4980dfacb261f7abd5dfc2bb7be1bd691175b5310f478212d0ecf73639640b28

Sharing

Copy URL

Twitter E-mail

General

Target

4980dfacb261f7abd5dfc2bb7be1bd691175b5310f478212d0ecf73639640b28
Size

284KB
MD5

623e50f245d21f2ca259e6a2101ebbee
SHA1

bfef35a692ef7a170e5fa4459d44e091bdfac13b
SHA256

4980dfacb261f7abd5dfc2bb7be1bd691175b5310f478212d0ecf73639640b28
SHA512

1360ad21bacd3a99f4cb8f8db6dedefa50526ce257b7ca9f09ce2cf37e1898ef02d623067ccae888dd8839500cf479095762847b988542d88ab25aeafec9548a
SSDEEP

6144:dPV8+y5yeVh4W0vBznVcX/Ur5ClzG4zygV4I7J3Z:d/yFmZvdVqwQGGvtJ

Score

N/A

Malware Config

Signatures

Files

4980dfacb261f7abd5dfc2bb7be1bd691175b5310f478212d0ecf73639640b28
.exe windows x86

c57bd301475bc007fc10d436f3be9633

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegQueryValueA

comctl32

ImageList_Destroy
ord17
ImageList_Remove
ImageList_Draw
ImageList_Add
ImageList_Create
ImageList_ReplaceIcon
ImageList_AddMasked
PropertySheetA

comdlg32

PrintDlgA
CommDlgExtendedError
ChooseFontA

gdi32

LineTo
CreateRectRgn
CreateCompatibleBitmap
DeleteObject
RestoreDC
GetTextFaceA
SelectObject
SaveDC
RealizePalette
GetTextMetricsA
GetStockObject
DeleteDC
StretchBlt
BitBlt
CreateCompatibleDC
GetObjectA
SetBkMode
PatBlt
SetBkColor
SetTextColor
SelectClipRgn
GetDeviceCaps
AbortDoc
CreateBrushIndirect
GetBkMode
GetBkColor
GetTextColor
SetROP2
CreateSolidBrush
GdiFlush
GetTextExtentPointW
StartDocA
EndDoc
Escape
CreateDCA
GetTextAlign
CreatePen
MoveToEx
SetTextAlign

kernel32

GetTimeFormatA
RtlUnwind
GetDateFormatA
GlobalFree
GetShortPathNameA
GetModuleFileNameA
GlobalUnlock
GlobalLock
GlobalAlloc
GetLastError
GetVersionExA
FreeLibrary
ExitProcess
GetModuleHandleA
GetCommandLineA
UnhandledExceptionFilter
GetSystemTime
WinExec
lstrcatA
GetProcAddress
SetErrorMode
SystemTimeToFileTime
FindClose
GetTickCount
lstrlenA
LoadLibraryA
GetProfileStringA
lstrcpyA
DeleteFileA
lstrcmpiA
_lcreat
_lclose
_lwrite
_lread
_lopen
SetEndOfFile
GlobalSize
GetTempFileNameA
GetTempPathA
lstrcmpA
GlobalFlags
GetStartupInfoA
MulDiv
GetDriveTypeA
FreeResource
LockResource
LoadResource
FindResourceA
MultiByteToWideChar
SetLastError

mso9

ord442
ord1915
ord1580
ord778
ord321
ord394
ord408
ord652
ord538
ord674
ord815
ord383
ord934
ord725
ord726
ord593
ord487
ord1482
ord474
ord409
ord598
ord693
ord925
ord295
ord1625
ord694
ord698
ord695
ord702
ord801
ord1552
ord1376
ord610
ord974
ord1455
ord1550
ord1515
ord1835
ord1378
ord1406
ord1111
ord847
ord493
ord688
ord589
ord270
ord499
ord844
ord750
ord1506
ord1608
ord1592
ord1326
ord366
ord332
ord896
ord894
ord893
ord290
ord401
ord1593
ord396
ord322
ord887
ord1799
ord1314
ord1290
ord1279
ord1543
ord510
ord923
ord425
ord1202
ord1813
ord326
ord560
ord490
ord800
ord312
ord663
ord690
ord467
ord1647
ord590
ord470
ord629
ord630
ord556
ord557
ord786
ord784
ord785
ord628
ord443
ord608
ord639
ord1222
ord834
ord597
ord1187
ord924
ord960
ord866
ord1849
ord1440
ord1092
ord1916
ord1289
ord926
ord1673
ord1510
ord878
ord464
ord471
ord837
ord330
ord340
ord871
ord338
ord820
ord901
ord266
ord1191
ord1739
ord311
ord973
ord336
ord1539
ord605
ord797
ord601
ord369
ord438
ord368
ord607
ord439
ord432
ord357
ord431
ord417
ord355
ord440
ord604
ord517
ord335
ord555
ord447
ord449
ord441
ord429
ord434
ord654
ord606
ord602
ord334
ord347
ord957
ord573
ord313
ord1996
ord1533
ord933
ord1372
ord876
ord333
ord1668
ord1201
ord1612
ord1605
ord799
ord1459
ord1185
ord292
ord915
ord1188
ord1602
ord1611
ord829
ord324
ord1726
ord1095
ord1724
ord1213
ord1707
ord1099
ord1317
ord1906
ord882
ord1615
ord670
ord1607
ord805
ord1941
ord430
ord1641
ord414
ord1924
ord911
ord1925
ord1445
ord406
ord643
ord1383
ord754
ord393

