c2b6f38a5ec1c1da74e5e0eb3bd286ecde72a94d0d3074ac1ebedec85f5c6405

Sharing

Copy URL

Twitter E-mail

General

Target

c2b6f38a5ec1c1da74e5e0eb3bd286ecde72a94d0d3074ac1ebedec85f5c6405
Size

134KB
MD5

c121acf02f4d2720409aedbedb217e4b
SHA1

6a0c08fe7740bed5395c0ce3e55c8abd56b070da
SHA256

c2b6f38a5ec1c1da74e5e0eb3bd286ecde72a94d0d3074ac1ebedec85f5c6405
SHA512

0339c75d32ac2320f73f7474406c83943059b52dd85ccb5cd6650b228a55d3e0a8fe6967052a583dae51777297a66fd3359e7261135d11d3ef9cb1233d8903a3
SSDEEP

3072:7hOreCeuXu3KH3awyD2vcshlxSdKAnHL75ZCT:7HCLXAm3RyD2EsFcJnrLC

Score

N/A

Malware Config

Signatures

Files

c2b6f38a5ec1c1da74e5e0eb3bd286ecde72a94d0d3074ac1ebedec85f5c6405
.exe windows x86

c31c9ea1740b7ef68a3f08430a1c65e3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoInitialize
CoCreateInstance
CoUninitialize

user32

CreateWindowExW
GetWindowRect
GetDC
CheckMenuItem
MapWindowPoints
LoadCursorW
GetWindowTextW
GetCapture
GetWindowLongW
GrayStringW
DrawTextExW
GetTopWindow
PostQuitMessage
UnregisterClassW
EnableWindow
DestroyMenu
ReleaseDC
GetClientRect
TabbedTextOutW
GetMessageTime
GetClassLongW
GetKeyState
SendMessageW
GetDlgCtrlID
CopyRect
GetMessagePos
PtInRect
GetSubMenu
EnableMenuItem
SetWindowsHookExW
GetDlgItem
GetMenuCheckMarkDimensions
GetSystemMetrics
PeekMessageW
GetMenuState
SetForegroundWindow
DispatchMessageW
GetClassInfoExW
ModifyMenuW
WinHelpW
SetWindowTextW
GetSysColorBrush
DefWindowProcW
ValidateRect
GetLastActivePopup
GetSysColor
SystemParametersInfoA
GetForegroundWindow
GetPropW
LoadIconW
GetWindow
SetMenuItemBitmaps
RemovePropW
DrawTextW
MessageBoxW
IsWindowEnabled
IsIconic
RegisterClassW
CallWindowProcW
SetWindowLongW
GetClassInfoW
CallNextHookEx
UnhookWindowsHookEx
GetWindowPlacement
PostMessageW
GetMenu
SetPropW
ClientToScreen
SetWindowPos
LoadBitmapW
DestroyWindow
GetMenuItemCount
AdjustWindowRectEx
GetClassNameW
GetMenuItemID
GetParent
GetFocus
RegisterWindowMessageW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

oleacc

CreateStdAccessibleObject
LresultFromObject

gdi32

DeleteDC
CreateBitmap
GetDeviceCaps
TextOutW
DeleteObject
GetStockObject
PtVisible
SetViewportOrgEx
SetMapMode
ExtTextOutW
SelectObject
RectVisible
ScaleWindowExtEx
SetTextColor
Escape
SetWindowExtEx
RestoreDC
OffsetViewportOrgEx
SaveDC
SetBkColor
GetClipBox
ScaleViewportExtEx
SetViewportExtEx

kernel32

GlobalAddAtomW
MultiByteToWideChar
DeleteFileW
GetProcAddress
DeleteCriticalSection
LocalReAlloc
TlsGetValue
GetThreadLocale
FlushFileBuffers
HeapReAlloc
GetCurrentThreadId
WriteFile
LeaveCriticalSection
lstrcpynW
ReadFile
GlobalAlloc
GetLastError
lstrcpyW
FreeLibrary
GlobalReAlloc
MoveFileA
HeapDestroy
DeleteFileA
GetStartupInfoW
TlsAlloc
GetCurrentProcessId
lstrcatW
GlobalLock
GlobalUnlock
InterlockedIncrement
EnterCriticalSection
SetFileAttributesA
SetFileAttributesW
FindVolumeClose
HeapAlloc
GetLocaleInfoA
VirtualProtect
InterlockedDecrement
SetLastError
InitializeCriticalSection
SetFilePointer
GetModuleHandleA
HeapFree
TlsFree
LoadResource
TlsSetValue
GetSystemInfo
GlobalFindAtomW
CreateDirectoryA
TerminateProcess
EnumResourceLanguagesA
LoadLibraryA
VirtualAlloc
LocalAlloc
GetVersion
RaiseException
GlobalFree
MoveFileW
GlobalFlags
QueryPerformanceCounter
VirtualQuery
TlsGetValue
CreateDirectoryW
InterlockedExchange
RtlUnwind
ExitProcess
lstrcmpW
CopyFileW
HeapCreate
FormatMessageW
ExitProcess
LockResource
GetSystemTimeAsFileTime
GetTickCount
LocalFree
GetCurrentProcess
GlobalDeleteAtom
GetACP
GetModuleHandleW
GlobalHandle
RemoveDirectoryW
FindResourceW
SizeofResource
GetVersionExW
HeapSize
WideCharToMultiByte
CopyFileA
RemoveDirectoryA

shlwapi

PathFindFileNameA
PathIsDirectoryA
PathAppendA
PathFindExtensionA
PathCanonicalizeW
PathFileExistsW
PathRemoveFileSpecW
PathAppendW
PathFindFileNameW
PathRemoveBackslashW
StrStrA
PathFileExistsA
PathCanonicalizeA
PathAddExtensionW
PathAddBackslashW
StrStrW
PathIsDirectoryEmptyA
PathRemoveFileSpecA
PathFindExtensionW
PathIsDirectoryW
PathIsDirectoryEmptyW

Sections

.text
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c31c9ea1740b7ef68a3f08430a1c65e3

Headers

File Characteristics

Imports

ole32

user32

winspool.drv

oleacc

gdi32

kernel32

shlwapi

Sections

.text Size: 105KB - Virtual size: 105KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 20KB - Virtual size: 20KB

.rsrc Size: 1024B - Virtual size: 332KB

.text
Size: 105KB - Virtual size: 105KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 20KB - Virtual size: 20KB

.rsrc
Size: 1024B - Virtual size: 332KB