c53ea7b4fda294ae11b8ec5abec5dc7495c127bbeab68a37f4da5f8335309618

Sharing

Copy URL Twitter E-mail

General

Target

c53ea7b4fda294ae11b8ec5abec5dc7495c127bbeab68a37f4da5f8335309618
Size

1.2MB
MD5

e4c05f526d65a558d96fb0dfcf3a2700
SHA1

9b88c0b027ae250517816b97ae56524c6da3551a
SHA256

c53ea7b4fda294ae11b8ec5abec5dc7495c127bbeab68a37f4da5f8335309618
SHA512

846d28183dab7ca7b7556f5ae75756ddb65af4fe8bacb0274ccd04ace56e2e942ab0d7345d22b7d9add1d18fec31ef4413743a54f827ce95eaf1cce6722750b3
SSDEEP

6144:VkGURHFbT84/6wYvvHet4bJTKMUtD1YhNBITHdsErxb1FAgIglw47:CGsFF/6/v9Kt2hNBgsExb1ytH4

Score

N/A

Malware Config

Signatures

Files

c53ea7b4fda294ae11b8ec5abec5dc7495c127bbeab68a37f4da5f8335309618
.exe windows x86

470e4ccede1261937c83f3c8263bb317

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetStringTypeW
GetStringTypeA
GetConsoleMode
GetConsoleCP
SetFilePointer
GetLocaleInfoA
HeapReAlloc
VirtualAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GlobalAlloc
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapSize
InitializeCriticalSection
LoadLibraryA
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetModuleFileNameA
GetStdHandle
InterlockedDecrement
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoW
GetProcessHeap
HeapAlloc
GetVersionExA
HeapFree
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RaiseException
ExitProcess
GetModuleHandleA
RtlUnwind
CreateEventW
ResumeThread
ResetEvent
SetEvent
GetExitCodeThread
ReadFile
LCMapStringW
WriteFile
FormatMessageW
GlobalSize
GlobalLock
CreateFileW
GetFileSize
SetThreadExecutionState
MultiByteToWideChar
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
GlobalFree
lstrcpynW
lstrcatW
CreateMutexW
GetLastError
WaitForSingleObject
GetLocaleInfoW
GetProcAddress
GetCurrentProcess
GetVersionExW
GetModuleFileNameW
GetSystemDefaultLangID
lstrcpynA
GlobalUnlock
lstrcpyA
lstrlenA
GetTickCount
GetModuleHandleW
lstrlenW
SetErrorMode
Sleep
GetTempPathW
GetDiskFreeSpaceExW
ReleaseMutex
CloseHandle
CreateThread
LoadLibraryW
lstrcmpW
lstrcpyW
FreeLibrary
lstrcmpiW
GetCurrentThreadId
LCMapStringA

user32

MessageBoxW
IsWindowEnabled
GetForegroundWindow
SetForegroundWindow
IsWindowVisible
GetDesktopWindow
CharLowerW
CloseClipboard
GetClipboardData
OpenClipboard
SetCursor
GetCursorPos
DestroyMenu
SetCursorPos
IsClipboardFormatAvailable
GetWindow
BringWindowToTop
GetWindowThreadProcessId
GetFocus
MonitorFromWindow
GetMonitorInfoW
AttachThreadInput
LoadCursorW
CallNextHookEx
GetClassNameW
IsWindow
LoadStringW
SetWindowsHookExW
TrackPopupMenu
InsertMenuItemW
CreatePopupMenu
DrawMenuBar
DeleteMenu
GetSystemMenu
FindWindowW
DispatchMessageW
TranslateMessage
GetMessageW
GetSystemMetrics
EnableWindow
SetProcessDefaultLayout
LoadImageW
ReleaseDC
GetDC
PostMessageW
GetDlgItemTextW
LoadIconW
RegisterClassExW
GetClientRect
WindowFromPoint
GetWindowRect
DestroyWindow
CopyRect
MoveWindow
DrawTextW
CreateWindowExW
PtInRect
SendMessageW
ReleaseCapture
DefWindowProcW
SetTimer
SetFocus
GetCapture
KillTimer
TrackMouseEvent
SetCapture
ScreenToClient
EndPaint
OffsetRect
SetRect
BeginPaint
GetPropW
EnumWindows
ShowWindow
MapWindowPoints
FillRect
PeekMessageW
EnumChildWindows
SystemParametersInfoW
GetDlgItemTextA
InvalidateRect
UpdateWindow
SetDlgItemTextW
DrawIcon
GetParent
GetDlgItemInt
wsprintfW
SetDlgItemInt
SetWindowTextW
DialogBoxParamW
EndDialog
IsIconic
RedrawWindow
AdjustWindowRect
GetDlgItem
GetWindowLongW
PostQuitMessage
SetPropW
SetWindowLongW
RemovePropW
CallWindowProcW

