d9ce281359481d5daff3c18d522bcebcc8ecf25a786416d00a9298eceec59916

Sharing

Copy URL Twitter E-mail

General

Target

d9ce281359481d5daff3c18d522bcebcc8ecf25a786416d00a9298eceec59916
Size

316KB
MD5

28e6e3ba77dc54174235b06f23ceafd0
SHA1

b65782715a840016afc2fa122ed4cca315084bc4
SHA256

d9ce281359481d5daff3c18d522bcebcc8ecf25a786416d00a9298eceec59916
SHA512

ef3a62ac153c144dc8f4810ddff10c708567ceafed8bf5f9548bbf91d8ffab7d023559f1111bfc258c490b5a520d3374242a1ecac962f8ec05a436b7094ac0fc
SSDEEP

6144:nUa44EItpZhYwEH4tpkbxE4HMk/HUXMBL7bhTew9ESwmCpB1kd/0sj1e:UaZhYwvoxjskNBL3199tCT1kd/vj1e

Score

N/A

Malware Config

Signatures

Files

d9ce281359481d5daff3c18d522bcebcc8ecf25a786416d00a9298eceec59916
.exe windows x86

b971df38f04db5bf29085dd4af1f1e6f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToLocalFileTime
GetCurrentDirectoryA
RtlUnwind
RaiseException
HeapFree
HeapAlloc
HeapReAlloc
GetCommandLineA
ExitProcess
FileTimeToSystemTime
ExitThread
GetACP
SetStdHandle
GetCPInfo
GetOEMCP
GetTimeZoneInformation
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
TerminateProcess
CreateThread
HeapSize
IsBadWritePtr
GetStringTypeA
GetStringTypeW
SetHandleCount
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetFileType
SetErrorMode
MapViewOfFile
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
lstrcatA
lstrcpyA
LoadLibraryA
GetProcAddress
HeapDestroy
IsDBCSLeadByte
lstrcpynA
lstrcmpiA
LoadLibraryExA
GetLastError
FindResourceA
LoadResource
SizeofResource
FreeLibrary
GetModuleFileNameA
GetModuleHandleA
GetShortPathNameA
lstrlenW
InterlockedDecrement
EnterCriticalSection
InterlockedIncrement
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
MulDiv
WideCharToMultiByte
lstrlenA
GetProcessVersion
GlobalFlags
TlsSetValue
TlsGetValue
LocalReAlloc
TlsAlloc
TlsFree
GlobalHandle
LocalAlloc
GetFileTime
DeleteFileA
GetVolumeInformationA
UnlockFile
SetEndOfFile
SetFilePointer
LockFile
FlushFileBuffers
CreateEventA
ReadFile
DuplicateHandle
ResumeThread
SuspendThread
SetThreadPriority
LocalFree
SetEvent
GetCurrentThread
GlobalGetAtomNameA
SetLastError
GetVersion
GlobalDeleteAtom
GlobalAddAtomA
GlobalFindAtomA
GlobalSize
lstrcmpA
GlobalFree
MoveFileExA
GlobalReAlloc
GetVersionExA
GetWindowsDirectoryA
WritePrivateProfileStringA
GetTempPathA
GetFullPathNameA
FindFirstFileA
Sleep
WaitForSingleObject
LockResource
FindClose
CreateFileMappingA
UnmapViewOfFile
GetFileSize
GetEnvironmentStringsW
GetTempFileNameA
MultiByteToWideChar
GetFileAttributesA
CreateFileA
WriteFile
CloseHandle
CreateDirectoryA
GlobalAlloc
GlobalLock
GlobalUnlock
GetCurrentProcess
FlushInstructionCache
GetCurrentThreadId
GetDriveTypeA
UnhandledExceptionFilter
HeapCreate
VirtualFree
VirtualAlloc

