b028900611edd8e8e43a8b4f82caff50d604a067c46dd3e63a69c9e9e64f08a4

Sharing

Copy URL Twitter E-mail

General

Target

b028900611edd8e8e43a8b4f82caff50d604a067c46dd3e63a69c9e9e64f08a4
Size

660KB
MD5

6cf43a05b5eec70a36ef03105a61665f
SHA1

f80785c17e8c8e1cc820639b31d24288e68d59d6
SHA256

b028900611edd8e8e43a8b4f82caff50d604a067c46dd3e63a69c9e9e64f08a4
SHA512

71b1753b84494b8e01b42e3f80dc981c916ad8e743cc1dfe880f64badc30868a6b559675e86b79de62a9dfc9aeadbfcfff30073f933ed84dc13dfe746e187e3b
SSDEEP

12288:cqCgPbOzzicWTDIl1PepRnu0dDZ5lkNuvjWbw:cqC4oIOVQQs/vjWb

Score

N/A

Malware Config

Signatures

Files

b028900611edd8e8e43a8b4f82caff50d604a067c46dd3e63a69c9e9e64f08a4
.exe windows x86

71beac2c949bf6307bc9a57ede65a0db

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

SetServiceStatus
InitializeSecurityDescriptor
RegQueryInfoKeyA
RegDeleteValueA
ControlService
RegEnumValueA
CreateServiceA
RegCloseKey
RegQueryValueExA
DeregisterEventSource
GetTokenInformation
RegCreateKeyExA
RegDeleteKeyA

kernel32

GetEnvironmentStringsW
HeapAlloc
IsBadWritePtr
GetStdHandle
ReadFile
ExitProcess
GetStringTypeW
HeapFree
DeleteCriticalSection
GetCurrentProcess
WideCharToMultiByte
LeaveCriticalSection
GetModuleFileNameA
GetLastError
GetTimeZoneInformation
GetModuleHandleA
VirtualFree
SetEnvironmentVariableA
EnterCriticalSection
LCMapStringA
GetTickCount
HeapReAlloc
VirtualAlloc
GetACP
InterlockedDecrement
GetCurrentThread
GetSystemTimeAsFileTime
CloseHandle
GetLocalTime
TlsAlloc
SetHandleCount
GetSystemTime
GetStringTypeA
InterlockedExchange
HeapCreate
FreeEnvironmentStringsW
GetStartupInfoA
GetVersion
SetStdHandle
MultiByteToWideChar
SetFilePointer
GetProcAddress
GetCurrentThreadId
InitializeCriticalSection
TlsGetValue
WriteFile
UnhandledExceptionFilter
CompareStringW
GetCurrentProcessId
CompareStringA
GetCPInfo
VirtualQuery
FreeEnvironmentStringsA
TlsSetValue
GetCommandLineA
TerminateProcess
IsValidCodePage
LocalFileTimeToFileTime
QueryPerformanceCounter
FatalAppExitA
TlsFree
LCMapStringW
GetFileType
GetEnvironmentStrings
HeapDestroy
SetLastError
GetOEMCP
RtlUnwind
CreateMutexA
FlushFileBuffers
InterlockedIncrement
VirtualProtect
LoadLibraryA

comctl32

ImageList_Create
ImageList_ReplaceIcon
ord17
ImageList_Destroy
ImageList_BeginDrag

comdlg32

GetFileTitleA
GetOpenFileNameA

user32

ShowWindow
UpdateWindow
IsIconic
GetMenuItemCount
CopyIcon
GetSystemMetrics
ScreenToClient
GetKeyNameTextA
IsRectEmpty
SetRectEmpty
GetScrollPos
CreateCaret
CreateIconIndirect
wsprintfA
GetScrollRange
ReuseDDElParam
PostQuitMessage
SetCaretPos
SetWindowLongA
EndPaint
InvalidateRgn
DestroyMenu
CallNextHookEx
BeginPaint
TabbedTextOutA
LoadIconA
SystemParametersInfoA
GetFocus
CloseClipboard
GetClassInfoA
ModifyMenuA
ShowOwnedPopups
RegisterClipboardFormatA
MapVirtualKeyA
CreateAcceleratorTableA
GetSystemMenu
GetDlgItem
HideCaret
UnionRect
GetWindowTextA
EmptyClipboard
FindWindowA
IsChild
SetParent
RemovePropA
GetAsyncKeyState
CharNextA
PostMessageA
GetClipboardData
GetMessageTime
LoadBitmapA
SetCapture
InflateRect
SetCursorPos
IsClipboardFormatAvailable
GetNextDlgTabItem
GetKeyboardLayoutList
PeekMessageA
IntersectRect
GetWindowLongA
UnhookWindowsHookEx
GetClassLongA
GetSysColor
RegisterClassExA
GetMenu
SetCursor
ScrollWindow
SetForegroundWindow
GetMenuState
SendMessageTimeoutA
LoadMenuA
GetClassNameA
DestroyWindow
RedrawWindow
GetDC
DrawFocusRect
MessageBoxA
BringWindowToTop
RegisterClassA
GetDesktopWindow
TranslateAcceleratorA
GetLastActivePopup
DrawMenuBar
EnableMenuItem
LoadAcceleratorsA
GetWindowDC
SetFocus
SendMessageA
IsWindowEnabled
GetWindow
GrayStringA
InvalidateRect
GetCursor
GetMenuItemInfoA
PtInRect
SetWindowsHookExA
ValidateRect
TrackPopupMenu
LoadCursorA
GetParent
SetScrollPos
UnregisterClassA
LoadImageA
CopyRect
ShowCaret
IsZoomed
UnpackDDElParam
DrawIcon
CheckMenuItem
DrawEdge
LoadStringA
MapDialogRect
GetClipboardFormatNameA
IsWindow
FillRect
CreatePopupMenu
EnumChildWindows
CreateDialogIndirectParamA
SetTimer
GetSubMenu
GetMessagePos
GetMenuStringA
SetMenuItemBitmaps
GetWindowRect
GetCapture
OffsetRect
CallWindowProcA
MessageBeep
DestroyIcon
EqualRect
MapWindowPoints
EnableWindow
CreateWindowExA
InsertMenuItemA
InsertMenuA
DestroyAcceleratorTable
IsWindowVisible
FrameRect
DefWindowProcA
GetCursorPos
GetKeyState
SetScrollInfo

shell32

ShellExecuteW
ExtractIconExW
DragQueryFileW
ord155
SHGetPathFromIDListW
ExtractIconW
ShellExecuteExW
SHBrowseForFolderW
SHGetFileInfoW
SHGetSpecialFolderLocation
SHGetMalloc
Shell_NotifyIconW

winspool.drv

OpenPrinterA
ClosePrinter

Sections

.text
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 444KB - Virtual size: 442KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

71beac2c949bf6307bc9a57ede65a0db

Headers

File Characteristics

Imports

advapi32

kernel32

comctl32

comdlg32

user32

shell32

winspool.drv

Sections

.text Size: 72KB - Virtual size: 68KB

.rdata Size: 444KB - Virtual size: 442KB

.data Size: 100KB - Virtual size: 128KB

.rsrc Size: 40KB - Virtual size: 38KB

.text
Size: 72KB - Virtual size: 68KB

.rdata
Size: 444KB - Virtual size: 442KB

.data
Size: 100KB - Virtual size: 128KB

.rsrc
Size: 40KB - Virtual size: 38KB