1b0b2d81046e8affcc9b882385c99c0917fbf0bca59d2b71bd867adef4d29077

Sharing

Copy URL

Twitter E-mail

General

Target

1b0b2d81046e8affcc9b882385c99c0917fbf0bca59d2b71bd867adef4d29077
Size

3.3MB
MD5

698946d43e6a74be29b7e6e6bde9314c
SHA1

5dfa54c8ac16c9d6f0708b4550dcc398f9507030
SHA256

1b0b2d81046e8affcc9b882385c99c0917fbf0bca59d2b71bd867adef4d29077
SHA512

7d838abeee619743eb172175b19112ac93dc672027b9c7aa19f51bac8a91d0ff7c55edee7d992bcab281e0816b0405d6c6cdbb46c5102d1778cbe0308d461375
SSDEEP

49152:BKgnOv5rCj+RjNpw7z30B8c/FuRln6oDhGLWc7DZq6G8ZHP4YiuBvver6A:znmC+7pMkBp9o6oD0LWEtjG8ZvYUsr

Score

N/A

Malware Config

Signatures

Files

1b0b2d81046e8affcc9b882385c99c0917fbf0bca59d2b71bd867adef4d29077
.exe windows x86

b25e464d4399ba997873aa11f87e7d04

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
GlobalLock
GetVersionExA
GetModuleHandleA
lstrcmpW
MultiByteToWideChar
SetLastError
CompareStringA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
MulDiv
GetCurrentProcessId
GetModuleFileNameW
InterlockedDecrement
LocalFree
FormatMessageA
GlobalAlloc
lstrcmpA
InterlockedExchange
GetLocaleInfoA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThread
GlobalFree
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
InterlockedIncrement
GetCPInfo
GetOEMCP
GetModuleHandleW
FlushFileBuffers
SetEndOfFile
GetCurrentProcess
SetErrorMode
RtlUnwind
RaiseException
HeapFree
HeapAlloc
GetCommandLineA
GetStartupInfoA
VirtualAlloc
HeapReAlloc
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetConsoleCP
GetConsoleMode
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetACP
IsValidCodePage
HeapCreate
VirtualFree
SetHandleCount
GetFileType
SetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetProcessHeap
FreeResource
SetFileTime
GetFileAttributesA
CreateDirectoryA
LocalFileTimeToFileTime
lstrlenA
GetCurrentDirectoryA
SystemTimeToFileTime
ReadFile
SetFilePointer
ExitProcess
DeleteFileA
FlushViewOfFile
FindFirstFileA
FindClose
GetLastError
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetSystemInfo
LoadResource
LockResource
SizeofResource
FindResourceA
WideCharToMultiByte
LoadLibraryA
GetProcAddress
FreeLibrary
GetModuleFileNameA
lstrcpyA
lstrcatA
WritePrivateProfileStringA
CreateFileA
WriteFile
CloseHandle
CreateThread
GlobalFlags
Sleep

user32

ReleaseDC
GetWindowDC
BeginPaint
EndPaint
GetWindowThreadProcessId
TranslateAcceleratorA
BringWindowToTop
SetRectEmpty
CreatePopupMenu
InsertMenuItemA
InvalidateRect
LoadAcceleratorsA
ReleaseCapture
SetCursor
DestroyMenu
LoadMenuA
ReuseDDElParam
UnpackDDElParam
PostQuitMessage
ValidateRect
TranslateMessage
GetMessageA
ShowOwnedPopups
InflateRect
GetMenuItemInfoA
GetSysColorBrush
LoadCursorA
UnregisterClassA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetDC
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
TrackPopupMenu
GetKeyState
SetMenu
SetForegroundWindow
IsWindowVisible
GetClientRect
GetMenuItemID
GetMenuItemCount
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
SetTimer
EnableWindow
SendMessageA
FindWindowA
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
LoadBitmapA
SetScrollRange
SetWindowLongA
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
GetWindowLongA
SetScrollPos
GetScrollPos
KillTimer
PostMessageA
GetCursorPos
LoadImageA
wsprintfA
UpdateWindow
TabbedTextOutA
FillRect
ShowWindow
SetWindowTextA
IsDialogMessageA
GetLastActivePopup
GetSubMenu

gdi32

CreateSolidBrush
CreateCompatibleBitmap
GetTextExtentPoint32A
GetStockObject
CreatePatternBrush
DeleteDC
GetClipBox
SetBkColor
GetObjectA
CreateBitmap
SaveDC
SetMapMode
GetDeviceCaps
TextOutA
SetBkMode
DeleteObject
SetTextColor
SelectObject
CreateFontIndirectA
DPtoLP
BitBlt
CreateCompatibleDC
GetPixel
PtVisible
RectVisible
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
RestoreDC
SetWindowExtEx
ScaleWindowExtEx

shell32

DragFinish
ShellExecuteA
DragQueryFileA

shlwapi

PathFindFileNameA
PathStripPathA
PathFindExtensionA

ws2_32

htonl
bind
closesocket
htons
WSAGetLastError
WSAStartup
gethostname
gethostbyname
listen
accept
connect
socket
recv
send
inet_addr

oleacc

LresultFromObject
CreateStdAccessibleObject

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 226KB - Virtual size: 225KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b25e464d4399ba997873aa11f87e7d04

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

shlwapi

ws2_32

oleacc

winspool.drv

advapi32

oleaut32

Sections

.text Size: 226KB - Virtual size: 225KB

.rdata Size: 50KB - Virtual size: 50KB

.data Size: 3.0MB - Virtual size: 3.0MB

.rsrc Size: 21KB - Virtual size: 21KB

.text
Size: 226KB - Virtual size: 225KB

.rdata
Size: 50KB - Virtual size: 50KB

.data
Size: 3.0MB - Virtual size: 3.0MB

.rsrc
Size: 21KB - Virtual size: 21KB