b38ad2b8b40ea0bdf14348cd8b8d6fa25d14cb0bb4d48767d9e0cebc6f6ad945

Sharing

Copy URL Twitter E-mail

General

Target

b38ad2b8b40ea0bdf14348cd8b8d6fa25d14cb0bb4d48767d9e0cebc6f6ad945
Size

908KB
MD5

fafa082779472534148fa4cdc4f256b7
SHA1

92ae941e8137c17661cf83141b69c479035a5fb8
SHA256

b38ad2b8b40ea0bdf14348cd8b8d6fa25d14cb0bb4d48767d9e0cebc6f6ad945
SHA512

258c3ef28abd17e142c57deb800d1bffb22021b4a90ef26f32dc7b9678aea1b8db4e448fcb2a5671d446e17c63607e382d6105965c49555db6ae76220f82df07
SSDEEP

12288:LwuF6MnyDlmIfcP2lpJs5U5x+IuDNxHYQWzq51d:LfyDlx5Hhxz0d

Score

N/A

Malware Config

Signatures

Files

b38ad2b8b40ea0bdf14348cd8b8d6fa25d14cb0bb4d48767d9e0cebc6f6ad945
.exe windows x86

d22618f7300b02e1b3ce98a20be822ff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend

kernel32

GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
FreeEnvironmentStringsW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
FreeEnvironmentStringsA
GetProfileStringA
UnhandledExceptionFilter
GetACP
GetTimeZoneInformation
HeapReAlloc
HeapSize
TerminateProcess
HeapFree
HeapAlloc
RaiseException
ExitProcess
GetCommandLineA
GetStartupInfoA
RtlUnwind
SizeofResource
GetTickCount
SetErrorMode
GetCurrentDirectoryA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileTime
GetFileSize
GetFileAttributesA
GetStringTypeExA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GetLastError
WritePrivateProfileStringA
GetPrivateProfileIntA
CloseHandle
lstrcmpA
GetCurrentThread
GetThreadLocale
MulDiv
FormatMessageA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
SetLastError
FindResourceA
LoadResource
LockResource
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetModuleFileNameA
lstrlenA
lstrcpynA
lstrcatA
GetModuleHandleA
GetPrivateProfileStringA
LoadLibraryA
GetProcAddress
FreeLibrary
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalReAlloc
GlobalFree

user32

PostThreadMessageA
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
IsWindowEnabled
MoveWindow
SetWindowTextA
IsDialogMessageA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
WaitMessage
SendDlgItemMessageA
MapWindowPoints
GetSysColor
PeekMessageA
DispatchMessageA
GetFocus
SetActiveWindow
IsWindow
SetFocus
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetClientRect
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
IsWindowVisible
ScrollWindow
SetScrollInfo
ShowScrollBar
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetParent
GetCapture
WinHelpA
RegisterClipboardFormatA
GetClassInfoA
RegisterClassA
GetMenu
InflateRect
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
GetWindowLongA
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
IsIconic
MessageBoxA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DestroyMenu
DefDlgProcA
IsWindowUnicode
PostMessageA
MessageBeep
GetWindowPlacement
GetSystemMetrics
UpdateWindow
DefWindowProcA
DestroyWindow
CreateWindowExA
ShowWindow
SystemParametersInfoA
LoadIconA
KillTimer
SetTimer
GetWindowRect
LoadCursorA
EndDialog
CreateDialogIndirectParamA
GetNextDlgGroupItem
wsprintfA
DeleteMenu
SetCursor
InvalidateRect
SendMessageA
EnableWindow
SetRect
SetWindowRgn
LoadImageA
SetCapture
ReleaseCapture
GetDC
ReleaseDC
CopyAcceleratorTableA
FindWindowA
LoadStringA
CharUpperA
GetSysColorBrush
PtInRect
GetClassNameA
MapDialogRect
SetWindowContextHelpId
GetMessageA
TranslateMessage
ValidateRect
GetCursorPos
ShowOwnedPopups
PostQuitMessage
CharNextA
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
SetMenu
LoadMenuA
GetMenuState
GetActiveWindow
GetDesktopWindow
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
GetMenuStringA
InsertMenuA
GetMenuCheckMarkDimensions
GetMenuItemCount
LoadBitmapA

gdi32

SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreatePatternBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateBitmap
GetTextColor
GetBkColor
LPtoDP
DPtoLP
GetMapMode
SetBkMode
GetStockObject
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
PatBlt
CreateDIBSection
SelectObject
ExtCreateRegion
CombineRgn
DeleteObject
DeleteDC
GetObjectA
Pie
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
CreateFontIndirectA
CreateSolidBrush
CreateDIBitmap
GetTextExtentPointA
CreatePen

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCloseKey

shell32

DragQueryFileA
DragFinish

comctl32

_TrackMouseEvent
ord17

oledlg

ord8

ole32

StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemAlloc
CoTaskMemFree
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard

olepro32

ord253

oleaut32

VariantClear
SysFreeString
SysAllocStringLen
VariantCopy
SysAllocString
SysAllocStringByteLen
VariantChangeType
SysStringLen
VariantTimeToSystemTime

wsock32

closesocket
WSACleanup
WSAStartup
WSASetLastError
WSAGetLastError
connect
sendto
recvfrom
socket
inet_ntoa
WSAAsyncSelect
send
gethostbyname
recv
htonl
htons
bind
ioctlsocket
accept

Sections

.text
Size: 192KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 652KB - Virtual size: 652KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d22618f7300b02e1b3ce98a20be822ff

Headers

File Characteristics

Imports

msimg32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wsock32

Sections

.text Size: 192KB - Virtual size: 188KB

.rdata Size: 48KB - Virtual size: 47KB

.data Size: 12KB - Virtual size: 25KB

.rsrc Size: 652KB - Virtual size: 652KB

.text
Size: 192KB - Virtual size: 188KB

.rdata
Size: 48KB - Virtual size: 47KB

.data
Size: 12KB - Virtual size: 25KB

.rsrc
Size: 652KB - Virtual size: 652KB