851348db65a8dc9799b4d183cb94afa61e37356b12e4c80d5c063476c480e2e7

Sharing

Copy URL

Twitter E-mail

General

Target

851348db65a8dc9799b4d183cb94afa61e37356b12e4c80d5c063476c480e2e7
Size

144KB
MD5

749d307c2cc6cdda4d520b5f7cca8697
SHA1

e1dbc08eea313082d01b365176a2d3731eb957a7
SHA256

851348db65a8dc9799b4d183cb94afa61e37356b12e4c80d5c063476c480e2e7
SHA512

5210322be354ad674163a403151a9693737b8388edca24dec64151ddf3e2791ed842cce94305c0ba851d04c78469d9a65c5617954bce133b715854c65997412b
SSDEEP

3072:0FAciRSd52S9weNKALD0c1URmv6lY3r/cFPvaa+CkzRZ+YQcAt7mB6oPTeb9L5X7:0CciQdPHRLoV+7

Score

N/A

Malware Config

Signatures

Files

851348db65a8dc9799b4d183cb94afa61e37356b12e4c80d5c063476c480e2e7
.exe windows x86

a926660a70748e9c16d4756c8d3c5a6a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
ExitProcess
GetStartupInfoA
GetCommandLineA
TerminateProcess
HeapReAlloc
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
GetStdHandle
UnhandledExceptionFilter
VirtualQuery
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapFree
HeapAlloc
GetOEMCP
GetCPInfo
SetErrorMode
GetCurrentProcess
FlushFileBuffers
SetFilePointer
ReadFile
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GlobalFlags
InterlockedDecrement
InterlockedIncrement
lstrcatA
WritePrivateProfileStringA
GlobalAddAtomA
SetLastError
GlobalFree
GlobalUnlock
FormatMessageA
lstrcpynA
LocalFree
GetCurrentThread
GetCurrentThreadId
GlobalLock
GlobalAlloc
FreeLibrary
GlobalDeleteAtom
lstrcmpA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
LoadLibraryA
GetSystemDirectoryA
Sleep
CreateProcessA
CreateFileA
WriteFile
CloseHandle
lstrlenA
lstrcmpiA
GetVersion
FindResourceA
LoadResource
LockResource
SizeofResource
GetLastError
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
FreeEnvironmentStringsA
InterlockedExchange

user32

DestroyMenu
RegisterWindowMessageA
WinHelpA
CreateWindowExA
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
LoadIconA
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
IsIconic
CopyRect
SetWindowPos
ShowWindow
SetWindowLongA
GetDlgItem
GetSystemMetrics
GetSysColorBrush
UnregisterClassA
GetSysColor
ReleaseDC
GetDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
UnhookWindowsHookEx
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetWindowTextA
SetWindowTextA
GetClassNameA
LoadCursorA
GetCapture
ClientToScreen
SetMenuItemBitmaps
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
MessageBoxA
GetWindowPlacement
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
SetCursor
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
PostQuitMessage
PostMessageA
FindWindowA
SendMessageA
wsprintfA

gdi32

ExtTextOutA
TextOutA
RectVisible
PtVisible
GetStockObject
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
GetDeviceCaps
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
DeleteObject
CreateBitmap
Escape

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegDeleteKeyA
RegCloseKey
RegQueryValueA
RegEnumKeyA
RegOpenKeyA

comctl32

ord17

shlwapi

PathFindFileNameA
PathFindExtensionA

oleaut32

VariantClear
VariantChangeType
VariantInit

wininet

InternetOpenA
InternetOpenUrlA
InternetCloseHandle
InternetQueryDataAvailable
InternetReadFile

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a926660a70748e9c16d4756c8d3c5a6a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

shlwapi

oleaut32

wininet

Sections

.text Size: 88KB - Virtual size: 87KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 8KB - Virtual size: 20KB

.rsrc Size: 20KB - Virtual size: 17KB

.text
Size: 88KB - Virtual size: 87KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 8KB - Virtual size: 20KB

.rsrc
Size: 20KB - Virtual size: 17KB