size: 9KB - Virtual size: 69KB

.edata Size: 135KB - Virtual size: 180KB

.text Size: 4KB - Virtual size: 458KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 14KB - Virtual size: 13KB

.edata
Size: 4KB - Virtual size: 112KB

.rdata
Size: 2KB - Virtual size: 35KB

.rdata
Size: 4KB - Virtual size: 244KB

.edata
Size: 85KB - Virtual size: 148KB

.icode
Size: 4KB - Virtual size: 330KB

.data
Size: 9KB - Virtual size: 69KB

.edata
Size: 135KB - Virtual size: 180KB

.text
Size: 4KB - Virtual size: 458KB

.rsrc
Size: 3KB - Virtual size: 2KB