d5e8bd5f57d76836ddd9511260d63be1ec6e02ae91d5c9a47022c1c34801218e

Sharing

Copy URL Twitter E-mail

General

Target

d5e8bd5f57d76836ddd9511260d63be1ec6e02ae91d5c9a47022c1c34801218e
Size

335KB
MD5

e4a58b4f02aa5647d4d775d16c60c62e
SHA1

39e44b6f41cabc615187b914ef5ac3b053d24004
SHA256

d5e8bd5f57d76836ddd9511260d63be1ec6e02ae91d5c9a47022c1c34801218e
SHA512

afeee70822d5acb46e923f00cf7d019a37804cd6d610537c3e5646d77c9ac6b8aaca339600589b77f4daff5d20610ae283bfd62b5c4179a72cbabd1ebd3567bc
SSDEEP

6144:FU7oEUwE8tzl8WnI9wIJo7GAVwZonMpAGNfeXNmJ8nHkCS4PIxFb09s2ky+vmyBE:IpUz8UwwwIJoCxCMy/XAWHZS4AXbAsM

Score

N/A

Malware Config

Signatures

Files

d5e8bd5f57d76836ddd9511260d63be1ec6e02ae91d5c9a47022c1c34801218e
.exe windows x86

8d26071980697f0ee03cd59d7d71299d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

BeginDeferWindowPos
SetWindowPlacement
ChildWindowFromPoint
SetWindowTextA
SendDlgItemMessageA
EndDialog
MessageBoxA
DestroyWindow
TranslateMessage
LoadCursorA
DispatchMessageA
SetClipboardData
OpenClipboard
CreateWindowExA
LoadIconA
GetClipboardData
FindWindowA
GetWindowTextA

gdi32

GetStockObject
Arc
CreateFontW
GetBkMode
CreateDiscardableBitmap
GetAspectRatioFilterEx
GdiComment
CombineTransform
CreateCompatibleBitmap
DescribePixelFormat
GetBitmapDimensionEx
DeleteObject

advapi32

RegSetValueA
OpenProcessToken
OpenBackupEventLogA
RegEnumKeyA
RegQueryValueExA

kernel32

GetDateFormatA
HeapLock
VirtualQuery
CreateSemaphoreA
ReleaseMutex
GetCurrencyFormatA
OpenMutexA
GetProcessHeap
WriteProfileStringA
GetPrivateProfileStructA
GetProfileIntA
GetPrivateProfileSectionNamesA
GetPrivateProfileStringA
WritePrivateProfileSectionA
GetProcAddress
GetStartupInfoA
GetModuleHandleA
VirtualAllocEx
VerLanguageNameA
GetACP
LocalFlags

version

VerInstallFileA
GetFileVersionInfoSizeA
VerFindFileA
GetFileVersionInfoA
VerQueryValueA

winspool.drv

DeletePrinterDriverExA
GetJobA
DeletePrinter
SetJobA
EnumJobsW
GetPrinterW
AddPrinterDriverExW
AddPrinterConnectionA
AddPrinterA
GetJobW
AddPrinterDriverA
ClosePrinter

netapi32

NetRemoteComputerSupports
NetErrorLogRead
NetGetJoinableOUs
NetGroupAddUser
NetAuditWrite
NetConnectionEnum
NetFileGetInfo
NetFileClose
NetErrorLogWrite
NetGetDCName
NetAuditRead
NetGetJoinInformation
Netbios
NetFileEnum
NetAuditClear
NetGetAnyDCName
NetLocalGroupDelMembers

msvcrt

_adjust_fdiv
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_exit
_XcptFilter

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 314KB - Virtual size: 418KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8d26071980697f0ee03cd59d7d71299d

Headers

File Characteristics

Imports

user32

gdi32

advapi32

kernel32

version

winspool.drv

netapi32

msvcrt

Sections

.text Size: 15KB - Virtual size: 14KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 314KB - Virtual size: 418KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 15KB - Virtual size: 14KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 314KB - Virtual size: 418KB

.rsrc
Size: 4KB - Virtual size: 3KB