user32

LoadIconA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
DispatchMessageA
SetActiveWindow
AdjustWindowRectEx
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
IsWindowVisible
SetScrollInfo
GetTopWindow
MessageBoxA
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextLengthA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SystemParametersInfoA
IsIconic
LoadStringA
EnumChildWindows
EnableMenuItem
WindowFromPoint
GetCursorPos
KillTimer
SetTimer
InflateRect
PeekMessageA
GetAsyncKeyState
GetScrollRange
SetScrollPos
SetScrollRange
GetScrollPos
IsRectEmpty
ShowScrollBar
SetRectEmpty
GetSysColor
CopyRect
UnregisterClassA
GetClientRect
EndPaint
InvalidateRect
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
DestroyWindow
SetFocus
GetFocus
IsChild
GetClassInfoExA
RegisterClassExA
CharUpperA
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
SetMenu
LoadMenuA
CharNextA
CreateWindowExA
CallWindowProcA
GetWindowLongA
SetWindowLongA
ShowWindow
UnionRect
PtInRect
GetKeyState
DefWindowProcA
GetClassNameA
ScreenToClient
GetDC
GetSysColorBrush
PostMessageA
GetWindowPlacement
ReleaseDC
wsprintfA
LoadBitmapA
GetWindowRect
SetWindowPos
LoadCursorA
SetCursor
GetWindowTextA
IsWindow
SendMessageA
RegisterWindowMessageA
EnableWindow
GetParent
GetNextDlgTabItem
DestroyMenu
GetDesktopWindow
ReleaseCapture
TranslateAcceleratorA
LoadAcceleratorsA
GetMessageA
TranslateMessage
ValidateRect
ShowOwnedPopups
PostQuitMessage
EndDialog
GetActiveWindow
CreateDialogIndirectParamA
GrayStringA
DrawTextA
TabbedTextOutA
ClientToScreen
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
BeginPaint
IsDialogMessageA
IsWindowEnabled
SetWindowTextA
MoveWindow
GetSystemMetrics
GetDlgCtrlID

gdi32

TextOutA
Rectangle
CreateRectRgnIndirect
DeleteMetaFile
CloseMetaFile
RestoreDC
SetWindowExtEx
SetWindowOrgEx
SaveDC
CreateMetaFileA
DeleteDC
SetViewportOrgEx
SetMapMode
CreateDCA
CreateSolidBrush
LPtoDP
SelectObject
GetStockObject
CreatePen
GetTextMetricsA
GetObjectA
Polygon
GetClipBox
SetTextColor
CreateBitmap
SetBkColor
SetBkMode
CreateFontIndirectA
SetViewportExtEx
ScaleViewportExtEx
OffsetViewportOrgEx
ScaleWindowExtEx
LineTo
MoveToEx
DeleteObject
RectVisible
ExtTextOutA
PtVisible
Escape
GetDeviceCaps
SetTextAlign
GetTextExtentPoint32A

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegDeleteKeyA
RegCreateKeyExA
RegDeleteValueA
RegCloseKey
RegOpenKeyExA
RegEnumKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumValueA
RegQueryValueExA

shell32

DragQueryFileA
DragFinish
FindExecutableA
ShellExecuteA

ole32

CoCreateGuid
CoGetMalloc
CreateOleAdviseHolder
OleSaveToStream
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
CreateDataAdviseHolder
OleRegGetMiscStatus
OleRegGetUserType
OleRegEnumVerbs
CoDisconnectObject
CoCreateInstance
WriteClassStm
OleLoadFromStream

olepro32

ord250

oleaut32

VarUI4FromStr
LoadTypeLi
SysStringLen
SysAllocString
GetErrorInfo
VariantClear
RegisterTypeLi
VariantChangeType
SysAllocStringByteLen
SysStringByteLen
LoadRegTypeLi
SysAllocStringLen
SysFreeString

Sections

.text
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ffff
Size: 146KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.yyup
Size: 512B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b971df38f04db5bf29085dd4af1f1e6f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

ole32

olepro32

oleaut32

Sections

.text Size: 8KB - Virtual size: 12KB

.rdata Size: 156KB - Virtual size: 156KB

.data Size: 2KB - Virtual size: 4KB

.ffff Size: 146KB - Virtual size: 148KB

.yyup Size: 512B - Virtual size: 76KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 8KB - Virtual size: 12KB

.rdata
Size: 156KB - Virtual size: 156KB

.data
Size: 2KB - Virtual size: 4KB

.ffff
Size: 146KB - Virtual size: 148KB

.yyup
Size: 512B - Virtual size: 76KB

.rsrc
Size: 2KB - Virtual size: 2KB