d60cea0d8e1a13e964c7e33b946b79f5e56cd657e12462d9513d2fe267964a15

Sharing

Copy URL Twitter E-mail

General

Target

d60cea0d8e1a13e964c7e33b946b79f5e56cd657e12462d9513d2fe267964a15
Size

243KB
MD5

18b75abbd10d481b9495c9a935b8b190
SHA1

f7112b6a6eb1df97f9af10a5434ffd9684b624c6
SHA256

d60cea0d8e1a13e964c7e33b946b79f5e56cd657e12462d9513d2fe267964a15
SHA512

95674fb59a06008b6e3207de3066d5839a1cc827482e263bde6439229a87f87978121017b7d243585e9e9c908d0fc9a353088ffe8e051bd33c945d96f38298c9
SSDEEP

3072:qLMfwnYzea7ZISvyl68H8ld3VP0N7xmhD0uyZxorgeftr4bQv/NwGlo1TQ:1Iniea7Bk61hm7ADXgefx44qn1T

Score

N/A

Malware Config

Signatures

Files

d60cea0d8e1a13e964c7e33b946b79f5e56cd657e12462d9513d2fe267964a15
.exe windows x86

008ebacb3cf7d5b7b1ac64aa94a49645

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winspool.drv

ExtDeviceMode
QueryRemoteFonts
OpenPrinterA
ClosePrinter
PlayGdiScriptOnPrinterIC
DocumentPropertiesA
EndDocPrinter
QuerySpoolMode
DeletePrinterIC

gdi32

GetDCPenColor
ExtTextOutA
CreateDIBitmap
SaveDC
RoundRect
GetClipBox
DeleteDC
EnumEnhMetaFile
CreateEllipticRgn
TextOutA
SelectClipRgn
SetWindowExtEx
SetViewportExtEx
PtInRegion
SetTextColor
CreateBitmap
GetRelAbs
GdiPlayDCScript
ScaleViewportExtEx
DeleteObject
SetMapMode
RestoreDC
GetDeviceCaps

kernel32

WideCharToMultiByte
GetEnvironmentStringsA
IsBadWritePtr
GetStdHandle
GetVolumeInformationA
FileTimeToSystemTime
GetCurrentProcess
LCMapStringA
GetOEMCP
FindResourceA
GetFileSize
GetSystemDirectoryA
LocalAlloc
GetModuleHandleA
InitializeSListHead
SetCurrentDirectoryA
LCMapStringW
LocalReAlloc
FlushInstructionCache
lstrcpyA
SetLastError
SetUnhandledExceptionFilter
GetLastError
LockFile
HeapFree
LeaveCriticalSection
HeapSize
TlsSetValue
GetEnvironmentVariableA
SetErrorMode
SetEndOfFile
GetACP
FreeEnvironmentStringsA
WriteFile
GetStringTypeW
lstrcatA
lstrcmpiA
GetCommandLineA
GetCurrentThreadId
HeapCreate
Sleep
LoadLibraryA
GlobalUnlock
IsValidLocale
FileTimeToLocalFileTime
VirtualAlloc
GetVersionExA
GetFileType
HeapDestroy
GlobalAlloc
DuplicateHandle
LocalFileTimeToFileTime
FindClose
ClearCommError
IsBadCodePtr
GlobalFlags
HeapReAlloc
GetFileTime
FindNextFileA
UnhandledExceptionFilter
SystemTimeToFileTime
TlsFree
GlobalAddAtomA
GetThreadLocale
RaiseException
TlsGetValue
VirtualFree
LoadResource
GetModuleFileNameA
IsBadReadPtr
Toolhelp32ReadProcessMemory
SetHandleCount
SetSystemTime
GetProcAddress
LocalFree
FindFirstFileA
FatalExit
SetConsoleTextAttribute
ReleaseActCtx
InitializeCriticalSection
ReadFile
LockResource
SetFileAttributesA
InterlockedDecrement
FlushFileBuffers
FreeLibrary
GlobalFree
SetConsoleCursorPosition
GetVersion
GetCurrentThread
RtlUnwind
EnterCriticalSection
FreeEnvironmentStringsW
CompareStringW
DosDateTimeToFileTime
GetStringTypeA
lstrcmpA
GlobalFindAtomA
LocalUnlock
SetFilePointer
GetDriveTypeA
SystemTimeToTzSpecificLocalTime
GetStartupInfoA
SetEnvironmentVariableA
InterlockedIncrement
GlobalLock
GlobalHandle
UnlockFile
GetCPInfo
lstrlenA
SetConsoleCursorInfo
GetCurrentDirectoryA
GetWindowsDirectoryA
WritePrivateProfileStringA
SetStdHandle
Beep
MultiByteToWideChar
CloseHandle
lstrcpynA
TlsAlloc
GetFullPathNameA
MulDiv
TerminateProcess
CompareStringA
SetTimeZoneInformation
GetFileAttributesA
GetTimeZoneInformation
SetConsoleScreenBufferSize
GlobalDeleteAtom
DeleteFileA
CreateFileA
ExitProcess
GetProcessVersion
GlobalGetAtomNameA
HeapAlloc
GetEnvironmentStringsW
DeleteCriticalSection
IsDebuggerPresent

