5b6c01b242636bf6e312d78295a998b6da8ac8b7d5a23b2eb368c4aa374cd144

Sharing

Copy URL Twitter E-mail

General

Target

5b6c01b242636bf6e312d78295a998b6da8ac8b7d5a23b2eb368c4aa374cd144
Size

604KB
MD5

f8933efbc8bff66ec1ce9d21d91515f4
SHA1

671888dc272b42493c4be2577c5dc7e9dec83b33
SHA256

5b6c01b242636bf6e312d78295a998b6da8ac8b7d5a23b2eb368c4aa374cd144
SHA512

c4c604a19e5a8b0942f2542a37544badfacbd9e2760c0af1ec86a1faa9a379ec5531e4a4552933cec4547ef89022a1b083e4ac8c366157f438dedf04682eb077
SSDEEP

6144:i7YoTtCYOa9WTu0+v3Nb87V5oVWTJbIBbboV7U2R4kCW7fudZSFHSJ5uK/eSTawz:ibAJaLFbSYxAhq2AIFhBSTawdruDAMFm

Score

N/A

Malware Config

Signatures

Files

5b6c01b242636bf6e312d78295a998b6da8ac8b7d5a23b2eb368c4aa374cd144
.exe windows x86

930754e4d6ad673167d128e2aabbde96

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsW

kernel32

GlobalFree
GlobalUnlock
GlobalHandle
GlobalLock
GlobalReAlloc
GlobalAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GetVersion
GetCurrentThreadId
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
lstrcatW
GetModuleHandleA
GetProcessVersion
lstrcmpiW
lstrcmpW
GlobalFlags
GetCurrentDirectoryW
FlushFileBuffers
SetEndOfFile
GetFullPathNameW
RtlUnwind
RaiseException
ExitProcess
TlsAlloc
GetStartupInfoA
GetCommandLineA
HeapAlloc
HeapFree
GetTimeZoneInformation
HeapSize
HeapReAlloc
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
GetCPInfo
SetStdHandle
CreateFileA
GetACP
GetOEMCP
GetDriveTypeA
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
SetEnvironmentVariableA
LocalAlloc
FileTimeToLocalFileTime
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrcpyW
SetLastError
lstrlenA
InterlockedDecrement
InterlockedIncrement
FindFirstFileW
FindNextFileW
FindClose
WideCharToMultiByte
UnmapViewOfFile
DuplicateHandle
CreateFileMappingW
MapViewOfFile
GetFileType
GetFileInformationByHandle
GetLocalTime
SystemTimeToFileTime
FileTimeToDosDateTime
FileTimeToSystemTime
WinExec
CreateMutexW
ReleaseMutex
CreateThread
GetCurrentProcessId
OutputDebugStringW
LoadLibraryA
lstrlenW
GetEnvironmentVariableW
GetShortPathNameW
GetCurrentProcess
SetPriorityClass
ResumeThread
GetModuleHandleW
EnumResourceNamesW
FindResourceW
LoadResource
SizeofResource
LockResource
FreeLibrary
BeginUpdateResourceW
UpdateResourceW
EndUpdateResourceW
GetSystemTime
SetFilePointer
LoadLibraryW
GetProcAddress
MultiByteToWideChar
ExpandEnvironmentStringsW
CreateProcessW
WaitForSingleObject
GetModuleFileNameW
GetModuleFileNameA
GetDiskFreeSpaceExW
GetTickCount
Sleep
GetDriveTypeW
GetVolumeInformationW
SetFileAttributesW
GetFileAttributesW
CopyFileW
lstrcpynW
CreateDirectoryW
DeleteFileW
GetLastError
RemoveDirectoryW
FormatMessageW
LocalFree
CreateFileW
GetFileSize
ReadFile
CloseHandle
WriteFile
TerminateProcess

user32

GetClientRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
PostMessageW
SetWindowTextW
GetSysColorBrush
ReleaseDC
GetDC
GetClassNameW
PtInRect
ClientToScreen
DestroyMenu
TabbedTextOutW
DrawTextW
GrayStringW
CopyRect
GetTopWindow
GetCapture
WinHelpW
GetClassInfoW
RegisterClassW
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextW
GetDlgCtrlID
DestroyWindow
SetPropW
GetPropW
CallWindowProcW
RemovePropW
GetMessageTime
GetMessagePos
SetForegroundWindow
GetWindow
SetWindowLongW
SetWindowPos
RegisterWindowMessageW
SystemParametersInfoW
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetMenuCheckMarkDimensions
LoadBitmapW
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetKeyState
CallNextHookEx
PeekMessageW
SetWindowsHookExW
GetParent
GetLastActivePopup
IsWindowEnabled
SendMessageW
EnableWindow
UnhookWindowsHookEx
PostQuitMessage
DefWindowProcW
GetForegroundWindow
GetWindowTextA
GetAsyncKeyState
CreateWindowExW
UpdateWindow
LoadIconW
LoadCursorW
RegisterClassExW
LoadStringW
LoadAcceleratorsW
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
wvsprintfW
wsprintfW
MessageBoxW
GetWindowLongW

gdi32

ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
SetViewportExtEx
SetViewportOrgEx
PtVisible
RectVisible
TextOutW
ExtTextOutW
DeleteObject
Escape
OffsetViewportOrgEx
GetDeviceCaps
GetObjectW
SetBkColor
SetTextColor
SetMapMode
GetStockObject
SelectObject
RestoreDC
SaveDC
CreateBitmap
GetClipBox
DeleteDC

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegSetValueExW
RegCreateKeyExW
RegCreateKeyA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shell32

ShellExecuteW
SHGetSpecialFolderLocation
SHGetPathFromIDListW

comctl32

ord17

ole32

CoCreateInstance
CoInitialize
CoTaskMemFree

Sections

.text
Size: 112KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

930754e4d6ad673167d128e2aabbde96

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

ole32

Sections

.text Size: 112KB - Virtual size: 110KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 16KB - Virtual size: 33KB

.rsrc Size: 140KB - Virtual size: 137KB

.text
Size: 112KB - Virtual size: 110KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 16KB - Virtual size: 33KB

.rsrc
Size: 140KB - Virtual size: 137KB