8f0b41f2e531dca5df8c9ed4d84c938727c64ce5e2a4c5cd45a0507112fd67a0

Sharing

Copy URL Twitter E-mail

General

Target

8f0b41f2e531dca5df8c9ed4d84c938727c64ce5e2a4c5cd45a0507112fd67a0
Size

1.9MB
MD5

d4f973df304a06feca4d9970149cb320
SHA1

36bdcdd6855298c64a71f01e03838c241f37212b
SHA256

8f0b41f2e531dca5df8c9ed4d84c938727c64ce5e2a4c5cd45a0507112fd67a0
SHA512

5648e64d23a829d9d01f686f8fa91e175e05fcbfd77429530462140ae2b28be4b2471eeafe276d28c252624d476762f9627dccd7d98619439034e452bb2eef39
SSDEEP

49152:PqRsK901IV76c0QMoiQy4zTgJD78Zs95Us7dvbK0DUDg:q1xUHY8DwZs9RdvbKo

Score

N/A

Malware Config

Signatures

Files

8f0b41f2e531dca5df8c9ed4d84c938727c64ce5e2a4c5cd45a0507112fd67a0
.exe windows x86

12aa8046af25b422043a7faa6e1d2a4c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalReAlloc
DeleteCriticalSection
TlsFree
InterlockedIncrement
GetVersion
GetVersionExA
lstrcmpW
CompareStringW
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
GlobalFlags
GetModuleHandleA
InterlockedExchange
CompareStringA
GetLocaleInfoW
HeapFree
HeapAlloc
GetProcessHeap
HeapReAlloc
ExitProcess
DeleteFileA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
ExitThread
CreateThread
GetTimeZoneInformation
RtlUnwind
RaiseException
HeapSize
GetStdHandle
GetModuleFileNameA
TlsSetValue
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
VirtualAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
CreateFileA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
GetCurrentDirectoryA
GetDriveTypeA
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetCurrentProcessId
InterlockedDecrement
GetModuleHandleW
GetFileTime
FileTimeToLocalFileTime
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
LoadLibraryW
GetThreadLocale
CreateEventW
SuspendThread
SetEvent
GetCurrentThreadId
ResumeThread
SetThreadPriority
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
LocalFree
SetLastError
SetCurrentDirectoryW
GetLocalTime
FileTimeToSystemTime
GetFileSize
GetFileInformationByHandle
GetTickCount
GetCurrentDirectoryW
SetFileTime
SystemTimeToFileTime
SetFilePointer
LocalFileTimeToFileTime
CreateFileW
WaitForMultipleObjects
MapViewOfFile
CopyFileW
CreateFileMappingW
SetFileAttributesW
OpenFileMappingW
GetCurrentProcess
OpenProcess
CreateDirectoryW
GetFileAttributesW
GetModuleFileNameW
DeleteFileW
UnmapViewOfFile
LoadLibraryA
GetSystemDirectoryA
FreeLibrary
GetProcAddress
FormatMessageW
GetLastError
WideCharToMultiByte
lstrlenW
SizeofResource
GetStartupInfoW
FindNextFileW
TerminateProcess
FindResourceW
FindFirstFileW
CreatePipe
WriteFile
PeekNamedPipe
Sleep
MultiByteToWideChar
CloseHandle
LockResource
ReadFile
TerminateThread
FindClose
CreateProcessW
LoadResource
WaitForSingleObject
ReleaseMutex
FreeEnvironmentStringsA
CreateMutexW

user32

GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
DestroyMenu
ClientToScreen
ShowWindow
SetWindowTextW
RegisterWindowMessageW
LoadIconW
WinHelpW
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
IsWindow
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
PostMessageW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowLongW
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuW
EnableMenuItem
CheckMenuItem
LoadCursorW
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
GetWindowThreadProcessId
GetParent
GetWindowLongW
GetLastActivePopup
PostQuitMessage
IsWindowEnabled
EnableWindow
GetWindowTextW
UnhookWindowsHookEx
CharUpperW
GetSystemMetrics
SetWindowsHookExW
CallNextHookEx
TranslateMessage
GetActiveWindow
IsWindowVisible
SendMessageW
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetDesktopWindow
wsprintfW
GetMessageW
DispatchMessageW
SetTimer
MessageBoxW
SetWindowPos
UnregisterClassA

gdi32

SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
TextOutW
RectVisible
PtVisible
GetDeviceCaps
SetMapMode
RestoreDC
SaveDC
ExtTextOutW
DeleteObject
SetBkColor
SetTextColor
GetClipBox
CreateBitmap

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegSetValueExW
RegDeleteValueW
RegOpenKeyExW
RegCreateKeyExW
RegQueryValueExW
AdjustTokenPrivileges
OpenProcessToken
LookupPrivilegeValueW

shell32

ShellExecuteExW
ShellExecuteW

shlwapi

PathIsUNCW
PathFindFileNameW
PathStripToRootW

ws2_32

send
socket
recv
inet_addr
__WSAFDIsSet
htons
connect
select
closesocket
gethostbyaddr
inet_ntoa
WSAStartup
htonl
ntohs
getservbyname
getservbyport
WSAGetLastError
gethostbyname
WSASetLastError

oleaut32

VariantInit
VariantChangeType
VariantClear

Sections

.text
Size: 256KB - Virtual size: 252KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

12aa8046af25b422043a7faa6e1d2a4c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

ws2_32

oleaut32

Sections

.text Size: 256KB - Virtual size: 252KB

.rdata Size: 60KB - Virtual size: 58KB

.data Size: 12KB - Virtual size: 27KB

.rsrc Size: 1.6MB - Virtual size: 1.6MB

.text
Size: 256KB - Virtual size: 252KB

.rdata
Size: 60KB - Virtual size: 58KB

.data
Size: 12KB - Virtual size: 27KB

.rsrc
Size: 1.6MB - Virtual size: 1.6MB