user32

GetClassInfoA
CharUpperA
GetDC
BeginPaint
IsWindowVisible
ValidateRect
CheckMenuItem
GetActiveWindow
GetTopWindow
UpdateWindow
DefWindowProcA
GetClientRect
GetPropA
DrawIcon
GetParent
EnableMenuItem
EndPaint
SetActiveWindow
CreateWindowExA
UnregisterClassA
GetMessageA
SetPropA
SetWindowTextA
GetMenu
CallWindowProcA
MapWindowPoints
GetMenuItemID
IsDialogMessageA
PostQuitMessage
UnhookWindowsHookEx
GetDlgItem
LoadStringA
LoadIconA
CopyRect
GetWindowTextLengthA
DestroyWindow
IsWindow
GetWindowLongA
MessageBoxA
GetWindow
CreateDialogIndirectParamA
WinHelpA
GetMessagePos
SystemParametersInfoA
TabbedTextOutA
IsWindowEnabled
GetKeyState
GetLastActivePopup
SetWindowPos
SetMenuItemBitmaps
DispatchMessageA
GetMenuState
PostMessageA
GetFocus
GetSubMenu
GetSysColorBrush
GetSystemMetrics
GetSysColor
IsIconic
GetMenuCheckMarkDimensions
ReleaseDC
GetClassNameA
LoadCursorA
RegisterClassA
GetMenuItemCount
SendDlgItemMessageA
GetWindowTextA
GrayStringA
ShowWindow
SendMessageA
DestroyMenu
wsprintfA
RemovePropA
EndDialog
GetWindowPlacement
LoadBitmapA
GetForegroundWindow
EnableWindow
TranslateMessage
ClientToScreen
CallNextHookEx
GetDlgCtrlID
GetCapture
SetWindowLongA
GetWindowRect
SetWindowsHookExA
ExitWindowsEx
PeekMessageA
ModifyMenuA
PtInRect
DdeEnableCallback
GetCursorPos
SetForegroundWindow

winmm

mmioAdvance
waveOutGetPitch
mixerOpen
timeGetSystemTime

comdlg32

GetFileTitleA
dwOKSubclass

advapi32

SystemFunction016
RegSetValueExA
SetSecurityDescriptorControl
GetAclInformation
AddAccessDeniedAceEx
RegOpenKeyExA
LsaICLookupNamesWithCreds
RegCloseKey
SystemFunction030
MSChapSrvChangePassword
LsaEnumeratePrivileges
RegDeleteValueA
LockServiceDatabase
RegCreateKeyExA
OpenThreadToken
AddUsersToEncryptedFile

Sections

.text
Size: 186KB - Virtual size: 186KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

008ebacb3cf7d5b7b1ac64aa94a49645

Headers

File Characteristics

Imports

winspool.drv

gdi32

kernel32

user32

winmm

comdlg32

advapi32

Sections

.text Size: 186KB - Virtual size: 186KB

.rdata Size: 17KB - Virtual size: 16KB

.data Size: 34KB - Virtual size: 35KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 186KB - Virtual size: 186KB

.rdata
Size: 17KB - Virtual size: 16KB

.data
Size: 34KB - Virtual size: 35KB

.rsrc
Size: 4KB - Virtual size: 4KB