69cef5f960b24b0d3582cb90bbc489baf69b09b535481f1b72cb66ad27fc474c

Sharing

Copy URL Twitter E-mail

General

Target

69cef5f960b24b0d3582cb90bbc489baf69b09b535481f1b72cb66ad27fc474c
Size

548KB
MD5

7968a40ae5c04e96bb3c9d61bf1034c3
SHA1

b2bfe60a88f8d66d5a1e9e73864fad72eed94606
SHA256

69cef5f960b24b0d3582cb90bbc489baf69b09b535481f1b72cb66ad27fc474c
SHA512

9eaf997c546bf3df26895185bfca251bff6f7170a690513c4e9d04e478929b1fa7094f8ab4e0abc4b84d77f7f9c7119978cc7acc77592e44c197dc7f540d4198
SSDEEP

12288:GtBvD90PCCkY8l2y/lKy9jY6arO644CxqsO:GtB790PCCk1pln9B4CxqsO

Score

N/A

Malware Config

Signatures

Files

69cef5f960b24b0d3582cb90bbc489baf69b09b535481f1b72cb66ad27fc474c
.exe windows x86

b0a89decd916b344f062f7e180141867

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringA
RaiseException
HeapAlloc
HeapFree
TerminateProcess
HeapReAlloc
HeapSize
GetACP
GetStartupInfoA
GetCommandLineA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetTimeZoneInformation
RtlUnwind
ReadFile
WritePrivateProfileStringA
GetStringTypeA
GetStringTypeW
IsBadCodePtr
SetStdHandle
GetVersionExA
CompareStringA
CompareStringW
SetEnvironmentVariableA
ExitProcess
FindResourceA
LoadResource
LockResource
SizeofResource
SetThreadPriority
Sleep
SetErrorMode
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileSize
GetFileTime
GetOEMCP
GetFileAttributesA
TlsGetValue
GetCPInfo
GetProcessVersion
EnterCriticalSection
LocalReAlloc
TlsSetValue
TlsFree
GlobalReAlloc
LeaveCriticalSection
TlsAlloc
GlobalHandle
DeleteCriticalSection
GlobalFlags
InitializeCriticalSection
LocalAlloc
GetFullPathNameA
LockFile
lstrcpynA
UnlockFile
GlobalAlloc
FlushFileBuffers
DuplicateHandle
lstrcmpA
GetCurrentThread
SetLastError
LocalFree
MulDiv
lstrcatA
InterlockedDecrement
InterlockedIncrement
lstrcmpiA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalDeleteAtom
GlobalAddAtomA
GlobalFindAtomA
WriteFile
GetModuleHandleA
GlobalFree
VirtualFree
FindNextFileA
IsBadReadPtr
SetEndOfFile
MoveFileA
SetFilePointer
GetTempFileNameA
GetShortPathNameA
MoveFileExA
GetVolumeInformationA
SetUnhandledExceptionFilter
GetCurrentDirectoryA
GetSystemDirectoryA
GetCurrentProcess
GetLastError
GlobalLock
GlobalUnlock
lstrlenA
lstrcpyA
WideCharToMultiByte
RemoveDirectoryA
SetFileAttributesA
DeleteFileA
MultiByteToWideChar
GetVersion
SystemTimeToFileTime
GetLocalTime
CreateFileA
SetFileTime
SuspendThread
TerminateThread
ResumeThread
ResetEvent
SetEvent
CreateThread
VirtualAlloc
IsBadWritePtr
HeapDestroy
HeapCreate
SetCurrentDirectoryA
FreeLibrary
GetWindowsDirectoryA
CreateDirectoryA
GetTempPathA
GetPrivateProfileStringA
FindClose
FindFirstFileA
GetModuleFileNameA
GetProfileStringA
GetProcAddress
LoadLibraryA
WaitForSingleObject
CreateEventA
OpenEventA
CloseHandle
GetDiskFreeSpaceA
GetDriveTypeA

