b31d55495de622f8648d375be99eda2f8b9cce64d8465ab28c0a4317238e00ae

Sharing

Copy URL Twitter E-mail

General

Target

b31d55495de622f8648d375be99eda2f8b9cce64d8465ab28c0a4317238e00ae
Size

984KB
MD5

acf8a21e7beeb1365e1d4f1d142ad540
SHA1

40a3fe40d5738668e6bc4b94775f60e4b180c516
SHA256

b31d55495de622f8648d375be99eda2f8b9cce64d8465ab28c0a4317238e00ae
SHA512

f273fa0952271124e550417346565e2d4e9eb1d8aae976a54ab9816e95d1b99b2e2a53f1f3e41e8aa01825c31242f3d42895b9631bfe843d6666c77849e42f6d
SSDEEP

24576:vXIs3nPufyQ3R8lDqXS3p0x2wlJAkGtjrX/afKl3W:hniygjS3allSkAjJlG

Score

N/A

Malware Config

Signatures

Files

b31d55495de622f8648d375be99eda2f8b9cce64d8465ab28c0a4317238e00ae
.exe windows x86

47c9426f1324195a17e57edb68cd35ba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA
RegSetValueExA
RegCloseKey
RegQueryValueA
RegOpenKeyExA
RegCreateKeyExA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegCreateKeyA

gdi32

GetObjectA
DeleteDC
GetClipBox
ExtTextOutA
RestoreDC
DeleteObject
SetWindowExtEx
GetWindowExtEx
SaveDC
SetMapMode
CreateRectRgnIndirect
SetViewportExtEx
GetMapMode
GetBkColor
SetViewportOrgEx
CreateBitmap
GetViewportExtEx
ScaleViewportExtEx
RectVisible
ScaleWindowExtEx
SelectObject
GetRgnBox
GetTextColor
SetBkColor
GetDeviceCaps
SetTextColor
ExtSelectClipRgn
Escape
GetStockObject
OffsetViewportOrgEx
TextOutA
PtVisible

sensapi

IsNetworkAlive

shlwapi

PathIsUNCA
PathStripToRootA
PathFileExistsA
PathFindExtensionA
PathFindFileNameA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

comdlg32

GetFileTitleA

user32

GetMenu
DefDlgProcA
GetSystemMetrics
GetSubMenu
SetMenuItemBitmaps
CopyAcceleratorTableA
GetClassInfoExA
CopyRect
CheckMenuItem
RegisterClassA
IsIconic
SendDlgItemMessageA
GetLastActivePopup
RegisterWindowMessageA
LoadIconA
wsprintfA
MapWindowPoints
GetDlgItem
IsWindow
GetTopWindow
ClientToScreen
SystemParametersInfoA
FindWindowExA
SetActiveWindow
CallWindowProcA
PostThreadMessageA
SetCursor
IntersectRect
GetNextDlgTabItem
GetClassNameA
MapDialogRect
GetMenuCheckMarkDimensions
WinHelpA
TabbedTextOutA
OffsetRect
AdjustWindowRectEx
IsRectEmpty
GetWindowRect
GetWindow
SetWindowTextA
SetFocus
GetClassLongA
IsWindowVisible
GetParent
InvalidateRect
IsDialogMessageA
CharNextA
GetMenuItemID
MoveWindow
DestroyMenu
GetDlgCtrlID
UnhookWindowsHookEx
GetMessageA
SetRect
GetWindowTextA
RegisterClassExA
PtInRect
EndDialog
SendMessageA
LoadBitmapA
UpdateWindow
GetPropA
GetForegroundWindow
GetKeyState
CreateDialogIndirectParamA
GetCursorPos
GetDesktopWindow
RemovePropA
GetFocus
ValidateRect
EnableMenuItem
ModifyMenuA
SetCapture
IsWindowEnabled
GetWindowLongA
GetDC
CreateWindowExA
EndPaint
GetMenuItemCount
GetWindowPlacement
ReleaseDC
PeekMessageA
CharUpperA
DispatchMessageA
EnableWindow
IsChild
EqualRect
GetMessagePos
GetSysColor
ReleaseCapture
InvalidateRgn
DestroyWindow
GetNextDlgGroupItem
DrawTextExA
ShowWindow
UnregisterClassA
LoadCursorA
CallNextHookEx
GetCapture
GetClientRect
DrawTextA
GetSysColorBrush
PostQuitMessage
DefWindowProcA
TranslateMessage
PostMessageA
GetWindowThreadProcessId
GrayStringA
SetForegroundWindow
GetActiveWindow
GetClassInfoA
BeginPaint
MessageBeep
MessageBoxA
RegisterClipboardFormatA
SetWindowPos
GetMenuState
GetWindowDC
SetPropA
GetMessageTime
SetWindowContextHelpId
SetWindowsHookExA
SetWindowLongA

