96d51528556a91966d0ad9bef4e002d5d6bde87e300244e59a72de5fc4545ce9

Sharing

Copy URL Twitter E-mail

General

Target

96d51528556a91966d0ad9bef4e002d5d6bde87e300244e59a72de5fc4545ce9
Size

736KB
MD5

3202f878c6b070ef465e910ff4798680
SHA1

4cee4c86a6d14eb93ff2f1c13de09a481fc0a4cc
SHA256

96d51528556a91966d0ad9bef4e002d5d6bde87e300244e59a72de5fc4545ce9
SHA512

66aa5af03e4d20358d4edca9bb7767a8b1fec77237537c878e1e297f30beefe0ffe691716ba2f241c6352808b148957c32dc75fd91c743a5e1f68184b1f5bcfe
SSDEEP

12288:wLMMVeH8ef1w7Ti/N60glmpSVu/w2LGMc6c1nuMBWW8eS:wLMUy1w7TJB2g//7nT

Score

N/A

Malware Config

Signatures

Files

96d51528556a91966d0ad9bef4e002d5d6bde87e300244e59a72de5fc4545ce9
.exe windows x86

3e3f0a552d98f1e49b0f26b16ac6e40e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

comctl32

CreatePropertySheetPageW
ImageList_SetOverlayImage
ImageList_GetImageInfo
ImageList_GetBkColor
CreatePropertySheetPageA
ImageList_GetImageCount
CreateToolbarEx
ImageList_DragShowNolock
ImageList_DragLeave
ImageList_GetIconSize
ImageList_SetBkColor
PropertySheetW
ImageList_LoadImageW
ImageList_Destroy
ImageList_Write
ImageList_LoadImageA
ImageList_DrawIndirect
ImageList_Remove
ImageList_DrawEx
ImageList_SetDragCursorImage

msvcrt

wcscspn
_time64
__p__commode
_winminor
isdigit
memmove
_filelengthi64
setlocale
_ecvt
fopen
_ismbblead
_mktemp
_i64tow
??_V@YAXPAX@Z
setvbuf
_CItanh
_wgetcwd
_ismbstrail
ldiv
acos
_rmdir
__set_app_type
longjmp
??0exception@@QAE@XZ

kernel32

BackupRead
FormatMessageW
CreateJobObjectW
MoveFileWithProgressA
HeapCreate
QueryPerformanceCounter
GetComputerNameA
OpenMutexA
GetConsoleCursorInfo
WriteConsoleW
GetComputerNameExW
GetCompressedFileSizeA
GetComputerNameExA
FindNextFileW
GetModuleHandleW
AreFileApisANSI
GetCurrencyFormatA
IsProcessorFeaturePresent
VirtualAlloc
EnumResourceNamesW
GetSystemTime
SignalObjectAndWait
DeleteFileA
SetConsoleCP
GetStartupInfoA
Sleep
GetComputerNameW
WaitForSingleObjectEx
FindFirstFileExW
SetConsoleScreenBufferSize
CopyFileW
SetUnhandledExceptionFilter
WritePrivateProfileStructW
CommConfigDialogW
GetCurrentThreadId
Module32NextW
ReplaceFileA
CopyFileA

advapi32

SetNamedSecurityInfoW
LsaRetrievePrivateData
AccessCheckByType
SystemFunction031
RegRestoreKeyA
RegCreateKeyExW
SetTokenInformation
GetTraceEnableFlags
GetSecurityInfo
InitializeSecurityDescriptor
TraceMessage
ReportEventA
CreateRestrictedToken
AreAllAccessesGranted
GetKernelObjectSecurity
CryptDeriveKey
DuplicateTokenEx
ImpersonateSelf
DeleteService
RevertToSelf
GetServiceDisplayNameA
CreateProcessAsUserA
SetSecurityInfo
LookupAccountSidA
FreeSid
RegQueryValueExA
SetFileSecurityW
CryptVerifySignatureW
SetServiceStatus
StartTraceW
SystemFunction029
CryptEnumProvidersA
SystemFunction012
AbortSystemShutdownA
CommandLineFromMsiDescriptor

winspool.drv

GetJobW
DeletePrinter
GetPrinterDriverA
EnumPortsW
DeletePrinterDataW
EnumPrintersA
SetFormW
AddFormW
DeletePrinterDataExW
EnumPrintProcessorDatatypesW
GetPrintProcessorDirectoryA
SetPrinterDataExW
AddMonitorA
FindClosePrinterChangeNotification
ClosePrinter
StartPagePrinter
EndDocPrinter
EnumPrinterDataW
EnumPortsA
GetJobA
WritePrinter
AddPrintProcessorW
GetPrintProcessorDirectoryW
GetPrinterDriverDirectoryW
SetPrinterDataW

crypt32

CryptVerifyCertificateSignature

Sections

.text
Size: 25KB - Virtual size: 413KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

CRT
Size: 550KB - Virtual size: 938KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 226B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3e3f0a552d98f1e49b0f26b16ac6e40e

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

msvcrt

kernel32

advapi32

winspool.drv

crypt32

Sections

.text Size: 25KB - Virtual size: 413KB

CRT Size: 550KB - Virtual size: 938KB

.rsrc Size: 159KB - Virtual size: 159KB

.reloc Size: 512B - Virtual size: 226B

.text
Size: 25KB - Virtual size: 413KB

CRT
Size: 550KB - Virtual size: 938KB

.rsrc
Size: 159KB - Virtual size: 159KB

.reloc
Size: 512B - Virtual size: 226B