user32

CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
GetMenuCheckMarkDimensions
EnableMenuItem
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
SetCursor
ValidateRect
TranslateMessage
GetMessageA
DrawFocusRect
FillRect
InflateRect
GetSysColorBrush
LoadStringA
GetTopWindow
WinHelpA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
SetForegroundWindow
GetWindow
SetWindowPos
IsDialogMessageA
IntersectRect
GetWindowPlacement
GetNextDlgTabItem
EndDialog
SetActiveWindow
CreateDialogIndirectParamA
SetWindowTextA
ShowWindow
IsWindowEnabled
ExitWindowsEx
OpenClipboard
GetClipboardData
CloseClipboard
LoadImageA
LoadBitmapA
GetCursorPos
ClientToScreen
CreatePopupMenu
TrackPopupMenu
DestroyMenu
IsIconic
DrawIcon
GetDesktopWindow
MapWindowPoints
ScreenToClient
GetClassNameA
GetWindowLongA
MoveWindow
DrawTextExA
InvalidateRect
CopyRect
GetClassInfoA
DefWindowProcA
LoadCursorA
RegisterClassA
PostMessageA
GetForegroundWindow
SetWindowRgn
GetDC
ReleaseDC
GetWindowRect
GetSystemMetrics
OffsetRect
PostQuitMessage
CharUpperA
GetParent
wsprintfA
MessageBoxA
UpdateWindow
LoadIconA
GetFocus
IsWindow
GetCapture
PtInRect
SetCapture
ReleaseCapture
RedrawWindow
SetRect
SendDlgItemMessageA
GetSysColor
PeekMessageA
DispatchMessageA
SetFocus
AdjustWindowRectEx
IsWindowVisible
DestroyWindow
GetDlgItem
RegisterWindowMessageA
SystemParametersInfoA
GetClientRect
EnableWindow
SendMessageA
SetWindowLongA
GetActiveWindow
GetLastActivePopup
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
CharNextA
IsWindowUnicode

gdi32

BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
SelectPalette
CreateRectRgn
CreateFontIndirectA
GetStockObject
GetObjectA
CreateDIBitmap
DeleteDC
RealizePalette
CreatePalette
GetDeviceCaps
CombineRgn
CreateRoundRectRgn
StretchBlt
CreatePen
CreateFontA
CreateSolidBrush
RoundRect
FrameRgn
PatBlt
SetTextColor
SetBkColor
GetClipBox
CreateBitmap
SaveDC
RestoreDC
SetBkMode
SetViewportOrgEx
OffsetViewportOrgEx
SetMapMode
ScaleViewportExtEx
SetViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
RectVisible
TextOutA
PtVisible
Escape
GetTextMetricsA
ExtTextOutA
GetTextExtentPointA
DeleteObject
SelectObject

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegDeleteValueA
RegCreateKeyExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegEnumKeyA
RegEnumValueA
RegCloseKey
RegFlushKey
RegDeleteKeyA
RegCreateKeyA
RegSetValueExA
RegOpenKeyExA
RegOpenKeyA
RegQueryValueExA

shell32

SHGetDesktopFolder
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA
ShellExecuteA
SHGetFileInfoA

comctl32

ImageList_Destroy
ord17

ole32

CoCreateInstance
CoUninitialize
CoInitialize

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

Sections

.text
Size: 216KB - Virtual size: 214KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Removea
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 260KB - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b0a89decd916b344f062f7e180141867

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ole32

version

Sections

.text Size: 216KB - Virtual size: 214KB

.Removea Size: 4KB - Virtual size: 3KB

.rdata Size: 48KB - Virtual size: 44KB

.data Size: 16KB - Virtual size: 135KB

.rsrc Size: 260KB - Virtual size: 258KB

.text
Size: 216KB - Virtual size: 214KB

.Removea
Size: 4KB - Virtual size: 3KB

.rdata
Size: 48KB - Virtual size: 44KB

.data
Size: 16KB - Virtual size: 135KB

.rsrc
Size: 260KB - Virtual size: 258KB