cda133cdecf11d4fc5d3784bfe59f3d69a6e11b49cfce68a7aa59ff919f7e0a5

Sharing

Copy URL Twitter E-mail

General

Target

cda133cdecf11d4fc5d3784bfe59f3d69a6e11b49cfce68a7aa59ff919f7e0a5
Size

172KB
MD5

078c4815d8f17761761ac680e118d7c2
SHA1

6558e8e8e784c85600405d777a62db753f273787
SHA256

cda133cdecf11d4fc5d3784bfe59f3d69a6e11b49cfce68a7aa59ff919f7e0a5
SHA512

e209f37735e4ccabb5d67438682023bb747a93b78bd7eb195617a0c622b363c895001d2d2eade119fa0fc60d7b281da8e07d83185f1a484434ed64736c9f9ee6
SSDEEP

3072:uH52krTVO+hPVCuLr1DzaaY+mBa6CeVK57eeZVcbJw+zS2/KbgxZkcgIS2WX:a2IUmHDzxY+IayVee+2FWxbgxZkcgISB

Score

N/A

Malware Config

Signatures

Files

cda133cdecf11d4fc5d3784bfe59f3d69a6e11b49cfce68a7aa59ff919f7e0a5
.dll windows x86

619d56664e06629fbcf23e2e977ef7fb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetRgnBox
DeleteDC
GetDeviceCaps
GetObjectA
SetGraphicsMode
RemoveFontResourceExW
SelectBrushLocal
EnumObjects
SetMetaFileBitsEx
GetStockObject
EnumFontFamiliesExA
ColorCorrectPalette
SetBrushOrgEx
SetDIBColorTable
GetDCBrushColor
ColorMatchToTarget
GdiGetBatchLimit
GetDIBits
CreateCompatibleBitmap
GetOutlineTextMetricsA
CreatePolygonRgn
RectVisible
GetDeviceGammaRamp
SetTextColor
UpdateICMRegKeyA
GetCharWidth32A
PolyTextOutA
SelectClipRgn
CreateColorSpaceW
GetEnhMetaFileBits
PolylineTo
AddFontResourceW
CombineRgn
FillPath
SetMapperFlags
SelectObject
CreateCompatibleDC
GetTextExtentPointW
SelectFontLocal
GetColorAdjustment
GetMetaRgn
SetPixelFormat

kernel32

VirtualAlloc
EnumSystemLocalesA
GetVersion
SetComputerNameA
GlobalSize
GetLocalTime
GetEnvironmentStringsA
GetSystemTime
GetFileType
OpenWaitableTimerA
SetVolumeLabelW
GetModuleHandleA
FreeLibrary
SizeofResource
GlobalFindAtomA
GetStringTypeExA
SetNamedPipeHandleState
GetPrivateProfileSectionNamesA
GetStartupInfoA
VirtualAllocEx
VirtualUnlock
UnhandledExceptionFilter
SetFileAttributesW
HeapReAlloc
Sleep
SetProcessShutdownParameters
IsValidLocale
LoadLibraryA
OpenFileMappingA
GlobalFlags
CompareStringW
SetHandleCount
CommConfigDialogW
VirtualFree
UTUnRegister
HeapValidate
CloseProfileUserMapping
SetCalendarInfoW
WaitNamedPipeW
GetConsoleCP
GetHandleInformation
ReadConsoleOutputAttribute
GetProcAddress

shell32

StrStrW
SHGetDesktopFolder
ShellAboutW
SHQueryRecycleBinW
InternalExtractIconListA
StrRStrIW
StrRChrA
SHGetSpecialFolderPathW
StrNCmpIW
Shell_NotifyIconA
SHFileOperationA
StrCmpNA
SheChangeDirA
StrStrA
FindExecutableA
SHGetFileInfoA
ord179
StrStrIA
SHBrowseForFolderA
StrChrW
SHBrowseForFolderW
InternalExtractIconListW
ExtractIconExA
Shell_NotifyIconW
SHGetSettings
ShellAboutA
ExtractAssociatedIconW

user32

GetMenuItemInfoW
EnumDesktopWindows
DdeCreateStringHandleW
GetCapture

winspool.drv

GetPrinterDataExA
DocumentPropertiesA
ord101
OpenPrinterA
ord256

msvcrt

ferror
_wcsncoll
printf
fwrite
fgetws
_mktemp
feof
fprintf
__p__commode
fwprintf
_cgets
fclose
_beginthreadex
_spawnlp
ftell
_mbsncpy
fputs
iswascii
_wsystem
memset
fputc
fsetpos
fseek
fread
_safe_fprem1
fopen
setbuf
sprintf

Exports

Exports

Cfgqmrna
Hnfhbjpxv
Krcptz
Lfiuuhchhu
Lkoahyy
Quhk
Trxsvq
Uaqkhyta
Uooo
Zktditp

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

619d56664e06629fbcf23e2e977ef7fb

Headers

File Characteristics

Imports

gdi32

kernel32

shell32

user32

winspool.drv

msvcrt

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 28KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 120KB - Virtual size: 118KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 32KB - Virtual size: 28KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 120KB - Virtual size: 118KB

.reloc
Size: 8KB - Virtual size: 4KB