da3eab88202a3ea85538cee7c5a2cee86c60220a1f30352df72d81d938bebd8c

Sharing

Copy URL Twitter E-mail

General

Target

da3eab88202a3ea85538cee7c5a2cee86c60220a1f30352df72d81d938bebd8c
Size

284KB
MD5

b8296784b5273e28042596bb10ee7416
SHA1

3c9798f1904554b96e84a85876a5a5394f61d97a
SHA256

da3eab88202a3ea85538cee7c5a2cee86c60220a1f30352df72d81d938bebd8c
SHA512

b868d6839a2f4edf0f3d76877d1badb7f62380e30020df85f56e5315a174fab619f75fa4baec3d1110d25bd79a988de68f89089e1cc63e7010d269b8b8ef84c3
SSDEEP

6144:9NJI3gRtakZnqy+37K8tS0UajkkWkCCVO:983gRt5nqy+5tS0Ux

Score

N/A

Malware Config

Signatures

Files

da3eab88202a3ea85538cee7c5a2cee86c60220a1f30352df72d81d938bebd8c
.exe windows x86

7151da98575bfdf19892a2cd16011f5f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
CreateThread
ExitThread
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
ExitProcess
TerminateProcess
RaiseException
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetACP
HeapSize
HeapReAlloc
UnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetFileType
WritePrivateProfileStringA
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
FreeEnvironmentStringsA
SetErrorMode
GetFileTime
GetFileSize
GetFileAttributesA
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GlobalFree
GetCurrentThread
lstrcmpA
GetThreadLocale
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
DuplicateHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
MulDiv
SetLastError
FindResourceA
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FormatMessageA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
SizeofResource
LoadResource
LockResource
GlobalAlloc
GlobalLock
GlobalUnlock
CreateMutexA
GetLastError
GetModuleHandleA
GetProcAddress
GetCurrentProcess
lstrcpyA
lstrcatA
WinExec
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
OpenFileMappingA
MapViewOfFile
UnmapViewOfFile
WriteProfileStringA
FindFirstFileA
FindClose
lstrlenA
GetProfileIntA
GetProfileStringA
GetSystemDirectoryA
CreateDirectoryA
DeleteFileA
GetTickCount
Sleep
CloseHandle
GetModuleFileNameA
FreeEnvironmentStringsW

user32

InflateRect
RegisterClipboardFormatA
GetCursorPos
IsWindowEnabled
PostQuitMessage
CharUpperA
GrayStringA
DrawTextA
EndPaint
BeginPaint
ClientToScreen
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
GetFocus
SetActiveWindow
SetFocus
AdjustWindowRectEx
ScreenToClient
CopyRect
GetTopWindow
MessageBoxA
IsChild
GetParent
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DefWindowProcA
CreateWindowExA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetWindow
GetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
CharNextA
IsIconic
GetSystemMetrics
DrawIcon
GetSystemMenu
AppendMenuA
IsWindowVisible
UpdateWindow
SetForegroundWindow
LoadIconA
GetMessageA
TranslateMessage
DispatchMessageA
EnableWindow
LoadCursorA
CopyIcon
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode
IsWindow
GetSysColor
InvalidateRect
SetWindowLongA
SetCursor
GetClientRect
PtInRect
ReleaseCapture
RedrawWindow
SetCapture
MessageBeep
SendMessageA
PostMessageA
CallNextHookEx
PostThreadMessageA
UnhookWindowsHookEx
SetWindowsHookExA
GetForegroundWindow
GetWindowDC
GetNextDlgGroupItem
SetRect
DestroyWindow
CopyAcceleratorTableA
GetWindowRect
ReleaseDC
FindWindowA
GetDC
GetDesktopWindow
GetSysColorBrush
GetClassNameA
DestroyMenu
LoadStringA
MapDialogRect
SetWindowContextHelpId
EndDialog
CreateDialogIndirectParamA
WindowFromPoint
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
GetActiveWindow
GetClassLongA
ValidateRect
TabbedTextOutA

gdi32

GetClipBox
SaveDC
RestoreDC
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
PtVisible
TextOutA
ExtTextOutA
Escape
GetTextColor
GetBkColor
DPtoLP
LPtoDP
GetMapMode
PatBlt
CreateDIBitmap
RectVisible
CreateBitmap
SetBkColor
SetTextColor
DeleteObject
SelectObject
DeleteDC
CreateFontIndirectA
GetStockObject
StretchBlt
GetDeviceCaps
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
GetObjectA
GetTextExtentPointA
GetDIBits

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueA

shell32

ShellExecuteA

comctl32

ord17

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleInitialize
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
OleUninitialize

olepro32

ord253

oleaut32

VariantTimeToSystemTime
SysAllocStringLen
SysFreeString
VariantCopy
VariantChangeType
SysAllocString
SysAllocStringByteLen
SysStringLen
VariantClear

imm32

ImmReleaseContext
ImmGetContext
ImmGetCompositionStringA

Exports

Exports

DisableKeyBoard
DisableMouse
IsHookCn
Justahook
RemoveKBHook
RemoveMSHook
SetKBHook
SetKBHookCn
SetKBHookThreadId
SetMSHook
SetMSHookThreadId
StartMSHook
StopKBHook
StopMSHook

Sections

.text
Size: 196KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

share_da
Size: 4KB - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7151da98575bfdf19892a2cd16011f5f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

imm32

Exports

Exports

Sections

.text Size: 196KB - Virtual size: 193KB

.rdata Size: 44KB - Virtual size: 41KB

.data Size: 16KB - Virtual size: 33KB

share_da Size: 4KB - Virtual size: 36B

.rsrc Size: 20KB - Virtual size: 18KB

.text
Size: 196KB - Virtual size: 193KB

.rdata
Size: 44KB - Virtual size: 41KB

.data
Size: 16KB - Virtual size: 33KB

share_da
Size: 4KB - Virtual size: 36B

.rsrc
Size: 20KB - Virtual size: 18KB