c907f64180679b67b009ff56cf6ec39075c6ba2053a61f3ae483e72b8211b934

Sharing

Copy URL Twitter E-mail

General

Target

c907f64180679b67b009ff56cf6ec39075c6ba2053a61f3ae483e72b8211b934
Size

280KB
MD5

3d81b088ed031d91dc3085e0d1d69c6f
SHA1

099212819f84182aee8dfab7917ee7b43b03e4fa
SHA256

c907f64180679b67b009ff56cf6ec39075c6ba2053a61f3ae483e72b8211b934
SHA512

e3d62283c82c056b3282f7b6e08abc84104d227fafda9c392981c744a7385d6d705c1ba3fae495b6bbf67e4aca7e951b98e28f5396caccd133b206da98dda54b
SSDEEP

3072:exEiH2NPX+p0WWnEFIVvIha4UQvnyXdoPs0XvXGQdR1XCY1Qalb51V1KBm3FzsgB:Pj/JWSVeAQ6N2X+QdR99VaizBcMmV

Score

N/A

Malware Config

Signatures

Files

c907f64180679b67b009ff56cf6ec39075c6ba2053a61f3ae483e72b8211b934
.dll windows x86

86fbb6170879593e4602a134983ecb6f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

inet_ntoa
gethostbyname
WSACleanup
WSASetLastError
WSAStartup
htonl
WSAGetLastError
inet_addr
getservbyname
htons
gethostbyaddr
ntohs
getservbyport

kernel32

LeaveCriticalSection
GlobalReAlloc
EnterCriticalSection
TlsFree
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
GetProcessVersion
DeleteCriticalSection
GlobalHandle
SizeofResource
GetThreadLocale
DuplicateHandle
CreateFileA
ReadFile
WriteFile
SetFilePointer
GetOEMCP
LockFile
GetCPInfo
FlushFileBuffers
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
GetFileAttributesA
GetFileSize
GetFileTime
SetErrorMode
FileTimeToSystemTime
InitializeCriticalSection
GetTickCount
lstrcpynA
TlsAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
HeapFree
HeapAlloc
RaiseException
GetStartupInfoA
GetCommandLineA
TerminateProcess
SetStdHandle
GetFileType
HeapSize
HeapReAlloc
GetACP
LCMapStringA
LCMapStringW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
InterlockedExchange
GetProfileStringA
GlobalFree
GlobalAlloc
GetCurrentThread
WideCharToMultiByte
FormatMessageA
MultiByteToWideChar
GlobalLock
InterlockedDecrement
InterlockedIncrement
SetLastError
GlobalUnlock
MulDiv
LockResource
FindResourceA
LoadResource
GlobalGetAtomNameA
GetVersion
GetCurrentThreadId
GlobalDeleteAtom
GlobalAddAtomA
GlobalFindAtomA
FreeLibrary
GetModuleHandleA
GetSystemDirectoryA
LoadLibraryA
lstrcmpA
Sleep
GetCurrentProcess
CreateMutexA
GetVersionExA
LocalFree
GetLastError
LocalAlloc
lstrcmpiA
CloseHandle
WinExec
WritePrivateProfileStringA
GetPrivateProfileSectionA
ExitProcess
lstrlenA
lstrcpyA
GetPrivateProfileIntA
GetModuleFileNameA
GetTempPathA
lstrcatA
GetPrivateProfileStringA
GetProcAddress
RtlUnwind
OutputDebugStringA
UnlockFile
SetEndOfFile
FileTimeToLocalFileTime

gdi32

SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
CreateBitmap
GetObjectA
GetClipBox
SetBkColor
CreateDIBitmap
GetTextExtentPointA
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
DeleteObject
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetDeviceCaps
CreateSolidBrush
CreatePatternBrush
RectVisible
TextOutA
PtVisible
Escape
StretchDIBits
ExtTextOutA
CreateCompatibleBitmap
GetCharWidthA
CreateCompatibleDC
GetTextExtentPoint32A
GetTextMetricsA
CreateFontA
GetTextColor
GetBkColor
CreateFontIndirectA
LPtoDP
BitBlt
DPtoLP
PatBlt
SetRectRgn
GetMapMode
CreateRectRgnIndirect
CombineRgn
SetTextAlign
IntersectClipRect
ExcludeClipRect

comdlg32

GetFileTitleA

winspool.drv

EnumPortsA
EnumPrintersA
ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegEnumKeyA
RegDeleteValueA
RegCreateKeyExA
RegEnumValueA
RegQueryInfoKeyA
GetSidSubAuthority
GetSidSubAuthorityCount
GetTokenInformation
OpenProcessToken
RegEnumKeyExA
RegCloseKey

olepro32

ord253

Sections

.text
Size: 216KB - Virtual size: 440KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 472KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.shared
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mstp
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

PDAT
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

86fbb6170879593e4602a134983ecb6f

Headers

File Characteristics

Imports

ws2_32

kernel32

gdi32

comdlg32

winspool.drv

advapi32

olepro32

Sections

.text Size: 216KB - Virtual size: 440KB

.bss Size: - Virtual size: 472KB

.pdata Size: 4KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 4KB

.tls Size: 4KB - Virtual size: 4KB

.shared Size: 4KB - Virtual size: 4KB

.mstp Size: 4KB - Virtual size: 4KB

DATA Size: 4KB - Virtual size: 4KB

DATA Size: 4KB - Virtual size: 4KB

PDAT Size: 4KB - Virtual size: 4KB

.idata Size: 5KB - Virtual size: 5KB

.rsrc Size: 17KB - Virtual size: 16KB

.reloc Size: 4KB - Virtual size: 252B

.text
Size: 216KB - Virtual size: 440KB

.bss
Size: - Virtual size: 472KB

.pdata
Size: 4KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 4KB

.tls
Size: 4KB - Virtual size: 4KB

.shared
Size: 4KB - Virtual size: 4KB

.mstp
Size: 4KB - Virtual size: 4KB

DATA
Size: 4KB - Virtual size: 4KB

DATA
Size: 4KB - Virtual size: 4KB

PDAT
Size: 4KB - Virtual size: 4KB

.idata
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 17KB - Virtual size: 16KB

.reloc
Size: 4KB - Virtual size: 252B