b844370afac1747d97fdac4d0abe3ef3c71a878e706e73aa3f4f58d76ee3e4b1

Sharing

Copy URL Twitter E-mail

General

Target

b844370afac1747d97fdac4d0abe3ef3c71a878e706e73aa3f4f58d76ee3e4b1
Size

198KB
MD5

6484b2cd96cd6d842edcad347802289d
SHA1

0ce4cd90f158ec7cb61e77be071ad148f483ff35
SHA256

b844370afac1747d97fdac4d0abe3ef3c71a878e706e73aa3f4f58d76ee3e4b1
SHA512

ca768609d7a18e75cb3362c28e457278e9f676fdd1566601003040b4dee647f87185b8d67b7466766ecfa4a01b68ea1bc514eed20a04ab23c6700f65f6f1fbd9
SSDEEP

6144:U2c+mfxZan/QI/Gy4ERpUlGMJ+6KnpQbv9MLajU:Ud++yn/n/GydplV6aAv9a

Score

N/A

Malware Config

Signatures

Files

b844370afac1747d97fdac4d0abe3ef3c71a878e706e73aa3f4f58d76ee3e4b1
.exe windows x86

079b7bbb7bf585350820aa27c97f4883

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
FatalAppExitW
InitializeCriticalSection
GetExitCodeThread
CreateMailslotW
GetModuleHandleA
QueryPerformanceFrequency
GetCalendarInfoA
FreeResource
LocalAlloc
EnumTimeFormatsA
IsBadCodePtr
MultiByteToWideChar
CopyFileExW
GetProcAddress
GetShortPathNameA
IsBadReadPtr
GetLastError
SetPriorityClass
GetFileTime
CreateNamedPipeW
DeleteAtom
SetEvent
GetLogicalDrives
FreeLibrary
MulDiv
GetVolumeInformationW
GetFileSize
SuspendThread
GetFileAttributesA
GetModuleFileNameW
GetEnvironmentStringsW
WaitForMultipleObjects
GetSystemInfo
MoveFileA
RemoveDirectoryA
CreateDirectoryW
OpenEventW
GetCurrentDirectoryA
FindResourceA
GetCPInfo
GetTimeFormatW

user32

GetDlgItemTextW
IsWindowEnabled
CharPrevW
GetWindowTextW
FrameRect
LoadMenuW
LoadBitmapW
GetDC
GetClassInfoW
CreateDialogIndirectParamW
FindWindowA
GetActiveWindow
SetActiveWindow
AnimateWindow
SetFocus
SetCursorPos
CharPrevA
CreateAcceleratorTableA
DrawTextA
LoadMenuA

gdi32

OffsetViewportOrgEx
CreateScalableFontResourceW
CreateEllipticRgn
CopyEnhMetaFileW
FixBrushOrgEx
EnumFontFamiliesExA
Chord
DeleteDC
GetDIBits
EnumICMProfilesA
CreateRectRgn
TranslateCharsetInfo
SetPixelFormat
EqualRgn
GetCharABCWidthsW
GetLogColorSpaceA

advapi32

RegOpenKeyExA
RegQueryInfoKeyW
RegCreateKeyW
RegReplaceKeyW

winspool.drv

EnumFormsW
AddPortExW
ADVANCEDSETUPDIALOG
SetPrinterDataExA
SetFormW
SetJobW

inetcomm

MimeOleCreateMessage
EssSecurityLabelDecodeEx
MimeOleGenerateMID
CreateRASTransport
HrFreeAttachData
MimeEditGetBackgroundImageUrl
MimeOleGetExtContentType

wsock32

WSACancelAsyncRequest
ntohs
NPLoadNameSpaces
rresvport
sendto
WSAStartup
WSAAsyncSelect
select

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rWsIQ
Size: 1KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kX
Size: 1024B - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.e
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ovi
Size: 512B - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qJnU
Size: 3KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.DfLMD
Size: 1KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nQqC
Size: 2KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tfwr
Size: 512B - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.p
Size: 1024B - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 163KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 940B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

079b7bbb7bf585350820aa27c97f4883

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

winspool.drv

inetcomm

wsock32

Sections

.text Size: 11KB - Virtual size: 11KB

.rWsIQ Size: 1KB - Virtual size: 18KB

.kX Size: 1024B - Virtual size: 44KB

.e Size: 512B - Virtual size: 12KB

.ovi Size: 512B - Virtual size: 14KB

.qJnU Size: 3KB - Virtual size: 26KB

.DfLMD Size: 1KB - Virtual size: 9KB

.data Size: 10KB - Virtual size: 10KB

.nQqC Size: 2KB - Virtual size: 17KB

.tfwr Size: 512B - Virtual size: 49KB

.p Size: 1024B - Virtual size: 173KB

.rsrc Size: 163KB - Virtual size: 162KB

.reloc Size: 1024B - Virtual size: 940B

.text
Size: 11KB - Virtual size: 11KB

.rWsIQ
Size: 1KB - Virtual size: 18KB

.kX
Size: 1024B - Virtual size: 44KB

.e
Size: 512B - Virtual size: 12KB

.ovi
Size: 512B - Virtual size: 14KB

.qJnU
Size: 3KB - Virtual size: 26KB

.DfLMD
Size: 1KB - Virtual size: 9KB

.data
Size: 10KB - Virtual size: 10KB

.nQqC
Size: 2KB - Virtual size: 17KB

.tfwr
Size: 512B - Virtual size: 49KB

.p
Size: 1024B - Virtual size: 173KB

.rsrc
Size: 163KB - Virtual size: 162KB

.reloc
Size: 1024B - Virtual size: 940B