81bd4af231808df0320ccf723b806a6f001134a1a13b81cfe914705283d76ed6

Sharing

Copy URL Twitter E-mail

General

Target

81bd4af231808df0320ccf723b806a6f001134a1a13b81cfe914705283d76ed6
Size

696KB
MD5

1717d1c39560856b7ee48b7f23f584e0
SHA1

5201868dc24a7e0c7fa2cdfabd741700d6ff3223
SHA256

81bd4af231808df0320ccf723b806a6f001134a1a13b81cfe914705283d76ed6
SHA512

16116dddf458ce6e7f9bb9288b996ed28d3b3aeda8eb7cb16530bb58fc7c7135560ff518e5e22815e00e47fdb112e13d3d9017bd04d12a5c75dce7f13fb217df
SSDEEP

12288:o31kfp3CikeI7XUSjkO6xSxoJUuiGOh+l6esg3VVgJxZ0cA9HZvcey:i1kh3CHeS/uiGM+lZCxoCR

Score

N/A

Malware Config

Signatures

Files

81bd4af231808df0320ccf723b806a6f001134a1a13b81cfe914705283d76ed6
.exe windows x86

b8394ba17ef2bb09f25517468f93bea5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
GetCurrentThread
GetTimeFormatA
VirtualFree
LeaveCriticalSection
FreeEnvironmentStringsA
TlsSetValue
GetStringTypeA
CloseHandle
WideCharToMultiByte
LCMapStringW
QueryPerformanceCounter
FlushFileBuffers
IsValidLocale
GetCommandLineA
GetCPInfo
GetCurrentProcessId
HeapCreate
GetProcAddress
TerminateProcess
GetUserDefaultLCID
SetStdHandle
LoadLibraryA
TlsGetValue
InitializeCriticalSection
GetCurrentThreadId
GetDateFormatA
RtlUnwind
GetTimeZoneInformation
IsBadWritePtr
HeapSize
VirtualAlloc
FreeEnvironmentStringsW
GetSystemTimeAsFileTime
HeapDestroy
GetFileType
VirtualProtect
LCMapStringA
GetModuleFileNameA
GetModuleHandleA
GetACP
GetEnvironmentStrings
GetCurrentProcess
CreateMutexW
FatalAppExitA
GetModuleHandleW
CompareStringW
GetEnvironmentStringsW
GetSystemInfo
MultiByteToWideChar
WriteFile
GetStringTypeW
DeleteCriticalSection
GetStartupInfoW
HeapReAlloc
GetLastError
HeapFree
SetFilePointer
UnhandledExceptionFilter
IsValidCodePage
GetLocaleInfoW
TlsAlloc
SetHandleCount
GetModuleFileNameW
GetLocaleInfoA
TlsFree
ReadFile
GetCommandLineW
GetVersionExA
VirtualQuery
HeapAlloc
ExitProcess
CompareStringA
GetStdHandle
SetEnvironmentVariableA
GetStartupInfoA
InterlockedExchange
GetTickCount
GetOEMCP
EnterCriticalSection

mfc42

ord1576

comctl32

ImageList_DragMove
ImageList_GetBkColor
ImageList_Add
ImageList_DragShowNolock
ImageList_Remove
_TrackMouseEvent
ImageList_GetIcon
ord17
ImageList_SetBkColor
ImageList_EndDrag
ImageList_AddMasked
ImageList_LoadImageA
ImageList_BeginDrag
ImageList_GetImageCount
ImageList_Draw

wininet

HttpSendRequestA
InternetCanonicalizeUrlA
InternetGetLastResponseInfoA
InternetAttemptConnect
InternetConnectA

comdlg32

CommDlgExtendedError
PrintDlgA

user32

UnpackDDElParam
CreateWindowExW
GetWindowTextW
AdjustWindowRectEx
MessageBeep
GetWindowLongW
RegisterClassExW
PostQuitMessage
RegisterClassW
GetDC
InflateRect
DrawFrameControl
GetWindowRect
GetSystemMenu
OpenClipboard
EnableWindow
BringWindowToTop
DrawFocusRect
CheckMenuItem
GetWindowThreadProcessId
GetDesktopWindow
SetWindowPos
GetMessageW
GetMenuItemID
IsWindow
CheckDlgButton
GetUpdateRect
ShowWindow
DrawIconEx
CreateDialogIndirectParamW
TranslateMessage
GetSysColorBrush
ReleaseDC
MoveWindow
IsWindowVisible
SetMenuItemBitmaps
SetFocus
WaitForInputIdle
SendDlgItemMessageW
GetMenuItemCount
SystemParametersInfoW
EmptyClipboard
ClientToScreen
GetActiveWindow
GetDlgItem
DestroyMenu
EndPaint
DestroyWindow
SetWindowLongW
DefWindowProcW
GetMenuItemInfoW
UnhookWindowsHookEx
ScreenToClient
RedrawWindow
SetTimer
GetWindowLongA
UpdateWindow
SetCursor
OffsetRect
SetForegroundWindow
CallNextHookEx
MapDialogRect
IsZoomed
MessageBoxW
GetSysColor
KillTimer
BeginPaint
GetCursorPos
IntersectRect
GetKeyState
ScrollWindowEx
InvalidateRect
GetCapture
FrameRect

gdi32

SelectObject
SetWindowExtEx
GetPaletteEntries
CreateCompatibleBitmap
AbortDoc
CombineRgn
IntersectClipRect
RoundRect
SetMapMode
UnrealizeObject
SetPolyFillMode
GetBkColor
StretchDIBits
GetPixel
GetGlyphOutlineA
GetMapMode
BeginPath
LPtoDP
DeleteObject
MoveToEx
GetClipRgn
GetTextExtentPointA
SetTextColor
EndPath

shell32

DragFinish
ExtractIconA
SHFileOperationA
Shell_NotifyIconA

advapi32

RegSetValueA
RegOpenKeyExA
RegDeleteKeyA
OpenProcessToken
RegCloseKey
OpenServiceA
RegOpenKeyA
RegEnumKeyA
DeleteService

winspool.drv

ClosePrinter
ord204
DocumentPropertiesA

Sections

.text
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 456KB - Virtual size: 455KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b8394ba17ef2bb09f25517468f93bea5

Headers

File Characteristics

Imports

kernel32

mfc42

comctl32

wininet

comdlg32

user32

gdi32

shell32

advapi32

winspool.drv

Sections

.text Size: 88KB - Virtual size: 86KB

.rdata Size: 456KB - Virtual size: 455KB

.data Size: 104KB - Virtual size: 101KB

.rsrc Size: 44KB - Virtual size: 40KB

.text
Size: 88KB - Virtual size: 86KB

.rdata
Size: 456KB - Virtual size: 455KB

.data
Size: 104KB - Virtual size: 101KB

.rsrc
Size: 44KB - Virtual size: 40KB