948e39227ab4fd430df2a36aca90ffeb3f8a20c31cb9fffd7943de2b58317916

Sharing

Copy URL

Twitter E-mail

General

Target

948e39227ab4fd430df2a36aca90ffeb3f8a20c31cb9fffd7943de2b58317916
Size

264KB
MD5

496b29a009c11b63fb5bce8a82785650
SHA1

507facaaa3529938f1409e7ed987231c2f6027cb
SHA256

948e39227ab4fd430df2a36aca90ffeb3f8a20c31cb9fffd7943de2b58317916
SHA512

d07132f6dae6b9b4253db1b8d8384e9c7d3fe931967e03d6f9bdde001e38fe3b9347c0a87b1525960ccb5a58c7d29fac0ebe9c4c358aa54366173e2019a18ffb
SSDEEP

6144:2mlhQcd2FOQFxEBMvoN4BGUiEUOp04LSEFEiuVEHhmh:7lhQi2FnD2ZN4BG9fc6iHu

Score

N/A

Malware Config

Signatures

Files

948e39227ab4fd430df2a36aca90ffeb3f8a20c31cb9fffd7943de2b58317916
.exe windows x86

d51f6c396633e485070568fd93b72a1a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathAddExtensionW
StrChrW
ColorAdjustLuma
PathSetDlgItemPathW
PathAppendW
PathCompactPathExW
StrRetToStrW
PathRemoveFileSpecW

kernel32

WideCharToMultiByte
OpenEventW
GlobalAlloc
UnhandledExceptionFilter
LocalFree
lstrcmpiW
TerminateThread
HeapSize
RaiseException
HeapFree
GetModuleHandleW
LeaveCriticalSection
GetDriveTypeW
HeapAlloc
EnterCriticalSection
ResumeThread
CreateThread
GetProcessHeap
CloseHandle
GlobalFree
WaitForSingleObject
HeapReAlloc
FreeLibrary
DeleteFileW
GetDateFormatW
FlushInstructionCache
GetACP
LockResource
lstrcmpW
lstrcpyW
GetTimeFormatW
IsDebuggerPresent
VirtualAlloc
GetSystemTimeAsFileTime
LoadLibraryExW
lstrcpynW
GetUserDefaultLCID
FindResourceExW
DeleteCriticalSection
VirtualFree
SetLastError
GetCurrentThreadId
FindClose
CreateWaitableTimerW
FindFirstFileW
GetUserDefaultLangID
GetThreadLocale
SetWaitableTimer
IsProcessorFeaturePresent
lstrlenA
CreateEventW
SetUnhandledExceptionFilter
SizeofResource
LocalAlloc
FatalAppExitW
FindNextFileW
HeapDestroy
ExpandEnvironmentStringsA
FormatMessageW
lstrlenW
GetNumberFormatW
GetCommandLineW
GlobalLock
WaitForMultipleObjects
GlobalUnlock
FindResourceW
LoadResource
MulDiv
GetModuleHandleA
VirtualAllocEx

msimg32

GradientFill
TransparentBlt
AlphaBlend

user32

BeginPaint
EmptyClipboard
SetMenuDefaultItem
GetDesktopWindow
AttachThreadInput
MapDialogRect
DispatchMessageW
CloseClipboard
GetActiveWindow
IsDialogMessageW
MapWindowPoints
SetFocus
PeekMessageW
DrawIconEx
MessageBoxW
GetTabbedTextExtentW
TranslateMessage
FlashWindow
SendInput
TabbedTextOutW
LoadCursorW
GetDC
AppendMenuW
OffsetRect
IsCharAlphaNumericW
GetWindowLongW
GetClassInfoExW
DefWindowProcW
SetParent
EndPaint
SystemParametersInfoW
SetWindowsHookExW
DrawTextW
ReleaseCapture
GetSysColor
DrawStateW
GetWindowTextW
UnhookWindowsHookEx
GetMessageW
ShowWindow
InvalidateRect
ReleaseDC
UpdateWindow
GetWindowTextLengthW
ScreenToClient
GetForegroundWindow
DialogBoxParamW
OpenClipboard
CallNextHookEx
GetWindowRect
MoveWindow
CallWindowProcW
SetCapture
IsWindowVisible
CopyRect
IsRectEmpty
CharNextW
CharUpperBuffW
GetClassNameW
ExitWindowsEx
GetWindowThreadProcessId
DestroyWindow
UnregisterClassA
PostMessageW
GetKeyState
GetClientRect
LoadBitmapW
SetRectEmpty
SetWindowPos
IsIconic
GetFocus
SendMessageW
GetCapture
GetParent
SetWindowTextW
IsWindow
SetWindowPlacement
GetClassInfoW
SetForegroundWindow
FindWindowExW
GetDlgCtrlID
IsWindowEnabled
GetSystemMenu
RegisterWindowMessageW
DrawFocusRect
RegisterClassExW
SetWindowLongW
PostThreadMessageW
KillTimer
LoadImageW
SetDlgItemTextW
RegisterClassW
RedrawWindow
GetWindow
GetNextDlgTabItem
GetWindowPlacement
GetCursorPos
PtInRect
CreateDialogParamW
InflateRect
EnableWindow
SetClipboardData
GetDlgItem
PostQuitMessage
EndDialog
GetGUIThreadInfo
GetTopWindow
CreateWindowExW
GetWindowDC
DestroyIcon
SetCursor
SetTimer
GetSystemMetrics