ole32

GetClassFile
OleLockRunning
OleSetContainedObject
StgIsStorageFile
CLSIDFromString
CoGetMalloc
OleRegGetMiscStatus
CreateGenericComposite
GetRunningObjectTable
CreateItemMoniker
DoDragDrop
ReleaseStgMedium
WriteClassStg
CreateStreamOnHGlobal
OleSaveToStream
WriteClassStm
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
ReadClassStg
OleRun
OleLoad
CreateBindCtx
OleIsRunning
OleGetAutoConvert
OleDoAutoConvert
CreateFileMoniker
OleCreateFromData
OleCreateFromFile
OleCreate
CLSIDFromProgID
CoFreeUnusedLibraries
OleSave
StgOpenStorage
StgCreateDocfile
StringFromCLSID
ProgIDFromCLSID
CoCreateGuid
OleSetMenuDescriptor
CoRevokeClassObject
CoDisconnectObject
OleUninitialize
CoRegisterClassObject
CoRegisterMessageFilter
OleInitialize

oledlg

ord8

shell32

ExtractIconA
DragAcceptFiles
SHAddToRecentDocs
DragFinish
DragQueryFileA

user32

ClientToScreen
SendDlgItemMessageA
GetMenuItemCount
MessageBoxA
DrawMenuBar
SetCapture
RemoveMenu
GetSubMenu
GetMessagePos
GetAsyncKeyState
IsWindowUnicode
PeekMessageW
GetMessageW
GetMessageA
CreateDialogIndirectParamA
DialogBoxIndirectParamA
LoadStringA
GetDesktopWindow
LockWindowUpdate
SetDlgItemTextA
DialogBoxParamA
GetDlgItemInt
IsDlgButtonChecked
SetDlgItemInt
CheckRadioButton
CheckDlgButton
DestroyCursor
GetFocus
GetDlgItem
IsWindowEnabled
EndDialog
WindowFromPoint
SetWindowTextA
GetClassInfoA
GetCapture
ScreenToClient
GetParent
GetKeyboardLayout
ActivateKeyboardLayout
CallWindowProcA
UpdateWindow
GetSysColor
DrawFocusRect
CreatePopupMenu
TrackPopupMenu
ModifyMenuA
SetTimer
CopyAcceleratorTableA
DrawIconEx
PtInRect
ReleaseCapture
SetRect
IsIconic
SetFocus
SetForegroundWindow
GetForegroundWindow
GetWindowPlacement
SetWindowPlacement
IsWindowVisible
ShowWindow
SystemParametersInfoA
MessageBeep
AppendMenuA
LoadMenuA
RegisterClassExA
InsertMenuA
LoadIconA
IsWindow
RegisterWindowMessageA
RegisterClipboardFormatA
ReleaseDC
GetDC
GetWindowRect
MapWindowPoints
GetCursorPos
GetSystemMetrics
CharNextA
WaitMessage
TranslateMessage
TranslateAcceleratorA
PostMessageA
SetCursor
LoadCursorA
SendMessageA
InvalidateRect
GetWindowThreadProcessId
GetActiveWindow
IsDialogMessageA
IsChild
DestroyWindow
DestroyIcon
GetClassLongA
EnableWindow
DestroyMenu
BringWindowToTop
SetWindowLongA
CreateWindowExA
GetMenu
GetClientRect
SetMenu
EnableMenuItem
GetSystemMenu
SetWindowPos
RedrawWindow
KillTimer
GetKeyState
DefWindowProcA
SetClassLongA
PostQuitMessage
GetWindowLongA
RegisterClassA
LoadAcceleratorsA
wsprintfA
MoveWindow
PeekMessageA
LoadBitmapA
EndPaint
BeginPaint
CharPrevA

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

winspool.drv

GetPrinterDriverA
OpenPrinterA
GetPrinterA
DocumentPropertiesA
ClosePrinter

Sections

.text
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c57bd301475bc007fc10d436f3be9633

Headers

File Characteristics

Imports

advapi32

comctl32

comdlg32

gdi32

kernel32

mso9

ole32

oledlg

shell32

user32

version

winspool.drv

Sections

.text Size: 200KB - Virtual size: 199KB

.data Size: 4KB - Virtual size: 9KB

Size: 52KB - Virtual size: 51KB

.rsrc Size: 24KB - Virtual size: 22KB

.text
Size: 200KB - Virtual size: 199KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 24KB - Virtual size: 22KB