95eff5602354b666f5b6e8c84da8bff44bba5079c2005270acbe8c33938ec930

Sharing

Copy URL Twitter E-mail

General

Target

95eff5602354b666f5b6e8c84da8bff44bba5079c2005270acbe8c33938ec930
Size

31KB
MD5

301e4a2e21dbf560e70a1cac891ecdfa
SHA1

582d32e30876b09dd0f00b24a48bae83584391dd
SHA256

95eff5602354b666f5b6e8c84da8bff44bba5079c2005270acbe8c33938ec930
SHA512

b248fb420ae7f3f3f0200fe3a3fc30ea51e41d5b13f392579f001e69232391896f4deeb32d6d55150d16d621f68d3614f108acaead2d5e7f4a5ba465f2e633d7
SSDEEP

384:9oxWFQnKiy6SIlrxkSE4nfu7RDqd5PILXi1YMlpiWAofxY3mdUnLW3SeTj5wR:9olW6SIlFA4GtDqd5OQZ23mdSWiuG

Score

N/A

Malware Config

Signatures

Files

95eff5602354b666f5b6e8c84da8bff44bba5079c2005270acbe8c33938ec930
.exe windows x86

1bbd2f87041ce8eab3f063c6e09ab45f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiW
lstrcpyW
Sleep
VirtualAlloc
SetCalendarInfoA
BeginUpdateResourceA
IsBadWritePtr
GetThreadLocale
CreateEventA
GetExpandedNameA
FindResourceA
DeleteAtom
GetFullPathNameW
OpenMutexW
GetEnvironmentStringsW
OpenFile
GetLogicalDriveStringsW
EnumTimeFormatsA
ReadDirectoryChangesW
CreateNamedPipeA
lstrcmpi
GetWindowsDirectoryW
GetLocaleInfoA
GetFileType
GetStartupInfoA
SetCalendarInfoW
CreateFiber

user32

LoadBitmapA
GetMenuItemCount
AppendMenuW
EnumDesktopsW
GetMenuItemCount
GetClassInfoExW
IsDlgButtonChecked
CreatePopupMenu
DefDlgProcA
GetCursorPos
AdjustWindowRect
UnregisterClassA
GetDC
EndDialog
GetAsyncKeyState

gdi32

GetViewportExtEx
GetTextColor
CloseEnhMetaFile
GetMetaFileW
AnimatePalette
SetTextAlign
CreatePolyPolygonRgn
GetRegionData
Polyline
SetDIBits
SetROP2
PolyDraw

shell32

ExtractIconEx
SHGetDiskFreeSpaceExW
ExtractAssociatedIconExW
ExtractAssociatedIconA
SHCreateDirectoryExW

shlwapi

StrRetToStrA
SHRegOpenUSKeyW
SHDeleteEmptyKeyA
UrlUnescapeA
PathRemoveArgsA
StrRChrA
UrlIsA
PathRemoveArgsW
PathIsSystemFolderW
StrChrIW
SHSetValueA
SHRegSetPathW

ole32

CoDosDateTimeToFileTime
CoGetInstanceFromIStorage
CreateFileMoniker
CreateErrorInfo

winspool.drv

EnumPrinterKeyA
GetJobW
EnumFormsA

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.code_01
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.V1Y99t
Size: 1024B - Virtual size: 30KB

IMAGE_SCN_MEM_READ

.j92q
Size: 1KB - Virtual size: 12KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.d35
Size: 1KB - Virtual size: 10KB

IMAGE_SCN_MEM_READ

.87f0X
Size: 1KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.H
Size: 1024B - Virtual size: 18KB

IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.c1
Size: 1024B - Virtual size: 35KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1bbd2f87041ce8eab3f063c6e09ab45f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

shlwapi

ole32

winspool.drv

Sections

.text Size: 14KB - Virtual size: 14KB

.code_01 Size: 4KB - Virtual size: 8KB

.V1Y99t Size: 1024B - Virtual size: 30KB

.j92q Size: 1KB - Virtual size: 12KB

.d35 Size: 1KB - Virtual size: 10KB

.87f0X Size: 1KB - Virtual size: 11KB

.H Size: 1024B - Virtual size: 18KB

.rdata Size: 2KB - Virtual size: 2KB

.c1 Size: 1024B - Virtual size: 35KB

.rsrc Size: 77KB - Virtual size: 76KB

.text
Size: 14KB - Virtual size: 14KB

.code_01
Size: 4KB - Virtual size: 8KB

.V1Y99t
Size: 1024B - Virtual size: 30KB

.j92q
Size: 1KB - Virtual size: 12KB

.d35
Size: 1KB - Virtual size: 10KB

.87f0X
Size: 1KB - Virtual size: 11KB

.H
Size: 1024B - Virtual size: 18KB

.rdata
Size: 2KB - Virtual size: 2KB

.c1
Size: 1024B - Virtual size: 35KB

.rsrc
Size: 77KB - Virtual size: 76KB