6bcd4fe480094c0a60d6e05155c4f49b3d399123b2828228ceb468b873801ac6

Sharing

Copy URL Twitter E-mail

General

Target

6bcd4fe480094c0a60d6e05155c4f49b3d399123b2828228ceb468b873801ac6
Size

74KB
MD5

12f055ae66899a438e643af4e229f640
SHA1

28b049d8a5f7dc44670cbcd6de74664e2f5ef736
SHA256

6bcd4fe480094c0a60d6e05155c4f49b3d399123b2828228ceb468b873801ac6
SHA512

78194425becab37fe5bbb7aab959cfc1e6c91f9d8a013b6cab1a05568d3f1c5b020f70899d46b2232bd79f4f648fcbb73b7c603cc19f5453ce62e450db2da18b
SSDEEP

768:mfdGeYrDzem6Vc+CSfKtR5jslM0G4k5NKAPGpfUCNyIr8LaWZV/6RdnSOqvhx3/:lRWvfKtR9slM0GVT9PCVr8LaWZV8NJO

Score

N/A

Malware Config

Signatures

Files

6bcd4fe480094c0a60d6e05155c4f49b3d399123b2828228ceb468b873801ac6
.exe windows x86

b988038ec89c914d709803039202c5a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmAssociateContext

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

user32

GetFocus
DefFrameProcA
PostMessageA
ScreenToClient
LoadImageA
GetDlgCtrlID
GetSysColor
SendMessageW
EqualRect
LoadIconA
DrawTextA
DefMDIChildProcA
WinHelpA
wsprintfA
DrawFrameControl
CallWindowProcA
AdjustWindowRect
FillRect
SetWindowTextA
SetWindowLongA
LoadMenuIndirectA
EndDialog
MoveWindow
GetSystemMetrics
GetWindowLongA
SetWindowTextW
GetWindowRect
CopyRect
PtInRect
SendMessageTimeoutA
GetClassNameA
DialogBoxIndirectParamA
GetWindow
DefDlgProcA
UpdateWindow
MessageBoxA
IsWindowEnabled
GetKeyState
DefWindowProcA
DrawEdge
wsprintfW
PostThreadMessageA
ShowWindow
OffsetRect
SetRect
EnableWindow
CharNextA
DrawFocusRect
BeginPaint
GetParent
CreateWindowExA
SetWindowPos
InvalidateRect
SendDlgItemMessageA
ReleaseDC
EnumWindows
GetDC
CreateDialogIndirectParamW
GetWindowTextW
IsWindowUnicode
GetWindowTextA
DestroyWindow
DialogBoxIndirectParamW
SetFocus
IsWindowVisible
SendMessageA
GetClientRect
DialogBoxParamA
CreateDialogIndirectParamA
DrawIconEx
GetCursorPos
EndPaint
GetDlgItem
DestroyIcon
CharPrevA

comdlg32

GetOpenFileNameA
GetOpenFileNameW

gdi32

EnumFontFamiliesA
SetTextColor
ExtTextOutW
SelectObject
CreatePen
DeleteObject
GetTextExtentPoint32W
GetDeviceCaps
SetBkColor
GetTextMetricsA
GetTextExtentPoint32A
SetBkMode
GetStockObject
LineTo
CreateSolidBrush
MoveToEx
CreateFontIndirectA
CreateFontA

advapi32

RegSetValueExA
GetSecurityDescriptorDacl
RegOpenKeyExA
RegDeleteKeyA
RegOpenKeyA
IsValidSid
RegEnumKeyExA
RegCloseKey
RegQueryInfoKeyA
AllocateAndInitializeSid
GetSidSubAuthorityCount
RegDeleteValueA
GetSidIdentifierAuthority
GetTokenInformation
OpenProcessToken
ConvertStringSecurityDescriptorToSecurityDescriptorA
RegQueryValueExA
RegUnLoadKeyA
GetSidSubAuthority
RegEnumKeyA
FreeSid
RegCreateKeyExA
RegEnumValueA

ole32

CoInitialize
CoUninitialize
CoDisconnectObject
OleInitialize
CoDeactivateObject
OleUninitialize

comctl32

PropertySheetA
ImageList_GetImageCount
ImageList_ReplaceIcon
ord17
ImageList_Create

oleaut32

LoadTypeLi
SysAllocString
LoadRegTypeLi

kernel32

GetCommandLineA
LoadLibraryExA
lstrlenA
WideCharToMultiByte
lstrcmpiA
lstrlenW
DeleteFileA
SetUnhandledExceptionFilter
Beep
GetCurrentThreadId
CreateFileMappingA
FindClose
RtlUnwind
GlobalLock
lstrcpyW
UnhandledExceptionFilter
LocalAlloc
GlobalFree
lstrcmpA
lstrcatW
SetLastError
LocalFree
lstrcpynA
MapViewOfFile
FreeEnvironmentStringsW
ReleaseMutex
VirtualAlloc
GetFileType
HeapReAlloc
IsBadCodePtr
GetDriveTypeA
HeapAlloc
HeapSize
GetModuleHandleA
WaitForSingleObject
FreeEnvironmentStringsA
FindNextFileA
LCMapStringA
CreateFileA
lstrcpyA
LCMapStringW
GlobalReAlloc
GlobalUnlock
CloseHandle
LoadResource
FindResourceExA
SetErrorMode
lstrcatA
WriteFile
VirtualFree
GetStdHandle
GetBinaryTypeA
GlobalAlloc
CreateThread
GetSystemDefaultLCID
HeapDestroy
GetTempFileNameA
UnmapViewOfFile
CompareStringA
HeapFree
SetHandleCount
GlobalHandle
LockResource
FindFirstFileA
GetACP
SetConsoleCtrlHandler
CreateMutexA
FreeLibrary
GetOEMCP
TlsAlloc
GetCurrentProcessId
QueryPerformanceFrequency
GetDateFormatA
GetNumberFormatA
ReplaceFileA
GlobalGetAtomNameA
lstrcpyn
lstrcmp
GlobalFindAtomW
GetShortPathNameA
GetTimeFormatA

winspool.drv

CreatePrinterIC
GetPrinterDataA
DeletePrinter
EnumJobsA
DeletePrinterDataA
EnumPrintProcessorsW
AddMonitorA
DeletePrinterDriverExA
AddPrinterConnectionW
DocumentPropertiesW
SetDefaultPrinterW
AddPrinterDriverW
SpoolerDevQueryPrintW
PerfOpen
ExtDeviceMode
EnumPrintProcessorDatatypesW
ConnectToPrinterDlg

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

CODE
Size: - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CODE
Size: - Virtual size: 259KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CODE
Size: - Virtual size: 3.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b988038ec89c914d709803039202c5a1

Headers

File Characteristics

Imports

imm32

version

user32

comdlg32

gdi32

advapi32

ole32

comctl32

oleaut32

kernel32

winspool.drv

Sections

.text Size: 45KB - Virtual size: 44KB

.idata Size: 4KB - Virtual size: 4KB

.idata Size: 6KB - Virtual size: 6KB

CODE Size: - Virtual size: 3.3MB

CODE Size: - Virtual size: 259KB

CODE Size: - Virtual size: 3.0MB

.reloc Size: 3KB - Virtual size: 4KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 45KB - Virtual size: 44KB

.idata
Size: 4KB - Virtual size: 4KB

.idata
Size: 6KB - Virtual size: 6KB

CODE
Size: - Virtual size: 3.3MB

CODE
Size: - Virtual size: 259KB

CODE
Size: - Virtual size: 3.0MB

.reloc
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 12KB - Virtual size: 12KB