2b400b040b634d9e5873567fc3431a7d5b8fac9382d7d856b95296f25fbdb663

Sharing

Copy URL Twitter E-mail

General

Target

2b400b040b634d9e5873567fc3431a7d5b8fac9382d7d856b95296f25fbdb663
Size

288KB
MD5

0e8f17789972500c60f468ef3a9d9140
SHA1

aece3ed95dbcc56f9793ee61c8e92559f1034dce
SHA256

2b400b040b634d9e5873567fc3431a7d5b8fac9382d7d856b95296f25fbdb663
SHA512

bcfe28e8f6130b790e1c40b4dd724f13db4fe3b60810e720243ccb62d312ac991fc8dd7eb03568d7f4780c719c8109d48fd79e1f844e086c569327f886301abc
SSDEEP

6144:QhGGbyGDabnm9lJPbIVnnY3DvKNRnoKsp:6GGbyG4XhYTCzoKsp

Score

N/A

Malware Config

Signatures

Files

2b400b040b634d9e5873567fc3431a7d5b8fac9382d7d856b95296f25fbdb663
.exe windows x86

5472c6b3697eb0d458d083989ed0e4aa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CreateDialogIndirectParamA
CharToOemBuffA
FindWindowExA
GetNextDlgTabItem
ActivateKeyboardLayout

ole32

CoIsOle1Class
OleLockRunning
StgOpenStorageOnILockBytes
OleCreateLinkFromData
OleLoadFromStream
OleCreate

oleaut32

SafeArrayPutElement

gdi32

LPtoDP
CloseMetaFile
PlayEnhMetaFile
SetBkColor

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

kernel32

GetUserGeoID
GetModuleHandleA
FindNextFileA
SetStdHandle
GetStartupInfoA
VirtualAlloc
GetSystemTimeAsFileTime
MapViewOfFile
GetThreadPriority
CreateEventW
LockFile
EnumResourceNamesW
DeleteTimerQueueEx
GetTimeFormatW
GetStringTypeA
SetFileAttributesW
lstrlenW
VirtualQueryEx
DeleteTimerQueueTimer
Process32NextW
GlobalSize
GetLocalTime
GetWindowsDirectoryW
SetProcessWorkingSetSize
GetLocaleInfoW
GlobalGetAtomNameW
VerSetConditionMask
GetCPInfo
_lopen
GetPrivateProfileIntA
MapViewOfFileEx
GlobalFindAtomA
UnmapViewOfFile
FindFirstFileA
GetUserDefaultLCID
PulseEvent
CreateMutexA
WriteConsoleA
GlobalLock
GetFileInformationByHandle
GetPrivateProfileStringA
DeviceIoControl
WritePrivateProfileStringW
ExitProcess
QueryDosDeviceW
InterlockedCompareExchange
HeapReAlloc

winspool.drv

OpenPrinterW

advapi32

ConvertStringSecurityDescriptorToSecurityDescriptorW
ChangeServiceConfig2W
CryptGenRandom
SetFileSecurityW
CopySid
RegQueryValueW
RegOpenKeyExA
RegEnumValueA
RegisterEventSourceW
InitializeSecurityDescriptor
RegOpenKeyExW
ReportEventW

msvcrt

strstr
_XcptFilter
_except_handler3
malloc
_expand
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
tolower
exit
_itoa
rand
setlocale
atof
_ltow
_cexit
time
atoi
_strnicmp
_msize
_wcsnicmp
wcstol
towupper
_controlfp
_exit
_fpreset
wcsstr
wcscmp
_purecall
wcspbrk
wcstod
iswspace
longjmp
_beginthreadex
realloc
towlower
_wsplitpath
_wcsdup
_acmdln

Sections

.text
Size: 192KB - Virtual size: 189KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

wqcma
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

moaim
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ysigm
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5472c6b3697eb0d458d083989ed0e4aa

Headers

File Characteristics

Imports

user32

ole32

oleaut32

gdi32

version

kernel32

winspool.drv

advapi32

msvcrt

Sections

.text Size: 192KB - Virtual size: 189KB

wqcma Size: 68KB - Virtual size: 65KB

moaim Size: 12KB - Virtual size: 11KB

ysigm Size: 12KB - Virtual size: 8KB

.text
Size: 192KB - Virtual size: 189KB

wqcma
Size: 68KB - Virtual size: 65KB

moaim
Size: 12KB - Virtual size: 11KB

ysigm
Size: 12KB - Virtual size: 8KB