cfe6c5bf3538f9f5a526172284dea9f4787ad314979b39da8953013c1315d45e

Sharing

Copy URL Twitter E-mail

General

Target

cfe6c5bf3538f9f5a526172284dea9f4787ad314979b39da8953013c1315d45e
Size

2.4MB
MD5

c61a2ed24cf4a69f5b10e5081e9fd1c0
SHA1

513d872d291092651b0cf4061469dbf727db8f43
SHA256

cfe6c5bf3538f9f5a526172284dea9f4787ad314979b39da8953013c1315d45e
SHA512

f54f5774a045e265e0fa271c576e69ffc5822a866e9be0f9856f9d1a722df1bcba07abd15ae0d5566999fba4c95b126be7e0e134bc07ba2b10c9fac6369f0945
SSDEEP

49152:E4eNu9wmaTzHwDkoM4GhHkmdMFBbAIVr++PDGKxDxgEnZ6:E4Cu9wXzHwDd0EmdOBbAIdFPK9EZ6

Score

N/A

Malware Config

Signatures

Files

cfe6c5bf3538f9f5a526172284dea9f4787ad314979b39da8953013c1315d45e
.exe windows x86

e3fbf7c944095a8feb6150734ecf098b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

DeleteDC
Polyline
CreateCompatibleDC
GetFontData
CreateDIBitmap
SetBkColor
GetObjectA
ExtTextOutW
GetNearestColor
CreateDiscardableBitmap
SetWindowExtEx
UpdateColors
DescribePixelFormat
GetMetaFileA
TextOutA
RemoveFontResourceW

kernel32

GetProcessHeap
LoadLibraryExW
GetPrivateProfileIntA
CreateSemaphoreA
MultiByteToWideChar
LocalAlloc
CreateProcessW
GetSystemInfo
LoadLibraryExA
CreateWaitableTimerW
CreateMutexA
GetCPInfoExA
LocalFree
LoadLibraryA
FindResourceA
GetTickCount
GetLocaleInfoA
GetThreadContext
GetCommState
EnumResourceTypesA
SetProcessWorkingSetSize
SetEndOfFile
WaitForSingleObjectEx
GetBinaryTypeA
GetCommandLineW
WaitForSingleObject

dbghelp

GetTimestampForLoadedLibrary
SymGetModuleInfo
SymMatchFileName
SymLoadModule
SymEnumerateSymbolsW
SymCleanup
SymInitialize
SymGetModuleInfoW
ImagehlpApiVersionEx

comctl32

ImageList_AddMasked
ImageList_Remove
PropertySheetA
ImageList_ReplaceIcon
ImageList_SetIconSize
ImageList_Draw
CreatePropertySheetPageW
ImageList_Read
ImageList_Create
ImageList_GetImageCount
ImageList_Write

msvcrt

strerror
sprintf
vfprintf
memcpy
wprintf
wcsrchr
strstr
fprintf
wcstod
strspn
ungetc
strpbrk
memset

user32

DrawFrameControl
GetKeyboardLayoutList
CreateAcceleratorTableA
IsRectEmpty
OemToCharBuffA
SetCursorPos
GetMenu
InflateRect
DrawFocusRect
GetUpdateRect
GetMenuStringA
DialogBoxParamW
SetMenuItemBitmaps
GetKeyState
SetCursor
RedrawWindow
RemoveMenu
InsertMenuW
ModifyMenuA
LoadStringW
GetPropW
DialogBoxIndirectParamW
TrackPopupMenuEx
SendMessageW
WaitMessage
CreatePopupMenu

winspool.drv

DeviceCapabilitiesA

Exports

Exports

_HxH_egfjD_dNb@4
_DcYa_qlopa_mbv@8
_NzUVP_wejia@16
_ZeNXQ_lRkxz_wil@4
_Login_User_ToSystem@8
_SpAo_rvxwj_wcpTm@4
_Terminate_User_Threads@12

Sections

.code
Size: 512B - Virtual size: 6.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 650B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e3fbf7c944095a8feb6150734ecf098b

Headers

File Characteristics

Imports

gdi32

kernel32

dbghelp

comctl32

msvcrt

user32

winspool.drv

Exports

Exports

Sections

.code Size: 512B - Virtual size: 6.5MB

.text Size: 27KB - Virtual size: 27KB

.rdata Size: 6KB - Virtual size: 6KB

.rsrc Size: 2.4MB - Virtual size: 2.4MB

.reloc Size: 1024B - Virtual size: 650B

.code
Size: 512B - Virtual size: 6.5MB

.text
Size: 27KB - Virtual size: 27KB

.rdata
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 2.4MB - Virtual size: 2.4MB

.reloc
Size: 1024B - Virtual size: 650B