tapi32

lineSetAgentActivity
lineAccept

ole32

CoFreeUnusedLibraries
CoTaskMemAlloc
CoRevokeClassObject
CoCreateInstance
CLSIDFromProgID
StgCreateDocfileOnILockBytes
OleFlushClipboard
OleInitialize
OleUninitialize
CoGetClassObject
CLSIDFromString
CoRegisterMessageFilter
OleIsCurrentClipboard
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree

kernel32

GetOEMCP
RtlUnwind
GetCPInfo
GetUserDefaultLCID
TlsFree
GetLocaleInfoW
ExpandEnvironmentStringsW
GetModuleFileNameW
GetThreadSelectorEntry
TlsAlloc
LoadLibraryA
GetCurrentThreadId
GetEnvironmentStringsW
GetFileAttributesA
lstrcmpW
GetModuleFileNameA
GetCurrentProcess
GetStartupInfoA
ExitProcess
WriteConsoleA
GetVersionExA
FileTimeToLocalFileTime
LockFile
SetEnvironmentVariableA
GetModuleHandleA
WritePrivateProfileStringA
EnumSystemLocalesA
SizeofResource
FreeEnvironmentStringsA
MultiByteToWideChar
LeaveCriticalSection
IsDebuggerPresent
GetFileAttributesW
SetHandleCount
GetTickCount
FormatMessageA
LCMapStringA
HeapFree
GetStdHandle
VirtualProtect
DeleteCriticalSection
ReadFile
FindResourceA
RaiseException
GetLocaleInfoA
GetConsoleCP
TlsSetValue
WriteConsoleW
CreateMutexA
GetConsoleOutputCP
GetSystemTimeAsFileTime
ConvertDefaultLocale
TlsGetValue
lstrcmpA
LCMapStringW
GlobalFindAtomA
QueryPerformanceCounter
UnhandledExceptionFilter
GetFileType
TerminateProcess
GetProcessHeap
GetStringTypeA
CompareStringA
InterlockedIncrement
GetConsoleMode
GlobalAddAtomA
GlobalAlloc
InterlockedExchange
LocalAlloc
CreateProcessA
LockResource
HeapCreate
GetThreadLocale
SetFilePointer
GetACP
HeapDestroy
IsValidCodePage
GetUserDefaultUILanguage
UnlockFile
SetLastError
GetStringTypeW
GetFileTime
VirtualQuery
GetTimeZoneInformation
DuplicateHandle
CompareStringW
GetCurrentThread
FlushFileBuffers
EnumResourceLanguagesA
lstrlenA
WideCharToMultiByte
FindFirstFileA
GetFullPathNameA
LocalReAlloc
GlobalFlags
HeapSize
FreeResource
FreeLibrary
CreateFileA
InitializeCriticalSection
GetSystemInfo
ReleaseMutex
GlobalReAlloc
GetEnvironmentStrings
GlobalGetAtomNameA
Sleep
FreeEnvironmentStringsW
VirtualAlloc
MulDiv
EnterCriticalSection
GlobalHandle
GetCommandLineA
SetStdHandle
GetLastError
HeapAlloc
LocalFree
FileTimeToSystemTime
SetUnhandledExceptionFilter
GlobalFree
GlobalLock
GetVolumeInformationA
SetCurrentDirectoryA
GetCurrentProcessId
GetFileSize
GetProcAddress
InterlockedDecrement
HeapReAlloc
CloseHandle
LoadResource
GlobalUnlock
lstrlenW
IsValidLocale
SetErrorMode
SetEndOfFile
GlobalDeleteAtom
VirtualFree
WaitForSingleObject
FindClose
WriteFile
GetVersion

shell32

ShellExecuteW
ShellExecuteA

Sections

.text
Size: 623KB - Virtual size: 623KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 319KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

47c9426f1324195a17e57edb68cd35ba

Headers

File Characteristics

Imports

advapi32

gdi32

sensapi

shlwapi

winspool.drv

comdlg32

user32

tapi32

ole32

kernel32

shell32

Sections

.text Size: 623KB - Virtual size: 623KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 319KB - Virtual size: 3.6MB

.rsrc Size: 32KB - Virtual size: 52KB

.text
Size: 623KB - Virtual size: 623KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 319KB - Virtual size: 3.6MB

.rsrc
Size: 32KB - Virtual size: 52KB