fa2027de9fbbcd187e3bcc9a2351bc067adbc8b537417045b8894ad9340994d1

Sharing

Copy URL Twitter E-mail

General

Target

fa2027de9fbbcd187e3bcc9a2351bc067adbc8b537417045b8894ad9340994d1
Size

956KB
MD5

d87aea556a8e1cdf7143d90ac76340f9
SHA1

234cc09019ced453bdb0c84934c31cf7609851cc
SHA256

fa2027de9fbbcd187e3bcc9a2351bc067adbc8b537417045b8894ad9340994d1
SHA512

4852d7a5ec63143c50436cb36de21cd42a64fd6396e5df41f7c93a063ecb072a223dfcb9c973b0f7e51b1b0f4a52f5dd481d07c6c0657548e22e7427d19494a2
SSDEEP

12288:bMS57mg0ms4cQNkJQYx6DFuTPx8VKDvxhHfMqVC4yix7jgVfkXCFQx:bMS57k4b5Yx6DraxVChIgV8yO

Score

1^/10

Malware Config

Signatures

Files

fa2027de9fbbcd187e3bcc9a2351bc067adbc8b537417045b8894ad9340994d1
.exe windows x86

e1dd3bee3d42fb3df6b0b1d991089327

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
IsBadWritePtr
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
IsBadReadPtr
IsBadCodePtr
SetHandleCount
SetStdHandle
GetEnvironmentStringsW
GetProfileStringA
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetACP
HeapSize
TerminateProcess
GetCommandLineA
GetStartupInfoA
RaiseException
RtlUnwind
FlushFileBuffers
SetFilePointer
WriteFile
GetCurrentProcess
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
SizeofResource
GetLastError
GlobalFlags
lstrcpynA
MultiByteToWideChar
InterlockedIncrement
LocalFree
WideCharToMultiByte
InterlockedDecrement
lstrlenA
MulDiv
HeapAlloc
SetLastError
CloseHandle
GetModuleFileNameA
GlobalAlloc
lstrcmpA
GetCurrentThread
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetModuleHandleA
GlobalLock
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
Sleep
ExitProcess
LoadLibraryA
GetProcAddress
VirtualProtect
VirtualAlloc
FreeLibrary
VirtualFree
HeapFree
GetProcessHeap
HeapReAlloc

user32

GetDesktopWindow
DestroyMenu
LoadMenuA
SetMenu
ReuseDDElParam
UnpackDDElParam
InvalidateRect
BringWindowToTop
SetRect
DestroyCursor
LoadCursorA
FillRect
PtInRect
GetClassNameA
GetSysColorBrush
SetCapture
WindowFromPoint
LoadStringA
FindWindowA
GetTabbedTextExtentA
SetTimer
KillTimer
GetDCEx
LockWindowUpdate
SetParent
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GetMessageA
TranslateMessage
ValidateRect
GetCursorPos
SetCursor
ShowOwnedPopups
PostQuitMessage
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
ShowWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
PostMessageA
UpdateWindow
SendDlgItemMessageA
GetSysColor
ReleaseCapture
DispatchMessageA
GetFocus
SetFocus
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
IsWindowVisible
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
MessageBoxA
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
EnableWindow
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
CharNextA
IsWindowUnicode
LoadIconA
SendMessageA
DrawIcon
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
PeekMessageA
InflateRect
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetParent
LoadBitmapA
IsIconic
GetSystemMetrics
GetClientRect
MapWindowPoints

gdi32

SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
IntersectClipRect
MoveToEx
LineTo
SetTextAlign
GetCurrentPositionEx
CreateRectRgn
GetViewportExtEx
SetBkMode
CreatePen
CreateSolidBrush
CreatePatternBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
PatBlt
CreateRectRgnIndirect
SetRectRgn
CombineRgn
CreateFontIndirectA
DPtoLP
AbortDoc
EndDoc
EndPage
StartPage
SetAbortProc
CreateDCA
GetViewportOrgEx
LPtoDP
GetBkColor
GetNearestColor
GetTextColor
GetStretchBltMode
GetPolyFillMode
GetTextAlign
GetBkMode
GetROP2
GetTextFaceA
GetCharWidthA
GetWindowOrgEx
BitBlt
GetStockObject
RestoreDC
SaveDC
StartDocA
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
Rectangle
GetObjectA
CreateCompatibleDC
SelectObject
StretchBlt
DeleteDC
DeleteObject
GetTextMetricsA
GetDeviceCaps
GetWindowExtEx
CreateDIBitmap
GetTextExtentPointA
GetTextExtentPoint32A

comdlg32

GetFileTitleA
CommDlgExtendedError
PrintDlgA
GetSaveFileNameA
GetOpenFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey

shell32

DragQueryFileA
DragFinish

comctl32

ord17
ImageList_Destroy

Sections

.text
Size: 148KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 293KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 488KB - Virtual size: 484KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e1dd3bee3d42fb3df6b0b1d991089327

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

Sections

.text Size: 148KB - Virtual size: 144KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 280KB - Virtual size: 293KB

.rsrc Size: 488KB - Virtual size: 484KB

.text
Size: 148KB - Virtual size: 144KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 280KB - Virtual size: 293KB

.rsrc
Size: 488KB - Virtual size: 484KB