98552e47fc252a08ec47a4d9563b26b0ceb130468bd587b74a4a48fe84736929

Sharing

Copy URL Twitter E-mail

General

Target

98552e47fc252a08ec47a4d9563b26b0ceb130468bd587b74a4a48fe84736929
Size

452KB
MD5

b5abe8398f06546107b765efe89cba68
SHA1

437cbf15e1695f9335ee5877b3daa7b7043d6774
SHA256

98552e47fc252a08ec47a4d9563b26b0ceb130468bd587b74a4a48fe84736929
SHA512

db6415ccb3f771c54a0eda9851d027eaaf1143090cd9b9bf63b3edcf05615296f8fb0a44ec4c73bf52b361b185189560c31264b0c8b6c8af8a74826f6a76ad37
SSDEEP

6144:KOQ1P3z/VC+DbW3AjNlPJJnWhWxNuIl+m9ViC7I/EQTdRz/i/Vdc+MZJlokxFFll:1ItDbWQjjLx1lliC7IvbL4d8DPz

Score

N/A

Malware Config

Signatures

Files

98552e47fc252a08ec47a4d9563b26b0ceb130468bd587b74a4a48fe84736929
.exe windows x86

6c3128e1d926e822e0561c3ea51c1411

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterClassW
GetAsyncKeyState
GetDCEx
SetTimer
CallNextHookEx
GetWindowThreadProcessId
LoadBitmapW
IsDialogMessageW
GetClientRect
DestroyCursor
WindowFromPoint
IntersectRect
InsertMenuItemW
GetMessageW
DispatchMessageW
LoadIconW
SetWindowRgn
ClientToScreen
LoadStringW
AppendMenuW
CallWindowProcW
RemoveMenu
ShowWindow
GetCursorPos
MessageBeep
GetCapture
SetCapture
DestroyWindow
GetTopWindow
RegisterClipboardFormatW
DrawTextExW
DefWindowProcW
TranslateMessage
CreateWindowExW
UnregisterClassA
CreateAcceleratorTableW
SetWindowLongW
MessageBoxW
SetWindowsHookExW
SetClipboardData
LoadCursorW
CheckMenuItem
GetMessagePos
RegisterClassExW
CopyIcon

version

GetFileVersionInfoA
GetFileVersionInfoSizeA

oleaut32

LoadTypeLi

comctl32

ImageList_DragLeave
ImageList_GetImageInfo
ImageList_LoadImageA
ImageList_GetIconSize

comdlg32

ChooseColorA
GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError
GetFileTitleA
PageSetupDlgA
PrintDlgA

wsock32

WSACleanup

gdi32

GetRegionData
LineTo
CreateCompatibleDC
ResizePalette
PatBlt
EqualRgn
SetMapMode
FillRgn
DeleteDC
CreateBitmap
Arc
GetTextExtentPoint32W
CreateCompatibleBitmap
SelectObject
GetClipRgn
CreatePatternBrush
CreatePolygonRgn
StrokePath
GetBkColor
PtVisible
GetTextFaceA
RectInRegion
Rectangle
CreateHatchBrush
Chord
CreateSolidBrush
BitBlt
SetPixel
RealizePalette
GetStockObject
SetTextAlign
GetMapMode
RectVisible
GetPaletteEntries
GetClipBox
SetBkColor
SetGraphicsMode
TextOutA
SetTextColor
CreatePalette
Polygon
DeleteObject
GetCurrentPositionEx
GetDeviceCaps
SetWindowOrgEx
CreateEllipticRgn
GetTextColor
ScaleWindowExtEx
CreateFontIndirectW
GetObjectA
CreateRectRgn
LPtoDP
SetWindowExtEx
CreateRectRgnIndirect
PtInRegion
CreatePen
CreateFontIndirectA
GetTextMetricsW
GdiFlush
SelectPalette
RestoreDC
StretchDIBits
PolyBezierTo
SetViewportOrgEx
MoveToEx
FillPath
SetViewportExtEx
SaveDC
StretchBlt
GetPixel
GetCharABCWidthsA
GetTextExtentPointA
RoundRect
ScaleViewportExtEx
GetObjectW

shell32

ShellExecuteW
SHGetFolderPathW
SHGetPathFromIDListW

kernel32

HeapDestroy
CompareStringA
InterlockedIncrement
CreateMutexW
InitializeCriticalSection
GetStdHandle
GetCommandLineA
SetFilePointer
GetSystemTimeAsFileTime
GetCurrentProcessId
ExitProcess
GetFileType
UnhandledExceptionFilter
ReadFile
LoadLibraryA
GetStringTypeA
GetStartupInfoA
LCMapStringW
GetEnvironmentStringsW
LCMapStringA
GetModuleHandleW
SetUnhandledExceptionFilter
VirtualAlloc
GetCommandLineW
IsBadCodePtr
QueryPerformanceCounter
GetModuleFileNameA
GetTimeZoneInformation
CloseHandle
SetEnvironmentVariableA
TlsSetValue
GetModuleHandleA
MultiByteToWideChar
GetStartupInfoW
GetVersion
TerminateProcess
GetTickCount
GetStringTypeW
FreeEnvironmentStringsW
LoadLibraryW
GetCurrentThreadId
EnterCriticalSection
TlsGetValue
HeapCreate
TlsAlloc
RtlUnwind
GetModuleFileNameW
WideCharToMultiByte
HeapFree
LeaveCriticalSection
FlushFileBuffers
GetProcAddress
GetLastError
GetEnvironmentStrings
DeleteCriticalSection
SetLastError
GetLocalTime
CompareStringW
GetCurrentProcess
VirtualQuery
WriteFile
HeapAlloc
GetCPInfo
SetHandleCount
FreeEnvironmentStringsA
GetSystemTime
RaiseException
VirtualFree
InterlockedExchange
SetStdHandle
InterlockedDecrement
HeapReAlloc

winspool.drv

ord204
ClosePrinter
OpenPrinterA
GetJobA

advapi32

RegSetValueExA
RegCloseKey
RegDeleteValueA

Sections

.text
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c3128e1d926e822e0561c3ea51c1411

Headers

File Characteristics

Imports

user32

version

oleaut32

comctl32

comdlg32

wsock32

gdi32

shell32

kernel32

winspool.drv

advapi32

Sections

.text Size: 80KB - Virtual size: 78KB

.rdata Size: 252KB - Virtual size: 251KB

.data Size: 80KB - Virtual size: 106KB

.rsrc Size: 36KB - Virtual size: 32KB

.text
Size: 80KB - Virtual size: 78KB

.rdata
Size: 252KB - Virtual size: 251KB

.data
Size: 80KB - Virtual size: 106KB

.rsrc
Size: 36KB - Virtual size: 32KB