c56c91d8e0ae23453b243476759e6bb9a18de167bea1d22b883020acd94e5c99

Sharing

Copy URL Twitter E-mail

General

Target

c56c91d8e0ae23453b243476759e6bb9a18de167bea1d22b883020acd94e5c99
Size

170KB
MD5

bbe5a6883c7a600f8ca42f5c16e34a2c
SHA1

1b0bc60eca2ad76aa6db6d9238c4c100ec6d7a0a
SHA256

c56c91d8e0ae23453b243476759e6bb9a18de167bea1d22b883020acd94e5c99
SHA512

bc42fe61c6ac48c382994d37dc192233a3ff022fe77b8da9227e864f57a7b07af450b7d267d67a6680255bef92a98b0cc084f808ca85d1a2c3d44c05f1138f36
SSDEEP

3072:cNsTYMg7B9vIXjrd+q8AitP2L91qEkQla+JtpETK3xJHzSo6OGReSFLnm9zqTIZN:cNgBg7cnd+qDCP2COvBETUb6nFzmBQbi

Score

N/A

Malware Config

Signatures

Files

c56c91d8e0ae23453b243476759e6bb9a18de167bea1d22b883020acd94e5c99
.exe windows x86

ebb7d92c13836becc3c6f3a402acba4a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

winspool.drv

ClosePrinter

winmm

timeKillEvent
waveOutWrite
waveOutUnprepareHeader
waveOutPause
waveOutReset
waveOutClose
waveOutOpen
waveOutPrepareHeader
timeSetEvent

user32

IsWindow
PostQuitMessage
SendDlgItemMessageA
ReleaseDC
GetSystemMetrics
EndPaint
GetSubMenu
SetWindowRgn
GetMenuState
GetDlgCtrlID
EndDialog
IsIconic
TranslateMessage
UpdateWindow
GetWindowRect
CopyRect
DestroyMenu
GetSysColorBrush
GetMessageTime
EnableMenuItem
GetDesktopWindow
GetMenuItemID
GetDlgItem
SetWindowPos
ValidateRect
GetFocus
GetWindowPlacement
GetCapture
EnumWindowStationsA
GetMenuItemCount
ClientToScreen
MapWindowPoints
GetLastActivePopup
SetActiveWindow
SetCursor
GetMenu
GetClientRect
IsWindowVisible
GetActiveWindow
CheckMenuItem
IsWindowEnabled
GetMessagePos
SetForegroundWindow
SetFocus
ShowWindow
GetDC
DestroyWindow
PtInRect
SetMenuItemBitmaps
GetForegroundWindow
GetWindow
MoveWindow
BeginPaint
GetNextDlgTabItem
CallNextHookEx
GetParent
GetTopWindow
MapDialogRect
SystemParametersInfoA
GetCursorPos
ScreenToClient
UnhookWindowsHookEx
GetMenuCheckMarkDimensions
AdjustWindowRectEx
GetSysColor
GetKeyState

kernel32

GetVersionExW
EnterCriticalSection
GlobalAlloc
GetCommandLineA
LoadLibraryA
MulDiv
GlobalUnlock
WriteFile
lstrlenA
InitializeCriticalSection
GetSystemInfo
GlobalLock
VirtualAlloc
SetUnhandledExceptionFilter
DeleteCriticalSection
GetStringTypeA
SetErrorMode
CreateMailslotW
FreeLibrary
LoadLibraryA
IsBadCodePtr
UnhandledExceptionFilter
GetEnvironmentStrings
GlobalFlags
GetWindowsDirectoryA
VirtualQuery
SetHandleCount
LCMapStringA
GetModuleHandleA
GetTickCount
InterlockedExchange
LocalFree
InterlockedDecrement
LocalAlloc
GetThreadPriority
GetCurrentThreadId
LockResource
GetVersion
CloseHandle
FlushFileBuffers
GetSystemDirectoryA
GetCurrentProcessId
IsBadReadPtr
GetVersionExA
GetFileType
TerminateProcess
GlobalFree
GetStartupInfoA
QueryPerformanceCounter
LocalReAlloc
IsBadWritePtr
InterlockedIncrement
GlobalHandle
GetExitCodeProcess
GetThreadLocale
HeapCreate
GetSystemTimeAsFileTime
GetLocaleInfoA
HeapSize
SizeofResource
TlsAlloc
ExitProcess
SetFilePointer
GetACP
GetCurrentThread
GetOEMCP
TlsFree
VirtualFree
TlsGetValue
SetStdHandle
HeapAlloc
ReadFile
VirtualProtect
RtlUnwind
RaiseException
EnumResourceLanguagesW
TlsSetValue
CompareStringA
HeapDestroy
GetLastError
HeapReAlloc
FreeResource
GlobalDeleteAtom
ConvertDefaultLocale
HeapFree
LeaveCriticalSection
GetStdHandle
FreeEnvironmentStringsA
LoadResource
GetModuleFileNameA
GetCurrentProcess
SetLastError

ole32

CoDeactivateObject
CoUninitialize

advapi32

RegQueryValueExW
RegOpenKeyExW
LsaGetSystemAccessAccount
RegSetValueExW
RegCreateKeyExW
RegCloseKey

Sections

.text
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 95KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ebb7d92c13836becc3c6f3a402acba4a

Headers

File Characteristics

Imports

winspool.drv

winmm

user32

kernel32

ole32

advapi32

Sections

.text Size: 69KB - Virtual size: 68KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 95KB - Virtual size: 96KB

.reloc Size: 512B - Virtual size: 512B

.text
Size: 69KB - Virtual size: 68KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 95KB - Virtual size: 96KB

.reloc
Size: 512B - Virtual size: 512B