fa6ad7ad688cbffdc77c064b67cccf66a3aa4e1bea7183830ebbda4a24d589f0

Sharing

Copy URL

Twitter E-mail

General

Target

fa6ad7ad688cbffdc77c064b67cccf66a3aa4e1bea7183830ebbda4a24d589f0
Size

92KB
MD5

5e31df119c9c58dab6c36a705c8b4420
SHA1

104fb2a75d7c4e6bac81a140e596c5032eb1054b
SHA256

fa6ad7ad688cbffdc77c064b67cccf66a3aa4e1bea7183830ebbda4a24d589f0
SHA512

12ecc53925224123f6810bdb2948fdf9ba09289cc094b098e879c6d16e66d648e2afd9633d968e192c056395895b76348369b5578aa81db73306d5ef28e092bf
SSDEEP

1536:dCYcGuHpK+8EZ6z6bsRiZa0sh+DtdDE8fCLnSTLnSnLnSRZ:dJctHcmZclt0sh+BVZEnSvnSLnSR

Score

N/A

Malware Config

Signatures

Files

fa6ad7ad688cbffdc77c064b67cccf66a3aa4e1bea7183830ebbda4a24d589f0
.exe windows x86

0e62dad6cd95a46d43625d22af8b4b2d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

glu32

gluTessProperty
gluPwlCurve
gluErrorString
gluDisk
gluQuadricNormals
gluTessEndPolygon
gluCylinder
gluEndSurface
gluTessBeginPolygon
gluBuild1DMipmaps
gluGetTessProperty

user32

GetWindowTextA
DestroyWindow
GetNextDlgTabItem
AnyPopup
IsIconic
GetClipboardData
CreateWindowExA
LoadIconA
LoadCursorA
SetClipboardData

gdi32

CloseMetaFile
FillRgn
CreateCompatibleDC
DrawEscape
Ellipse
FrameRgn
ExtSelectClipRgn
Arc
CreateCompatibleBitmap
ExcludeClipRect
GetBkColor
CopyEnhMetaFileA

comctl32

UninitializeFlatSB
ord15
_TrackMouseEvent
CreateStatusWindowW
CreateToolbarEx
DestroyPropertySheetPage
FlatSB_SetScrollRange
ord2
FlatSB_GetScrollProp
ord17
ord5
InitializeFlatSB
CreatePropertySheetPageA

urlmon

CreateURLMoniker
RegisterMediaTypes
RegisterFormatEnumerator
RevokeFormatEnumerator
IsAsyncMoniker

shlwapi

StrIsIntlEqualA
PathIsUNCServerShareA
PathFindOnPathW
SHQueryValueExW
PathRemoveBackslashW
SHSetValueW
PathFindOnPathA
StrCSpnW
PathRemoveArgsW
SHRegOpenUSKeyA
SHRegWriteUSValueW
StrCatW

kernel32

GetStringTypeW
VirtualLock
GlobalUnlock
GetModuleHandleA
GetProcAddress
VirtualAlloc
GetStartupInfoA

winspool.drv

SetPrinterW
EnumJobsW
AddPrinterW
AbortPrinter
EnumPrintProcessorsA
GetPrinterA
AddPrinterDriverW
AddPrintProcessorW
ClosePrinter
DeletePrinterConnectionA
AddPrinterConnectionW
AddFormA

usp10

ScriptJustify
ScriptGetLogicalWidths
ScriptStringXtoCP
ScriptIsComplex
ScriptXtoCP
ScriptPlace
ScriptString_pLogAttr
ScriptLayout
ScriptItemize

msvcrt

fsetpos
ftell
_flushall
_fsopen
freopen
fwrite
fopen
fread
fprintf
free
fseek
_fullpath
fputc
fscanf
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e62dad6cd95a46d43625d22af8b4b2d

Headers

File Characteristics

Imports

glu32

user32

gdi32

comctl32

urlmon

shlwapi

kernel32

winspool.drv

usp10

msvcrt

Sections

.text Size: 9KB - Virtual size: 9KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 3KB - Virtual size: 7KB

.tls Size: 512B - Virtual size: 16B

.rsrc Size: 73KB - Virtual size: 72KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 9KB - Virtual size: 9KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 3KB - Virtual size: 7KB

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 73KB - Virtual size: 72KB

.reloc
Size: 1KB - Virtual size: 1KB