gdi32

GetMapMode
SetMapMode
SetBkColor
SetStretchBltMode
StretchBlt
CreateFontW
SetBkMode
GetStockObject
GetDeviceCaps
CreateFontIndirectW
SetTextColor
GetPixel
SetLayout
CreateCompatibleDC
GetObjectW
DPtoLP
CreateCompatibleBitmap
BitBlt
DeleteObject
DeleteDC
CreateDIBSection
StretchDIBits
RestoreDC
SaveDC
SetICMMode
AbortDoc
EndPage
StartDocW
StartPage
EndDoc
SetAbortProc
GetLayout
CreateSolidBrush
SetDIBits
SelectObject
CreateBitmap
GetDIBits

winspool.drv

GetJobW
ord203

advapi32

RegCreateKeyExW
RegDeleteValueW
RegDeleteKeyW
RegSetValueExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegEnumValueW
RegEnumKeyExW

comctl32

ord17

shlwapi

SHDeleteEmptyKeyW
StrStrIW
PathFindFileNameW
PathFindExtensionW

imm32

ImmAssociateContext
ImmGetConversionStatus
ImmGetOpenStatus
ImmGetContext
ImmSetConversionStatus
ImmSetOpenStatus
ImmReleaseContext

mpnfimp

?RestoreEncryptionPDF@CFileImporter@@QAEHPB_W@Z
??0CFileImporter@@QAE@XZ
?GetTypeEncryptionPDF@CFileImporter@@QAEHPB_WPAUtagMPN_CRYPT_INFO@@@Z
?GetLargeImage@CFileImporter@@QAEJPAUMPN_FILEINFO@@H@Z
??1CFileImporter@@QAE@XZ
?CnvAdobeRGBToSRGB@CFileImporter@@QAEHPAUtagBITMAPINFOHEADER@@PAEPA_W@Z

ltkrn15u

ord25
ord67

ltfil15u

ord71

cnpapgmg

ord5
ord16
ord8
ord9
ord3
ord7
ord2

msimg32

TransparentBlt

mpnprint

ord34
ord24
ord22
ord15
ord32
ord3
ord1
ord2
ord17
ord20
ord16
ord27
ord26
ord14
ord4
ord18

mscms

CloseColorProfile
IsColorProfileValid
OpenColorProfileW
DeleteColorTransform
TranslateBitmapBits
CreateColorTransformW
GetColorDirectoryW

Sections

.text
Size: 140KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1008KB - Virtual size: 1008KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

470e4ccede1261937c83f3c8263bb317

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

shlwapi

imm32

mpnfimp

ltkrn15u

ltfil15u

cnpapgmg

msimg32

mpnprint

mscms

Sections

.text Size: 140KB - Virtual size: 138KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 8KB - Virtual size: 29KB

.rsrc Size: 1008KB - Virtual size: 1008KB

.text
Size: 140KB - Virtual size: 138KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 8KB - Virtual size: 29KB

.rsrc
Size: 1008KB - Virtual size: 1008KB