f3116796af1f158368ec88bf1a1c8cd9877a5eb0a0ca812a8cd3a6cef3fc7139

Sharing

Copy URL Twitter E-mail

General

Target

f3116796af1f158368ec88bf1a1c8cd9877a5eb0a0ca812a8cd3a6cef3fc7139
Size

284KB
MD5

466be08bad640e4abacf12a31d0c7cd0
SHA1

b72dcb8cb39bf631cd728f66dede34815edbcc5b
SHA256

f3116796af1f158368ec88bf1a1c8cd9877a5eb0a0ca812a8cd3a6cef3fc7139
SHA512

358752b9331b3447d2bbc39d5f133ec0275b3ac52f18f6f6e988b2f054285b8dd9eb531ef646773c84ba6691756f0ae12b949b1144eef916f051290c05425336
SSDEEP

6144:tpHJwZwBqA0kef6upNy33cAkRloMG+us:t1+ZChW5nKqRloMM

Score

N/A

Malware Config

Signatures

Files

f3116796af1f158368ec88bf1a1c8cd9877a5eb0a0ca812a8cd3a6cef3fc7139
.exe windows x86

b3d47d53a7276257e174fbcf6caa958b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalAlloc
DuplicateHandle
GetEnvironmentStringsW
SearchPathA
GetProcAddress
FlushFileBuffers
SetLastError
CreateMailslotA

user32

CheckDlgButton
CreateDialogParamA
CharLowerW
CopyImage
GetMenuItemInfoW
CharUpperA
GetActiveWindow
SetDlgItemTextW
DeleteMenu
ClientToScreen
UpdateLayeredWindow
DefWindowProcW
InsertMenuItemW
InvalidateRgn
LoadBitmapW
CharPrevA
MonitorFromWindow
GetDC
OffsetRect
GetDlgItem
RegisterWindowMessageW
BringWindowToTop
CheckMenuRadioItem
CheckMenuItem
DrawTextA
RegisterClassA
CharUpperW
CreateWindowExW
LoadIconA
AnimateWindow
IsIconic
EnumDesktopWindows
SetWindowPos
CharNextW
EnumClipboardFormats
CharLowerA
CreateCaret
DialogBoxParamW
SetMenu
SetCapture
CopyIcon
GetCursorPos
GetWindowLongW
ArrangeIconicWindows
MessageBoxW
IsDlgButtonChecked
UpdateWindow
CharNextA
IsMenu
DefFrameProcA

gdi32

GetGraphicsMode
GetEnhMetaFilePaletteEntries
PolyDraw
GetEnhMetaFileBits
Pie
GetKerningPairsA
GetMetaFileW
ArcTo
GetMetaFileBitsEx
GetCharABCWidthsA

advapi32

RegCreateKeyExA
RegQueryValueW
RegEnumValueA
RegOpenKeyExW
RegDeleteValueW
RegReplaceKeyA
RegReplaceKeyW

shell32

ExtractIconExA
SHGetDesktopFolder
StrRStrIW
SHCreateDirectoryExA
StrCmpNIW
SHGetDataFromIDListA
StrRStrIA
StrCmpNW

opengl32

glLightiv
glColor3sv
glMultMatrixf
wglUseFontOutlinesA
glPopAttrib
glTexCoord2sv
GlmfBeginGlsBlock
glScalef
glColor4i

ws2_32

recvfrom
inet_ntoa
WSADuplicateSocketA
getservbyport
getservbyname

winspool.drv

DeletePrinter
OpenPrinterA

wsock32

GetAddressByNameW
ntohl
SetServiceW
getservbyname
socket
GetNameByTypeW
WSAAsyncGetServByPort
AcceptEx
select
WSAAsyncGetServByName
WSAStartup

crypt32

CertFindSubjectInSortedCTL
CertFindChainInStore
CryptGetAsyncParam
CertSerializeCRLStoreElement
I_CryptSetTls
CryptEncodeObject
CryptMsgDuplicate
RegSetValueExU
CryptFreeOIDFunctionAddress
CertDeleteCRLFromStore
I_CryptReleaseLruEntry
CryptSIPRetrieveSubjectGuid
CryptHashToBeSigned
CryptHashMessage
CertDuplicateCertificateContext

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.URMkF
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zJXOMC
Size: 1024B - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xGw
Size: 2KB - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Q
Size: 4KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Pu
Size: 1KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.FU
Size: 1024B - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UPSD
Size: 2KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.agwcuf
Size: 1024B - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lj
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.yhy
Size: 1KB - Virtual size: 255KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 229KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b3d47d53a7276257e174fbcf6caa958b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

opengl32

ws2_32

winspool.drv

wsock32

crypt32

Sections

.text Size: 13KB - Virtual size: 12KB

.URMkF Size: 512B - Virtual size: 4KB

.zJXOMC Size: 1024B - Virtual size: 21KB

.xGw Size: 2KB - Virtual size: 572B

.Q Size: 4KB - Virtual size: 19KB

.Pu Size: 1KB - Virtual size: 16KB

.FU Size: 1024B - Virtual size: 35KB

.UPSD Size: 2KB - Virtual size: 38KB

.agwcuf Size: 1024B - Virtual size: 24KB

.data Size: 16KB - Virtual size: 16KB

.lj Size: 1KB - Virtual size: 4KB

.yhy Size: 1KB - Virtual size: 255KB

.rsrc Size: 229KB - Virtual size: 229KB

.text
Size: 13KB - Virtual size: 12KB

.URMkF
Size: 512B - Virtual size: 4KB

.zJXOMC
Size: 1024B - Virtual size: 21KB

.xGw
Size: 2KB - Virtual size: 572B

.Q
Size: 4KB - Virtual size: 19KB

.Pu
Size: 1KB - Virtual size: 16KB

.FU
Size: 1024B - Virtual size: 35KB

.UPSD
Size: 2KB - Virtual size: 38KB

.agwcuf
Size: 1024B - Virtual size: 24KB

.data
Size: 16KB - Virtual size: 16KB

.lj
Size: 1KB - Virtual size: 4KB

.yhy
Size: 1KB - Virtual size: 255KB

.rsrc
Size: 229KB - Virtual size: 229KB