a5cf30035e38200de1c40ff5de5a44c5c309b1abd728fafb36b23b442da6f7df

Sharing

Copy URL Twitter E-mail

General

Target

a5cf30035e38200de1c40ff5de5a44c5c309b1abd728fafb36b23b442da6f7df
Size

176KB
MD5

a8a8c4adc7dae6138a4fdecb04111151
SHA1

6cedb058ee91d672f941997800a01ee896657b6b
SHA256

a5cf30035e38200de1c40ff5de5a44c5c309b1abd728fafb36b23b442da6f7df
SHA512

eaf1578daa75382f01c7003f6d515ca4295ded89df8e1c22b4bb12b3f6826a4a85fa0ccd004a755733742a04c3e25ee0ccfdee080f4e36d97e21655082eb3945
SSDEEP

3072:K/nAUvG6oorNI5LzmHeEXEasKVm2Y4iCAQqLtxT8qP7TuG:K/nA0S5LiHeusKV/EN/TTu

Score

N/A

Malware Config

Signatures

Files

a5cf30035e38200de1c40ff5de5a44c5c309b1abd728fafb36b23b442da6f7df
.exe windows x86

ac94e229273567c0b64c6cc038599f12

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoW
GlobalLock
GetWindowsDirectoryW
GetSystemTime
QueryPerformanceCounter
GetLocalTime
MoveFileExW
CreateFileW
GetModuleHandleW
GetDateFormatW
LoadResource
SetSystemPowerState
FindNextFileW
GetCommandLineW
FindClose
FindFirstFileW
GetProfileStringW
VirtualProtect
lstrlenW
MulDiv
LCMapStringA
GetStringTypeW
GetStringTypeA
LoadLibraryA
GetProcAddress
HeapReAlloc
VirtualAlloc
GetModuleFileNameA
WriteFile
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GlobalAlloc
QueryPerformanceFrequency
GlobalFree
OpenProcess
GetVersionExW
IsBadReadPtr
GetCommandLineA
LCMapStringW
GetEnvironmentStrings
GetEnvironmentStringsW
FreeEnvironmentStringsW
MultiByteToWideChar
FreeEnvironmentStringsA
GetModuleFileNameW
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
HeapAlloc
ExitProcess
GetVersion
WideCharToMultiByte

user32

AppendMenuW
TrackPopupMenu
GetFocus
RegisterClassExW
SetFocus
ScrollWindow
GetWindowTextW
GetMenuItemInfoW
CreateDialogIndirectParamW
GetSystemMenu
KillTimer
GetDlgCtrlID
GetMessageTime
DrawTextW
CallWindowProcW
GetWindowLongW
GetCursorPos
GetClassInfoExW

gdi32

CreateRectRgn
GetPixel
PtVisible
CreateFontW
GetStockObject
SelectClipRgn

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

wininet

HttpOpenRequestW
InternetSetOptionW
HttpQueryInfoW
HttpSendRequestW
InternetCloseHandle
InternetConnectW
InternetCrackUrlW
InternetOpenW
InternetQueryDataAvailable
InternetQueryOptionW
InternetReadFile
HttpSendRequestExW
InternetAttemptConnect
HttpEndRequestW
InternetWriteFile
HttpAddRequestHeadersW

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ac94e229273567c0b64c6cc038599f12

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

wininet

Sections

.text Size: 60KB - Virtual size: 56KB

.rdata Size: 64KB - Virtual size: 62KB

.data Size: 44KB - Virtual size: 122KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 56KB

.rdata
Size: 64KB - Virtual size: 62KB

.data
Size: 44KB - Virtual size: 122KB

.rsrc
Size: 4KB - Virtual size: 2KB