fab930aa65a787cffdf10a146dc702dc00cc38be2398df2d5734e1e72c6aaf67

Sharing

Copy URL Twitter E-mail

General

Target

fab930aa65a787cffdf10a146dc702dc00cc38be2398df2d5734e1e72c6aaf67
Size

17.7MB
MD5

165ee9ddad06dd907fca405c854b75e2
SHA1

aab6df8303f09ac4164d606e589d67f425058326
SHA256

fab930aa65a787cffdf10a146dc702dc00cc38be2398df2d5734e1e72c6aaf67
SHA512

d43862beb474f016d9de30f38743176682bfc747cacdfbcb36a50b7b175b1a17e8a4b4f75d2046dbc2ed5f4a8c2817b92edd4e11a8d66af4840df2aa39947021
SSDEEP

393216:P7JanYKVkngs3f7mSZfCUZ58+6qHC7lhGspScL4cyHAFuL:DJanrCn13TmScUs+ZHPgo

Score

N/A

Malware Config

Signatures

Files

fab930aa65a787cffdf10a146dc702dc00cc38be2398df2d5734e1e72c6aaf67
.exe windows x86

09f592acd135b9b8f436ef0f886c37fb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
SizeofResource
GlobalAddAtomA
SetErrorMode
GetFileAttributesA
FileTimeToSystemTime
FileTimeToLocalFileTime
RtlUnwind
HeapAlloc
ExitProcess
HeapFree
GetCommandLineA
RaiseException
HeapReAlloc
HeapSize
GetCPInfo
GetACP
GetOEMCP
GetTimeZoneInformation
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
SetHandleCount
GetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
SetStdHandle
GetLocaleInfoA
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetLocaleInfoW
SetEndOfFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentProcess
GetProcessVersion
SetLastError
GetCurrentDirectoryA
lstrcpyA
WritePrivateProfileStringA
GlobalFlags
lstrcpynA
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
MulDiv
GetVersion
lstrcatA
GlobalGetAtomNameA
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
lstrlenA
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
Process32Next
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
MultiByteToWideChar
GetSystemDirectoryA
CreateFileA
SetFileTime
LoadLibraryA
GetProcAddress
FreeLibrary
OpenProcess
TerminateProcess
CloseHandle
GetStartupInfoA
CreateProcessA
WaitForSingleObject
GetLastError
Sleep
GetVersionExA
GetModuleFileNameA
DeleteFileA
GetProfileStringA
SetCurrentDirectoryA
CreateDirectoryA
RemoveDirectoryA
GetDriveTypeA
CreateToolhelp32Snapshot
Process32First
GetModuleHandleA
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
SizeofResource
GlobalAddAtomA
SetErrorMode
GetFileAttributesA
FileTimeToSystemTime
FileTimeToLocalFileTime
RtlUnwind
HeapAlloc
ExitProcess
HeapFree
GetCommandLineA
RaiseException
HeapReAlloc
HeapSize
GetCPInfo
GetACP
GetOEMCP
GetTimeZoneInformation
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
SetHandleCount
GetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
SetStdHandle
GetLocaleInfoA
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetLocaleInfoW
SetEndOfFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentProcess
GetProcessVersion
SetLastError
GetCurrentDirectoryA
lstrcpyA
WritePrivateProfileStringA
GlobalFlags
lstrcpynA
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
MulDiv
GetVersion
lstrcatA
GlobalGetAtomNameA
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
lstrlenA
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
Process32Next
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
MultiByteToWideChar
GetSystemDirectoryA
CreateFileA
SetFileTime
LoadLibraryA
GetProcAddress
FreeLibrary
OpenProcess
TerminateProcess
CloseHandle
GetStartupInfoA
CreateProcessA
WaitForSingleObject
GetLastError
Sleep
GetVersionExA
GetModuleFileNameA
DeleteFileA
GetProfileStringA
SetCurrentDirectoryA
CreateDirectoryA
RemoveDirectoryA
GetDriveTypeA
CreateToolhelp32Snapshot
Process32First
GetModuleHandleA

user32

GetSystemMetrics
GetAsyncKeyState
GetWindowRect
GetClientRect
GetDC
ReleaseDC
UpdateWindow
RedrawWindow
SendMessageA
PostMessageA
PostQuitMessage
ShowOwnedPopups
SetCursor
MessageBoxA
SetWindowsHookExA
GetCursorPos
PeekMessageA
IsWindowVisible
ValidateRect
CallNextHookEx
GetKeyState
GetActiveWindow
DispatchMessageA
TranslateMessage
GetMessageA
GetNextDlgTabItem
GetParent
GetFocus
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
IsWindowEnabled
GetDlgItem
GetWindowLongA
DestroyWindow
CreateDialogIndirectParamA
IsWindow
SetActiveWindow
EndDialog
RegisterWindowMessageA
SetWindowPos
SetWindowLongA
GetWindow
GetMessagePos
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
SetForegroundWindow
GetForegroundWindow
GetLastActivePopup
UnhookWindowsHookEx
SetPropA
GetClassLongA
CreateWindowExA
DefWindowProcA
GetDlgCtrlID
GetWindowTextA
GetWindowTextLengthA
GetMenu
GetMenuItemID
GetSubMenu
GetMenuItemCount
RegisterClassA
GetClassInfoA
wsprintfA
WinHelpA
GetCapture
IsChild
GetTopWindow
SetScrollPos
GetScrollPos
SetScrollRange
ShowScrollBar
SetScrollInfo
ScrollWindow
ScreenToClient
EndDeferWindowPos
CopyRect
BeginDeferWindowPos
DeferWindowPos
EqualRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
SystemParametersInfoA
SendDlgItemMessageA
LoadIconA
IsDialogMessageA
SetWindowTextA
MoveWindow
ShowWindow
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
LoadCursorA
ReleaseCapture
GetDesktopWindow
WindowFromPoint
ClientToScreen
GetClassNameA
PtInRect
GetSysColorBrush
LoadStringA
CharUpperA
IntersectRect
InflateRect
DestroyMenu
FindWindowA
InvalidateRect
OffsetRect
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
SetMenu
ReuseDDElParam
UnpackDDElParam
IsIconic
BringWindowToTop
IsWindowUnicode
CharNextA
DefDlgProcA
DrawFocusRect
ExcludeUpdateRgn
ShowCaret
HideCaret
EnableWindow
UnregisterClassA

advapi32

RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
OpenSCManagerA
OpenServiceA
ControlService
RegDeleteKeyA
RegDeleteValueA
RegCreateKeyExA

ole32

CoCreateInstance
CoInitialize

gdi32

BitBlt
CreateCompatibleDC
CreateDIBitmap
GetTextExtentPointA
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateSolidBrush
GetDeviceCaps
DeleteObject
IntersectClipRect
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
GetObjectA
SetBkColor
SetTextColor
PatBlt
CreateBitmap
StretchDIBits

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

shell32

DragFinish
DragQueryFileA
SHGetMalloc

comctl32

ord17
ImageList_Destroy

Sections

.text
Size: 150KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

09f592acd135b9b8f436ef0f886c37fb

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

gdi32

winspool.drv

shell32

comctl32

Sections

.text Size: 150KB - Virtual size: 150KB

.rdata Size: 28KB - Virtual size: 28KB

.data Size: 27KB - Virtual size: 173KB

.rsrc Size: 22KB - Virtual size: 21KB

.text
Size: 150KB - Virtual size: 150KB

.rdata
Size: 28KB - Virtual size: 28KB

.data
Size: 27KB - Virtual size: 173KB

.rsrc
Size: 22KB - Virtual size: 21KB