8d1192bd3dede283488499935155daa0133528e1d295e7510e8ba2b18f67d73f

Sharing

Copy URL Twitter E-mail

General

Target

8d1192bd3dede283488499935155daa0133528e1d295e7510e8ba2b18f67d73f
Size

301KB
MD5

6081c183d0c01326493a72e3de938ad9
SHA1

fb314f1268f6c1f342087093f2f46c83990e3e23
SHA256

8d1192bd3dede283488499935155daa0133528e1d295e7510e8ba2b18f67d73f
SHA512

baa03d57cdc09c43a7d3dd97a0b7fd5d56e784b6d2121b8901387f5eef80dcffe66b3a45d85e9d1ace4a5c2a3a8a91a7b7d5b1c341676078a927c580d5f45045
SSDEEP

6144:qshyT+J4LrOdCjLINL83GzyybRwLk7CalUAo9TBaqe2P:XoLINeGkLUzbo9TNv

Score

N/A

Malware Config

Signatures

Files

8d1192bd3dede283488499935155daa0133528e1d295e7510e8ba2b18f67d73f
.exe windows x86

3fc78768a1cd3f73e0b34a9006448dbb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

sasdk

SACreateToken
SACreateConfig
SAConfigGetGroupNumber
SAConfigGetGroup
SARelease

kernel32

GlobalFlags
GetCPInfo
GetOEMCP
SetErrorMode
GetSystemTimeAsFileTime
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
GetCommandLineA
GetStartupInfoA
HeapAlloc
HeapFree
VirtualAlloc
HeapReAlloc
ExitProcess
ExitThread
HeapSize
GetConsoleCP
GetConsoleMode
SetHandleCount
GetStdHandle
GetACP
IsValidCodePage
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
InitializeCriticalSectionAndSpinCount
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetProcessHeap
CompareStringW
SetEnvironmentVariableA
WritePrivateProfileStringA
InterlockedIncrement
GetModuleHandleW
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetFileAttributesA
CreateFileA
GetCurrentProcess
SetEndOfFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
ReleaseMutex
CreateMutexA
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
InterlockedDecrement
GetModuleFileNameW
FreeResource
GetCurrentProcessId
GlobalAddAtomA
SuspendThread
ResumeThread
SetThreadPriority
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
LoadLibraryA
CompareStringA
InterlockedExchange
lstrcmpA
GetModuleHandleA
GetProcAddress
GetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
MultiByteToWideChar
MulDiv
lstrlenA
FreeLibrary
SetLastError
CreateEventA
WaitForSingleObject
CloseHandle
CreateThread
SetEvent
FileTimeToSystemTime
RemoveDirectoryA
GetVersionExA
WinExec
Sleep
CreateDirectoryA
FindFirstFileA
FindNextFileA
FindClose
DeleteFileA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetModuleFileNameA
GetFileType

user32

DestroyMenu
UnregisterClassA
LoadCursorA
GetSysColorBrush
EndPaint
BeginPaint
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
RegisterWindowMessageA
WinHelpA
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
CopyRect
PtInRect
DefWindowProcA
GetMenu
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
UnhookWindowsHookEx
GetWindowTextA
SetWindowPos
SetFocus
ShowWindow
SetWindowLongA
GetDlgCtrlID
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
GetWindow
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
MessageBoxA
SetCursor
SetWindowsHookExA
CallNextHookEx
GetActiveWindow
UpdateWindow
IsWindowVisible
GetKeyState
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
GetParent
ModifyMenuA
EnableMenuItem
CheckMenuItem
PostQuitMessage
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
PeekMessageA
GetSystemMetrics
EnableWindow
LoadIconA
SetTimer
GetClientRect
IsIconic
SendMessageA
DrawIcon
GetMessageA
TranslateMessage
DispatchMessageA
PostMessageA
CallWindowProcA

gdi32

SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
GetStockObject
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
GetClipBox
CreateBitmap
GetDeviceCaps
RectVisible
PtVisible
DeleteObject
SetMapMode
RestoreDC
SaveDC
GetObjectA
SetBkColor
SetTextColor
OffsetViewportOrgEx

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegCloseKey
RegisterServiceCtrlHandlerA
SetServiceStatus
StartServiceA
ControlService
DeleteService
OpenSCManagerA
OpenServiceA
CreateServiceA
CloseServiceHandle
StartServiceCtrlDispatcherA
RegOpenKeyA
RegCreateKeyA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
LogonUserA

shell32

ShellExecuteA

shlwapi

PathFindFileNameA
PathFindExtensionA

oleaut32

VariantClear
VariantChangeType
VariantInit

ws2_32

closesocket
accept
socket
select
htonl
bind
WSACleanup
sendto
recvfrom
WSAAsyncSelect
send
recv
ntohs
inet_addr
gethostbyname
WSAStartup
inet_ntoa
connect
listen
setsockopt
getpeername
WSAGetLastError
shutdown
WSASetLastError
htons

Sections

.text
Size: 216KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3fc78768a1cd3f73e0b34a9006448dbb

Headers

DLL Characteristics

File Characteristics

Imports

sasdk

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

shlwapi

oleaut32

ws2_32

Sections

.text Size: 216KB - Virtual size: 216KB

.rdata Size: 55KB - Virtual size: 55KB

.data Size: 9KB - Virtual size: 25KB

.rsrc Size: 19KB - Virtual size: 19KB

.text
Size: 216KB - Virtual size: 216KB

.rdata
Size: 55KB - Virtual size: 55KB

.data
Size: 9KB - Virtual size: 25KB

.rsrc
Size: 19KB - Virtual size: 19KB