99109bbc70be2f9aa370c9dc016cf9fede9ebdb1682e36bb6798f2010e303e34

Sharing

Copy URL Twitter E-mail

General

Target

99109bbc70be2f9aa370c9dc016cf9fede9ebdb1682e36bb6798f2010e303e34
Size

328KB
MD5

336ab6dfeedbc4f560252b767bf74e10
SHA1

7d3c27f89de9ea346190e8bbac409fadb5657251
SHA256

99109bbc70be2f9aa370c9dc016cf9fede9ebdb1682e36bb6798f2010e303e34
SHA512

e7b603c9d028fea37053ee6972facfe1755d1937a0b6c1a06071130fc1ee0f36ce2ad7d207e4536f9a7e4747dab5732df2e12a65216e220d7d75765c9831ca46
SSDEEP

6144:IsUsMmej9WaSEX4RV4aEaiq74rgb6b6Dd8XNz:zwfRoEoMtaDYgA6Dkz

Score

N/A

Malware Config

Signatures

Files

99109bbc70be2f9aa370c9dc016cf9fede9ebdb1682e36bb6798f2010e303e34
.exe windows x86

04cecd1056a708ee1f2f41c68be8322c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

kernel32

GetStdHandle
GetLastError
GetConsoleScreenBufferInfo
LockResource
CloseHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
LoadResource
ReadFile
GetProcessHeap
SetEndOfFile
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
LoadLibraryW
GetFileAttributesW
GetTimeFormatW
HeapCreate
SizeofResource
IsBadReadPtr
GetComputerNameW
SetConsoleScreenBufferSize
GetLogicalDriveStringsW
GetCurrentProcess
LCMapStringW
HeapAlloc
HeapReAlloc
FindResourceW
AllocConsole
GetStringTypeW
FindResourceA
SetFilePointer
MultiByteToWideChar
WriteConsoleW
CreateFileW
HeapSize
InterlockedIncrement
InterlockedDecrement
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapFree
GetSystemTimeAsFileTime
SetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RaiseException
EncodePointer
DecodePointer
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
IsProcessorFeaturePresent
SetHandleCount
GetProcAddress
GetModuleHandleW
ExitProcess
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId

user32

MoveWindow
LoadCursorA
FindWindowA
IsWindowVisible
IsWindow
GetWindowRect
FillRect
DrawTextW
EnumWindowStationsA
GetDC
GetAncestor
ReleaseDC
SetWindowPos

gdi32

DeleteDC
Polygon
SetDCBrushColor
SetPixel
SetBkMode
SelectObject
SetDCPenColor
Polyline
GetStockObject
SetTextColor

winspool.drv

ClosePrinter

ole32

CoTaskMemFree
CoCreateInstance

ws2_32

WSACleanup

Sections

.text
Size: 239KB - Virtual size: 238KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

04cecd1056a708ee1f2f41c68be8322c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

ole32

ws2_32

Sections

.text Size: 239KB - Virtual size: 238KB

.rdata Size: 70KB - Virtual size: 69KB

.data Size: 5KB - Virtual size: 18KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 239KB - Virtual size: 238KB

.rdata
Size: 70KB - Virtual size: 69KB

.data
Size: 5KB - Virtual size: 18KB

.rsrc
Size: 13KB - Virtual size: 12KB