bcd30cdc960c235605159198b7de89d8d872095c42061b3f0a5094fdc96f7159

Sharing

Copy URL Twitter E-mail

General

Target

bcd30cdc960c235605159198b7de89d8d872095c42061b3f0a5094fdc96f7159
Size

7.1MB
MD5

3204e8280db49f992afa8ffa2a49ad8e
SHA1

4cb4d45994eb686cc19196075e5d5a30b8e5393f
SHA256

bcd30cdc960c235605159198b7de89d8d872095c42061b3f0a5094fdc96f7159
SHA512

fe386e872b2afabca60ae2332aa88ab33a727665d90450fdfe00db93dcf9afd7c91ed427b0e2e11065ba6fc3dbaa0b6cd688da764c197e07f5414d22eb8d7aef
SSDEEP

49152:Oy6joN2NWjIb+tKQ5iTFyyZjGOtjttt7i5ttttCP9bywH2veTbd1TwzW/mSBInp:OyMNWcb+tzAjG8FbRH22rsWuSBI

Score

N/A

Malware Config

Signatures

Files

bcd30cdc960c235605159198b7de89d8d872095c42061b3f0a5094fdc96f7159
.exe windows x86

ae086b77912372180832f5003c7f9239

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
SetUnhandledExceptionFilter
GetSystemDefaultUILanguage
WideCharToMultiByte
Sleep
OpenFile
GetShortPathNameA
GetPrivateProfileIntW
FreeEnvironmentStringsW
CreateFileA
GetModuleHandleA
GetCPInfoExW
OpenMutexA
CreateSemaphoreW
GetSystemInfo
LoadLibraryExA
CreateWaitableTimerW
GetModuleHandleW
lstrcpyW
SetWaitableTimer
CreateMutexA
LoadLibraryA
SetEndOfFile
FindResourceW
GetTickCount
HeapAlloc
SetProcessShutdownParameters
HeapFree
WaitForSingleObject
SetLocaleInfoA

msvcrt

rand
clock
gmtime
memcpy
time
strspn
isupper
towlower
vsprintf
strpbrk
memset
getchar
fwprintf

gdi32

SetWindowExtEx
GetBkMode
GetMetaFileA
RemoveFontResourceW
GetLayout
SaveDC
CreateFontW
RectVisible
GetFontData
SetAbortProc
GetObjectA
CreateDiscardableBitmap
PlayMetaFile
WidenPath
BitBlt
DeleteObject

user32

EndPaint
IsDialogMessageA
GetProcessDefaultLayout
GetUpdateRect
ModifyMenuW
GetMenuCheckMarkDimensions
CreateAcceleratorTableW
RemovePropA
DialogBoxParamW
DeleteMenu
GetKeyState
ShowStartGlass
FillRect
TrackPopupMenu
DrawFrameControl
ChangeMenuW
SetCursor
SetScrollPos
GetWindowLongA
SetWindowLongW
RedrawWindow
DefWindowProcA
ShowCursor
RemoveMenu
DestroyMenu
GetActiveWindow
InflateRect
AppendMenuA
CheckDlgButton
SetCursorPos

crypt32

CryptHashPublicKeyInfo
CertFindCertificateInStore
CertFreeCertificateContext
CertOpenStore
CryptProtectData
CertCloseStore

winspool.drv

DeviceCapabilitiesW

Exports

Exports

_HeNe_pvai_vmqpsp@8
_DcQm_Jed_uki@8
_DwDb_jqe_SZbuh_t@4
_Format_SysMessages@8
_ReCalc_Used_Data@12

Sections

.code
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 746B - Virtual size: 746B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae086b77912372180832f5003c7f9239

Headers

File Characteristics

Imports

kernel32

msvcrt

gdi32

user32

crypt32

winspool.drv

Exports

Exports

Sections

.code Size: 6.0MB - Virtual size: 6.0MB

.text Size: 28KB - Virtual size: 28KB

.rdata Size: 6KB - Virtual size: 6KB

.rsrc Size: 1.1MB - Virtual size: 1.1MB

.reloc Size: 746B - Virtual size: 746B

.code
Size: 6.0MB - Virtual size: 6.0MB

.text
Size: 28KB - Virtual size: 28KB

.rdata
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

.reloc
Size: 746B - Virtual size: 746B