b49b00fc2f5d5addd47dea0053ab4a7e2760405842dadfef8fc01f68b50fa8ed

Sharing

Copy URL Twitter E-mail

General

Target

b49b00fc2f5d5addd47dea0053ab4a7e2760405842dadfef8fc01f68b50fa8ed
Size

2.0MB
MD5

72db7e864a1928b5cd71f73c5b0c5ece
SHA1

1c0e26c15d902566bb501104c02abdadfadbf451
SHA256

b49b00fc2f5d5addd47dea0053ab4a7e2760405842dadfef8fc01f68b50fa8ed
SHA512

25e3cfe1b7488b9d20657c4bcfe88ac5ed27db14ddcfe5750cb0e4617e8a91e6434f359570a8e55a0274c7eb007cb5a71a5a008b9e43598bf2d0d9dd403a15fe
SSDEEP

6144:Wg20S2I7fO8VijNEmfAOitUYiL7Y1JmnR2/r7yEdrE6e4rOaKKN7vrlh:bSlfO86NEmYOiOYiXnj/Q7v

Score

N/A

Malware Config

Signatures

Files

b49b00fc2f5d5addd47dea0053ab4a7e2760405842dadfef8fc01f68b50fa8ed
.exe windows x86

8cc86c31e65a92ff711b1cf3d6219eda

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
CreateThread
ExitThread
SetEnvironmentVariableA
GetCommandLineA
ExitProcess
RaiseException
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetACP
GetTimeZoneInformation
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
FileTimeToLocalFileTime
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
FileTimeToSystemTime
GetProfileStringA
GetFullPathNameA
SetEndOfFile
FlushFileBuffers
SetFilePointer
SetErrorMode
GetOEMCP
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
SizeofResource
GetLastError
GlobalFlags
GetProfileIntA
LocalFree
MulDiv
SetLastError
ResumeThread
GlobalAlloc
lstrcmpA
GetCurrentThread
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetModuleHandleA
GlobalLock
GlobalUnlock
GlobalFree
LockResource
GetPrivateProfileStringA
FindResourceA
LoadResource
WinExec
GetWindowsDirectoryA
CreateToolhelp32Snapshot
Process32First
OpenProcess
Process32Next
SetSystemPowerState
GetCurrentProcess
CreateFileA
FindFirstFileA
FindNextFileA
FindClose
RemoveDirectoryA
GetCurrentDirectoryA
CreateDirectoryA
GetModuleFileNameA
lstrcpynA
Sleep
MoveFileA
WriteFile
LoadLibraryA
GetProcAddress
FreeLibrary
CreatePipe
GetStartupInfoA
CreateProcessA
CloseHandle
ReadFile
WaitForSingleObject
TerminateProcess
GetSystemTime
GetDriveTypeA
DeleteFileA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetFileType

user32

GetDlgItemTextA
SetDlgItemTextA
IsDialogMessageA
SetWindowTextA
MoveWindow
ShowWindow
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
GetMenuCheckMarkDimensions
PostQuitMessage
ValidateRect
TranslateMessage
GetMessageA
GetWindowDC
BeginPaint
EndPaint
DestroyMenu
SetRectEmpty
GetDCEx
WindowFromPoint
GetSysColorBrush
LoadStringA
IsWindowVisible
GetTopWindow
MessageBoxA
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetMenuItemID
TrackPopupMenu
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
CreateWindowExA
SetWindowsHookExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetLastActivePopup
SetForegroundWindow
GetWindow
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
LoadCursorA
CopyIcon
RedrawWindow
IsWindow
SetCursor
MessageBeep
DestroyCursor
RegisterWindowMessageA
ExitWindowsEx
GetMessagePos
ScreenToClient
ClientToScreen
UpdateWindow
UnionRect
DrawEdge
DrawFrameControl
InflateRect
GetFocus
PeekMessageA
DispatchMessageA
GrayStringA
DrawTextA
TabbedTextOutA
PostMessageA
SetCapture
DrawFocusRect
GetDC
ReleaseDC
CopyRect
GetWindowLongA
SetWindowLongA
EnableWindow
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
CharNextA
IsWindowUnicode
GetSysColor
GetParent
LockWindowUpdate
GetKeyState
InsertMenuA
RemoveMenu
KillTimer
InvalidateRect
SetTimer
GetCursorPos
LoadMenuA
GetSubMenu
ReleaseCapture
SendDlgItemMessageA
MapWindowPoints
SetFocus
AdjustWindowRectEx
EqualRect
CallNextHookEx
PtInRect
GetClassNameA
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
SetWindowRgn
LoadBitmapA
SendMessageA
GetWindowRect
LoadIconA
GetForegroundWindow

gdi32

GetClipBox
SetTextColor
SetBkColor
DeleteDC
SaveDC
RestoreDC
SelectObject
SetBkMode
SetROP2
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
DeleteObject
CreateRectRgn
GetDeviceCaps
CreatePen
CreatePatternBrush
PatBlt
CreateRectRgnIndirect
UnrealizeObject
Rectangle
SetRectRgn
CombineRgn
GetTextExtentPoint32A
CreateSolidBrush
CreateFontIndirectA
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
CreateBitmap
GetPixel
GetObjectA
CreateCompatibleDC
LPtoDP
CreateCompatibleBitmap
GetMapMode
DPtoLP
GetBkColor
BitBlt
GetStockObject
CreateDIBitmap
GetTextExtentPointA
CreateRoundRectRgn

comdlg32

GetOpenFileNameA
GetSaveFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegQueryValueA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
AdjustTokenPrivileges

shell32

SHGetSpecialFolderLocation
DragQueryFileA
ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA

comctl32

ord17
ImageList_Destroy

Sections

.text
Size: 192KB - Virtual size: 189KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8cc86c31e65a92ff711b1cf3d6219eda

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

Sections

.text Size: 192KB - Virtual size: 189KB

.rdata Size: 40KB - Virtual size: 36KB

.data Size: 24KB - Virtual size: 40KB

.rsrc Size: 1.8MB - Virtual size: 1.8MB

.text
Size: 192KB - Virtual size: 189KB

.rdata
Size: 40KB - Virtual size: 36KB

.data
Size: 24KB - Virtual size: 40KB

.rsrc
Size: 1.8MB - Virtual size: 1.8MB