feea51c78cb5f8d71ba576878da973bec75335cb558bc656d3811dcfcf8beda2

Sharing

Copy URL Twitter E-mail

General

Target

feea51c78cb5f8d71ba576878da973bec75335cb558bc656d3811dcfcf8beda2
Size

346KB
MD5

bb4bbc906eaed5e0f660eae455f510a0
SHA1

1142fbfc8b53d59944e1cc0e86e556204c4b02fe
SHA256

feea51c78cb5f8d71ba576878da973bec75335cb558bc656d3811dcfcf8beda2
SHA512

fdc0362ae28e568d5c0bf61bbea1d8f8bf47e39564c9e0738e8ad5253d52382c616abad76247cd25c75c591fa30052946a37801abd1068fcc766659012765d3d
SSDEEP

6144:HAEq2HD+qMAUkDRqJcJHF4Vrz0LvPqXtXRqYAGwniYBY4uh3dZabaSVwvzzo5eRF:gwZMYHs0LvmhqYAGf1tHDbzceRaclKm1

Score

N/A

Malware Config

Signatures

Files

feea51c78cb5f8d71ba576878da973bec75335cb558bc656d3811dcfcf8beda2
.exe windows x86

d8a97906edce2faba3a0c71c7605b087

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowRect
IsDialogMessageA
GetDlgItemTextA
EnumChildWindows
EndDeferWindowPos
TileWindows
GetWindowTextA
ChildWindowFromPointEx
SetForegroundWindow
MoveWindow
BeginDeferWindowPos
OpenClipboard
OpenIcon
ShowWindow

gdi32

GdiSetBatchLimit
FloodFill
EnumObjects
Escape
EndDoc
CopyMetaFileW
CreateSolidBrush
AbortDoc
GdiComment
CombineTransform

advapi32

AccessCheck
RegQueryValueExA
RegQueryValueA
RegReplaceKeyA
RegNotifyChangeKeyValue
RegisterEventSourceA
GetOldestEventLogRecord
RegFlushKey
RegQueryMultipleValuesA

kernel32

OpenEventA
PulseEvent
GlobalMemoryStatus
HeapSize
GetPrivateProfileIntA
GetPrivateProfileStringA
GetPrivateProfileSectionNamesA
WritePrivateProfileStructA
GetStartupInfoA
GetProcAddress
GetEnvironmentVariableA
VirtualAllocEx
GetModuleHandleA
GetProfileIntA
OpenSemaphoreA
MultiByteToWideChar
GetCPInfoExA
SetEvent
GetThreadLocale
GlobalHandle
GetStringTypeA

winspool.drv

EnumPrintersA
DeletePrinter
DeletePrinterDriverExW
DeleteFormA
AddPrinterDriverA
DeletePrinterDriverW
AddPrintProcessorW
AddPrinterA
DeletePrinterKeyA
AddPrinterConnectionA
AddJobA
AddPrinterW

netapi32

NetFileClose
NetServerSetInfo
NetFileGetInfo
NetFileEnum
Netbios
NetConfigGetAll
NetGetAnyDCName
NetAuditClear
NetGroupAddUser
NetErrorLogClear
NetAuditRead
NetGetJoinableOUs

msvcrt

__setusermatherr
exit
_XcptFilter
_exit
__mb_cur_max
_isctype
_pctype
__getmainargs
_initterm
_acmdln
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_except_handler3

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.piajwm
Size: 319KB - Virtual size: 318KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d8a97906edce2faba3a0c71c7605b087

Headers

File Characteristics

Imports

user32

gdi32

advapi32

kernel32

winspool.drv

netapi32

msvcrt

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 104KB

.piajwm Size: 319KB - Virtual size: 318KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 104KB

.piajwm
Size: 319KB - Virtual size: 318KB

.rsrc
Size: 4KB - Virtual size: 4KB