8e8ed88d5dd8da78d4f204031a20671ec6d05894e2fccf741a1673503fce59ba

Sharing

Copy URL Twitter E-mail

General

Target

8e8ed88d5dd8da78d4f204031a20671ec6d05894e2fccf741a1673503fce59ba
Size

2.1MB
MD5

8237cf3dba941f4f2ef5b2556a581c3c
SHA1

c23816be121aae3e821937996533962cf9d56e6c
SHA256

8e8ed88d5dd8da78d4f204031a20671ec6d05894e2fccf741a1673503fce59ba
SHA512

e4bacd04de1d3d24468025a84d73d7c7a832d436c28677c2c3bcd33bf2f78e2a02914df73c09ee788086487094c1482760ce26109e9b3024633314c5c55cb6c0
SSDEEP

24576:3h6EYh2AFr3Xmb7ctuTIXGi3rruoczTYn+zJCfXiNJ2P8/hjv8Q0CiQQV4EMbL7h:R6dIA67cmI9W3TK+zJSI5jv8Q0pQxDh

Score

N/A

Malware Config

Signatures

Files

8e8ed88d5dd8da78d4f204031a20671ec6d05894e2fccf741a1673503fce59ba
.dll windows x86

413b8a89b223c106c4746e477be9d442

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetErrorMode
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
HeapAlloc
HeapReAlloc
ExitThread
CreateThread
GetCommandLineA
GetProcessHeap
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
SetStdHandle
GetFileType
ExitProcess
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
GetStdHandle
GetModuleFileNameA
GetConsoleCP
GetConsoleMode
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetFileTime
GetFileSize
GetFileAttributesW
CreateFileW
FindFirstFileW
FindClose
FileTimeToLocalFileTime
FileTimeToSystemTime
GetThreadLocale
SuspendThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
lstrlenA
GetVersionExW
FreeResource
GetCurrentThreadId
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
InterlockedCompareExchange
FlushInstructionCache
SetThreadContext
GetThreadContext
GetSystemDirectoryA
FormatMessageW
LocalFree
MulDiv
CreateEventA
TerminateThread
ResumeThread
WaitForSingleObject
SetEvent
InterlockedExchange
GetPrivateProfileStringW
LoadLibraryExW
WritePrivateProfileStringW
lstrcmpiW
lstrlenW
InterlockedDecrement
InterlockedIncrement
GetVersion
CloseHandle
DeleteCriticalSection
RaiseException
GetCurrentThread
FreeLibrary
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
Sleep
GetLocalTime
GetLastError
SetLastError
LoadLibraryW
GetModuleHandleA
GetProcAddress
GetCurrentProcess
GlobalFindAtomW
GlobalAddAtomW
Beep
GlobalDeleteAtom
GetModuleHandleW
GetModuleFileNameW
GetCurrentProcessId
GetTickCount
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
MultiByteToWideChar

user32

PostThreadMessageW
TranslateMessage
ValidateRect
PostQuitMessage
EndPaint
BeginPaint
GrayStringW
DrawTextExW
TabbedTextOutW
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassNameW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessagePos
MapWindowPoints
GetKeyState
SetForegroundWindow
UpdateWindow
GetMenu
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
CopyRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowLongW
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
PeekMessageW
DispatchMessageW
GetSystemMetrics
IsZoomed
IsIconic
CharNextW
GetNextDlgGroupItem
OffsetRect
FillRect
DrawFrameControl
InflateRect
DrawFocusRect
DrawTextW
RegisterWindowMessageW
GetSysColor
CharUpperW
UnregisterClassW
DestroyMenu
GetSysColorBrush
RegisterClipboardFormatW
GetMessageTime
GetMessageW
GetAsyncKeyState
GetWindowLongW
IsWindowUnicode
GetClassLongW
GetClassLongA
EqualRect
SetRect
IsRectEmpty
GetWindowThreadProcessId
GetWindow
GetDesktopWindow
GetWindowDC
RegisterHotKey
ClientToScreen
GetClientRect
UnregisterHotKey
GetFocus
IsWindowVisible
PostMessageW
ReleaseDC
GetDC
GetCursorPos
ScreenToClient
ReleaseCapture
LoadCursorW
SetCursor
IsWindow
LoadIconW
SetCapture
KillTimer
SetTimer
InvalidateRect
GetWindowRect
DrawIcon
PtInRect
MessageBoxW
GetKeyNameTextW
EnableWindow
GetParent
SendMessageW
CreateWindowExW
UnregisterClassA

gdi32

SetWindowExtEx
ScaleWindowExtEx
DeleteDC
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
DeleteObject
SetMapMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
GetClipBox
GetDeviceCaps
GetStockObject
GetObjectW
CreateFontIndirectW
GetBkColor
CreateSolidBrush
SetBkMode
SetTextColor
GetTextExtentPoint32W
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
SetROP2
CreatePen
SelectObject
Rectangle
EnumFontFamiliesExW

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegQueryValueW
RegEnumKeyW
RegQueryValueExW
RegOpenKeyW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegDeleteValueW
RegDeleteKeyW
OpenProcessToken
GetTokenInformation
RegOpenKeyA
RegQueryValueExA
RegCloseKey

shell32

DragFinish
DragQueryFileW

shlwapi

PathFindFileNameW
PathStripToRootW
PathFileExistsW
PathFindExtensionW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoDisconnectObject
CoInitializeEx
CLSIDFromProgID
CoUninitialize
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter

oleaut32

LoadTypeLi
SysStringLen
VariantChangeType
VarUI4FromStr
SysAllocString
SysAllocStringLen
SysFreeString
VariantInit
VariantClear
VariantCopy

Exports

Exports

InitApp

Sections

.text
Size: 596KB - Virtual size: 592KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 676KB - Virtual size: 675KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 640KB - Virtual size: 639KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

413b8a89b223c106c4746e477be9d442

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

Exports

Exports

Sections

.text Size: 596KB - Virtual size: 592KB

.rdata Size: 132KB - Virtual size: 131KB

.data Size: 16KB - Virtual size: 47KB

.vmp0 Size: 676KB - Virtual size: 675KB

.reloc Size: 48KB - Virtual size: 44KB

.rsrc Size: 640KB - Virtual size: 639KB

.text
Size: 596KB - Virtual size: 592KB

.rdata
Size: 132KB - Virtual size: 131KB

.data
Size: 16KB - Virtual size: 47KB

.vmp0
Size: 676KB - Virtual size: 675KB

.reloc
Size: 48KB - Virtual size: 44KB

.rsrc
Size: 640KB - Virtual size: 639KB