5ab5a3e5da4dfee4e63ba05343d2bd5c7cc97ccb22536222b4f2a3a2df6d8851[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

5ab5a3e5da4dfee4e63ba05343d2bd5c7cc97ccb22536222b4f2a3a2df6d8851.exe
Size

327KB
MD5

bd150346b2d1f6ecbcece405e004aeeb
SHA1

f176c92a8f954f0b24f40a7b0e225cc73f5304f7
SHA256

5ab5a3e5da4dfee4e63ba05343d2bd5c7cc97ccb22536222b4f2a3a2df6d8851
SHA512

b88b9075673551580ce8f0feeb0b66065a6edaa4a51d3b4c6927b5adee2f1d70edba0bd5e691235020a41f3f74148cfa165f02b25cd2ab0f2977d5b505a2a293
SSDEEP

6144:KBESagKBW6uyVnYfahsZj+q3Bl+uV+nBtul:dB7uyVnYCSd+uV+Cl

Score

N/A

Malware Config

Signatures

Files

5ab5a3e5da4dfee4e63ba05343d2bd5c7cc97ccb22536222b4f2a3a2df6d8851.exe
.exe windows x86

70cf8e5bdf81365ec7a136e22ddd239b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

CreateToolbarEx
CreateStatusWindowW
ord17

kernel32

lstrlenW
MultiByteToWideChar
WideCharToMultiByte
EnumLanguageGroupLocalesW
WriteConsoleW
ReadConsoleW
SetFilePointerEx
GetFileSizeEx
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
HeapSize
SetConsoleCtrlHandler
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
GetStringTypeW
GetFileType
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
lstrcatW
IsValidCodePage
FindNextFileW
GetProcessHeap
FindClose
OutputDebugStringW
GetCurrentThread
GetModuleHandleExW
ExitProcess
GetModuleFileNameW
GetStdHandle
RaiseException
EncodePointer
LoadLibraryExW
GetProcAddress
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetLastError
RtlUnwind
InterlockedFlushSList
InterlockedPushEntrySList
TerminateProcess
GetCurrentProcess
GetModuleHandleW
IsProcessorFeaturePresent
lstrcpyW
lstrcmpW
FormatMessageW
LocalFree
GlobalLock
GlobalUnlock
GlobalAlloc
VirtualAlloc
GetWindowsDirectoryW
GetACP
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
HeapFree
HeapReAlloc
HeapAlloc
GetLastError
CloseHandle
WriteFile
ReadFile
GetFileSize
CreateFileW
DecodePointer
CreateProcessW
GetCurrentDirectoryW
FindFirstFileExW

shell32

SHInvokePrinterCommandW
ShellAboutW
SHFileOperationA
FindExecutableW

urlmon

IsAsyncMoniker
BindAsyncMoniker
GetClassURL
FindMediaTypeClass
IsValidURL
CreateFormatEnumerator
GetClassFileOrMime

rtutils

RouterLogRegisterW
RouterLogEventDataW
TraceDeregisterA
RouterLogEventStringW
TracePrintfW
TraceGetConsoleW
RouterLogDeregisterW
RouterLogEventW
TraceDumpExA

oleaut32

VarI1FromI2
VarI2FromI4
LoadTypeLi
VariantChangeType
VariantInit
SysStringLen
SysFreeString
VarDecFromUI1
VarBstrFromUI4
VarI4FromDisp
VarUI2FromR8

odbc32

ord221
ord15
ord23
ord63
ord121
ord11

mscms

CreateMultiProfileTransform
GetStandardColorSpaceProfileW
IsColorProfileValid
UnregisterCMMW
GetStandardColorSpaceProfileA
CheckColors

winspool.drv

ConnectToPrinterDlg
EnumPrintProcessorsW
DeletePrintProcessorA

msacm32

acmStreamOpen
acmFilterEnumA
acmDriverEnum
acmFormatTagDetailsW

gdi32

CreateEnhMetaFileW
ExcludeClipRect
CreateEllipticRgnIndirect
SetICMProfileA
RemoveFontResourceExA
GetMetaFileA
GetROP2
ScaleViewportExtEx
SetDIBColorTable

user32

DialogBoxParamW
IsWindowVisible
MoveWindow
ShowWindow
DestroyWindow
CreateWindowExW
GetDlgItem
UpdateWindow
CheckDlgButton
OpenClipboard
EndDialog
CloseClipboard
SetClipboardData
GetDC
RegisterClassW
PostQuitMessage
DefWindowProcW
SendMessageW
DispatchMessageW
TranslateMessage
GetMessageW
wsprintfW
LoadStringW
EnableMenuItem
CheckMenuItem
GetMenu
EmptyClipboard
TranslateAcceleratorW
LoadCursorW
InvertRect
ScreenToClient
GetCursorPos
SetCursor
MessageBoxW
GetClientRect
GetWindowTextLengthW
GetWindowTextW
LoadAcceleratorsW
ReleaseCapture
SetWindowTextW
SetCapture
GetCapture
SetFocus
ReleaseDC
IsDlgButtonChecked

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

RegEnumKeyW
RegGetValueW
RegSetValueExW
RegQueryValueW
RegOpenKeyW
RegCloseKey
RegCreateKeyW
RegEnumValueW

ole32

OleInitialize
OleUninitialize
CLSIDFromString
CoCreateInstanceEx
CoCreateInstance
CoInstall
StringFromGUID2

Sections

.text
Size: 267KB - Virtual size: 267KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

70cf8e5bdf81365ec7a136e22ddd239b

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

kernel32

shell32

urlmon

rtutils

oleaut32

odbc32

mscms

winspool.drv

msacm32

gdi32

user32

comdlg32

advapi32

ole32

Sections

.text Size: 267KB - Virtual size: 267KB

.rdata Size: 45KB - Virtual size: 44KB

.data Size: 2KB - Virtual size: 9KB

.reloc Size: 11KB - Virtual size: 11KB

.text
Size: 267KB - Virtual size: 267KB

.rdata
Size: 45KB - Virtual size: 44KB

.data
Size: 2KB - Virtual size: 9KB

.reloc
Size: 11KB - Virtual size: 11KB