oleaut32

SafeArrayUnlock
SafeArrayGetVartype
VarBstrCmp
VariantInit
VariantCopyInd
SysAllocStringByteLen
LoadRegTypeLi
SafeArrayAccessData
GetErrorInfo
LoadTypeLi
DispCallFunc
SysAllocStringLen
SafeArrayGetLBound
SysAllocString
SystemTimeToVariantTime
SafeArrayLock
SysStringByteLen
SysStringLen
SafeArrayRedim
VariantTimeToSystemTime
SysFreeString
SafeArrayGetUBound
SafeArrayGetDim
SafeArrayCopy
SafeArrayUnaccessData
SafeArrayDestroy
SafeArrayCreate
VariantClear

advapi32

RegOpenKeyExA
OpenProcessToken
AdjustTokenPrivileges
RegQueryValueExW
RegQueryValueExA
RegCloseKey
LookupPrivilegeValueW
RegNotifyChangeKeyValue
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW

userenv

UnloadUserProfile

ole32

CreateStreamOnHGlobal
StringFromGUID2
CoCreateInstance
CoInitialize
CoUninitialize
CLSIDFromString
CLSIDFromProgID
CoRegisterClassObject
CoInitializeSecurity
CoResumeClassObjects
OleRun
CoRevokeClassObject

shell32

SHGetSpecialFolderLocation
ShellExecuteExW
SHGetMalloc
SHGetDesktopFolder

comctl32

ImageList_GetIcon
_TrackMouseEvent
ImageList_GetImageCount
ImageList_ReplaceIcon
ImageList_AddMasked
ImageList_Draw
ImageList_Destroy
ImageList_Create
InitCommonControlsEx

gdi32

SelectObject
GetStockObject
DeleteDC
GetTextExtentExPointW
CombineRgn
RoundRect
GetBkColor
GetTextExtentPoint32W
CreateFontIndirectW
PtInRegion
CreateRectRgn
CreateRectRgnIndirect
CreateCompatibleBitmap
SetViewportOrgEx
SetTextColor
ExtCreatePen
SelectClipRgn
Polygon
SetBkMode
DeleteObject
GetObjectW
SetBkColor
CreateCompatibleDC
SetROP2
SetTextAlign
ExtTextOutW
CreateSolidBrush
CreatePen
GetDeviceCaps
TextOutW
GetObjectType
GetClipRgn
BitBlt
GetTextMetricsW
CreateMetaFileA
GetEnhMetaFileA
CreateRoundRectRgn
CreateMetaFileW
GetEnhMetaFilePixelFormat

winspool.drv

OpenPrinterA
AddJobW
EnumPrintProcessorsW
SetPrinterDataExA
StartDocPrinterW
SetPrinterW
WritePrinter
SpoolerDevQueryPrintW
DevQueryPrintEx
ConvertUnicodeDevModeToAnsiDevmode
EXTDEVICEMODE
DeletePrinterKeyA
AddPrinterConnectionW
PrinterProperties
ConnectToPrinterDlg

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.aqNn
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.WiPbXQ
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.JzMj
Size: 512B - Virtual size: 199B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.JAllJT
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ePVz
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.XCEOm
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.WKhFVuY
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.WlIrG
Size: 105KB - Virtual size: 683KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 109KB - Virtual size: 682KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.YAoGP
Size: 1024B - Virtual size: 889B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dapcF
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hVdaY
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d51f6c396633e485070568fd93b72a1a

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

msimg32

user32

oleaut32

advapi32

userenv

ole32

shell32

comctl32

gdi32

winspool.drv

Sections

.text Size: 20KB - Virtual size: 19KB

.aqNn Size: 2KB - Virtual size: 1KB

.WiPbXQ Size: 1KB - Virtual size: 1KB

.JzMj Size: 512B - Virtual size: 199B

.JAllJT Size: 2KB - Virtual size: 2KB

.rdata Size: 8KB - Virtual size: 7KB

.ePVz Size: 2KB - Virtual size: 1KB

.XCEOm Size: 2KB - Virtual size: 1KB

.WKhFVuY Size: 3KB - Virtual size: 2KB

.WlIrG Size: 105KB - Virtual size: 683KB

.data Size: 109KB - Virtual size: 682KB

.YAoGP Size: 1024B - Virtual size: 889B

.rsrc Size: 2KB - Virtual size: 1KB

.dapcF Size: 2KB - Virtual size: 2KB

.hVdaY Size: 2KB - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 19KB

.aqNn
Size: 2KB - Virtual size: 1KB

.WiPbXQ
Size: 1KB - Virtual size: 1KB

.JzMj
Size: 512B - Virtual size: 199B

.JAllJT
Size: 2KB - Virtual size: 2KB

.rdata
Size: 8KB - Virtual size: 7KB

.ePVz
Size: 2KB - Virtual size: 1KB

.XCEOm
Size: 2KB - Virtual size: 1KB

.WKhFVuY
Size: 3KB - Virtual size: 2KB

.WlIrG
Size: 105KB - Virtual size: 683KB

.data
Size: 109KB - Virtual size: 682KB

.YAoGP
Size: 1024B - Virtual size: 889B

.rsrc
Size: 2KB - Virtual size: 1KB

.dapcF
Size: 2KB - Virtual size: 2KB

.hVdaY
Size: 2KB - Virtual size: 1KB