94156fd1cac63b1f3d886895948ea7e015778dfe56c5878538c42a8e1153c45f

Sharing

Copy URL Twitter E-mail

General

Target

94156fd1cac63b1f3d886895948ea7e015778dfe56c5878538c42a8e1153c45f
Size

208KB
MD5

1c431b0068103fe82e4cba1217ad8028
SHA1

9df33ec80048ac37e7d8ef9b9f13ea41228934e4
SHA256

94156fd1cac63b1f3d886895948ea7e015778dfe56c5878538c42a8e1153c45f
SHA512

737677c1ee32b9ba3045930ec921fe4a2aa782f8aa2bc8df961a150927247816b319fda6cd08e57ce34dacb3e1057dfbe968bb8f1065328f6e9fdf540ecece22
SSDEEP

6144:ZJIi1ztaRKa4wOnpxMM3iP7cNJSCRcEZVAKsmf:0Kthp1SP7OJSCRcEZGm

Score

N/A

Malware Config

Signatures

Files

94156fd1cac63b1f3d886895948ea7e015778dfe56c5878538c42a8e1153c45f
.exe windows x86

92373f9deefa91851ee9711378648b9a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryA
lstrcpy
GetDiskFreeSpaceA
ReplaceFileW
lstrcpynA
OpenEventA
LocalAlloc
CompareStringW
MoveFileA
FatalAppExitA
IsValidLocale
GetStartupInfoW
GetFullPathNameA
GetWindowsDirectoryA
SetLastError
CreateFileMappingW
lstrcpyA
GetTempFileNameW
DeleteAtom
LoadLibraryA
EnumCalendarInfoA
GetCurrentProcessId
GetModuleHandleA
GetNumberFormatW
GetShortPathNameW
EnumCalendarInfoW
GetDateFormatW
DuplicateHandle
CreateSemaphoreW
MulDiv
GetTempPathA
EnumDateFormatsW
GetLocalTime
GetLogicalDriveStringsW
GetDateFormatA
IsBadStringPtrA
FreeResource
lstrcmpW
lstrcmpiA
GetCurrentProcess
GetCurrentDirectoryA
LoadResource
GetExitCodeThread
lstrcpynW
EndUpdateResourceW
GetEnvironmentStringsA
OpenWaitableTimerA
GetAtomNameA
FileTimeToDosDateTime
OpenSemaphoreA
SetComputerNameW
lstrcatW
GetExpandedNameA
HeapCreate
IsDebuggerPresent
WinExec
CopyFileExA
GetProcAddress
AddAtomA
GetLongPathNameW
GetThreadPriority

user32

GetKeyboardLayout
ShowWindow
MessageBoxIndirectA
FindWindowW
EnumDesktopsA
DefWindowProcA
GetActiveWindow
ReleaseDC
SetWindowPos
CharUpperA
CheckRadioButton
SetTimer
wvsprintfW
SetFocus
GetCaretPos
UnregisterClassA
AdjustWindowRect
GetClassNameA
GetMenuStringA
SendDlgItemMessageA
GetClientRect
CloseWindow
CharLowerW
UnregisterClassW
EnumDesktopWindows
RegisterWindowMessageW
DialogBoxParamA
EnableMenuItem
InsertMenuA
GetDC
WinHelpA
IsChild
SetActiveWindow
AnimateWindow
FindWindowA
LoadIconA
ActivateKeyboardLayout
GetMenuInfo
CopyRect
DrawTextA
ArrangeIconicWindows
MonitorFromWindow
GetSubMenu
SetWindowLongW
GetSysColor
EnumClipboardFormats
GetWindowTextW
DestroyMenu
FrameRect
IsDlgButtonChecked
UpdateWindow
GetMenuStringW
GetMenuItemInfoA

gdi32

Ellipse
SetWindowExtEx
ExtSelectClipRgn
GetGraphicsMode
GetColorAdjustment
CreateScalableFontResourceA
CreateDCW
GetLogColorSpaceA
SetColorSpace
PtInRegion
SetBkColor
GetDIBits
SetTextCharacterExtra
GetNearestColor
DeleteMetaFile
CreateCompatibleDC
CreateScalableFontResourceW
PatBlt
GetDCPenColor
RemoveFontResourceExW
TextOutW

advapi32

RegQueryValueA
RegCreateKeyA
RegQueryInfoKeyW
RegSetValueW
RegOpenKeyExA
RegCreateKeyExW
RegRestoreKeyA

oleaut32

VarI8FromR8
SystemTimeToVariantTime
VarCyCmpR8
VarBstrFromR4
VarI4FromR8

ws2_32

gethostbyname
inet_addr
WSACleanup
getsockname
getpeername
bind
htonl
WSAIoctl
WSAAccept

winmm

waveOutGetErrorTextW
sndPlaySoundA
mmioGetInfo
midiOutMessage
WOW32ResolveMultiMediaHandle
midiInMessage
joyConfigChanged
joySetThreshold
mmioInstallIOProcA
mixerGetControlDetailsW

winspool.drv

GetPrinterDataW
DeleteMonitorA
SetPrinterDataA
EnumPrinterDriversW
AddPrinterW
GetPrinterDriverA
AddPrinterDriverExW
AddPrinterW
SetPrinterDataA
GetPrinterDataExA
AddPortW
DeleteFormA

inetcomm

HrGetLastOpenFileDirectory
MimeOleSMimeCapAddSMimeCap
CreatePOP3Transport
HrFreeAttachData
MimeOleCreatePropertySet
MimeOleSMimeCapsFull

wsock32

WSAStartup

crypt32

CertOIDToAlgId
CertEnumCTLsInStore
CertCompareCertificate
CertVerifyValidityNesting
CertResyncCertificateChainEngine
CryptSIPPutSignedDataMsg
CryptImportPKCS8
CryptFindOIDInfo

Sections

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 1024B - Virtual size: 42KB

IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 33KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 22KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 170KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

92373f9deefa91851ee9711378648b9a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

oleaut32

ws2_32

winmm

winspool.drv

inetcomm

wsock32

crypt32

Sections

.rdata Size: 14KB - Virtual size: 13KB

.edata Size: 1024B - Virtual size: 42KB

.rdata Size: 1024B - Virtual size: 15KB

.rdata Size: 5KB - Virtual size: 5KB

.edata Size: 1024B - Virtual size: 8KB

.data Size: 11KB - Virtual size: 14KB

.rdata Size: 1KB - Virtual size: 33KB

.edata Size: 1024B - Virtual size: 22KB

.rsrc Size: 170KB - Virtual size: 169KB

.reloc Size: 1024B - Virtual size: 32KB

.rdata
Size: 14KB - Virtual size: 13KB

.edata
Size: 1024B - Virtual size: 42KB

.rdata
Size: 1024B - Virtual size: 15KB

.rdata
Size: 5KB - Virtual size: 5KB

.edata
Size: 1024B - Virtual size: 8KB

.data
Size: 11KB - Virtual size: 14KB

.rdata
Size: 1KB - Virtual size: 33KB

.edata
Size: 1024B - Virtual size: 22KB

.rsrc
Size: 170KB - Virtual size: 169KB

.reloc
Size: 1024B - Virtual size: 32KB