8e6e495959abef5878aaec0f9179f4199d3187abd9f6d4bdb76a8499f56649bf

Sharing

Copy URL Twitter E-mail

General

Target

8e6e495959abef5878aaec0f9179f4199d3187abd9f6d4bdb76a8499f56649bf
Size

1.6MB
MD5

69f2233dab4bb2464b039213330f2db7
SHA1

4e61c70e579a6884ebfac6519a9d0eee5532f083
SHA256

8e6e495959abef5878aaec0f9179f4199d3187abd9f6d4bdb76a8499f56649bf
SHA512

5e39ed81475aa0eb123a47172768fde0958554604056ecdab6cc43b3b6ed4c09c46895074adba2ceea54f36d214740151e38ed78c40d64905f1af5ba1fcddc5a
SSDEEP

24576:Qn6zTFudNRUo7/pJb4nOxGRK5UIYG4hiEneIMwNiQhwJbsbZS6oB4JqFPs/:/3Fuqo7xJ9Q4bGUwBAQHZ4Vm

Score

N/A

Malware Config

Signatures

Files

8e6e495959abef5878aaec0f9179f4199d3187abd9f6d4bdb76a8499f56649bf
.dll windows x86

774c31da0150aa128b2e894a2b2d9833

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

GetConvertStg

version

GetFileVersionInfoSizeW

winspool.drv

FindFirstPrinterChangeNotification
DeletePrinterDriverW
GetPrinterDriverA
GetPrinterDriverDirectoryW
GetPrintProcessorDirectoryW

advapi32

EqualDomainSid
GetOldestEventLogRecord
GetSecurityDescriptorOwner
IsWellKnownSid
GetSecurityDescriptorGroup
EnumServicesStatusExW
GetServiceDisplayNameA
GetSidIdentifierAuthority
GetEventLogInformation
GetServiceDisplayNameW

kernel32

GetProcessId
FindClose
GetCPInfo
FlushConsoleInputBuffer
LockResource
LocalAlloc
GetSystemDirectoryA
GetComputerNameExW
GetSystemInfo
GetVolumePathNamesForVolumeNameW
GetComputerNameW
WriteProfileStringW
GetUserDefaultUILanguage
FillConsoleOutputCharacterA
GetLargestConsoleWindowSize
WriteProcessMemory
GetCurrencyFormatA
GetProcAddress
FoldStringW
ExitThread
GetStringTypeExW
GetConsoleMode
GetTimeZoneInformation
GetThreadPriority
FindResourceA
GetModuleHandleA
GetSystemWindowsDirectoryW
GetModuleFileNameA
GetBinaryTypeA
ReadFile
lstrcmpA
GetModuleFileNameW

user32

GetMenuCheckMarkDimensions
LoadKeyboardLayoutA
GetUserObjectInformationW
GetMenuBarInfo
GetMenuItemInfoA
FindWindowW
DrawTextA
GetDlgItemInt
GetTabbedTextExtentA
GetWindowInfo
GetProcessWindowStation
DrawTextExW
GetWindowThreadProcessId
GetWindowWord
FreeDDElParam
GetSysColor
GetRawInputDeviceInfoW
LoadKeyboardLayoutW
FillRect
LoadIconA
GetMenuStringW
DestroyCursor
EqualRect
GetScrollBarInfo
GetClipboardSequenceNumber
DefFrameProcA
GetKeyboardState

comdlg32

GetFileTitleW

oleaut32

GetErrorInfo

gdi32

GetPixel
DescribePixelFormat
FloodFill
FlattenPath
GetTextAlign
GetLayout
GetTextMetricsA
GetTextColor
GetTextCharset
GetDIBits

msvcrt

ungetwc
strcoll

Sections

.text
Size: 500KB - Virtual size: 496KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 748KB - Virtual size: 746KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 260KB - Virtual size: 261KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

774c31da0150aa128b2e894a2b2d9833

Headers

DLL Characteristics

File Characteristics

Imports

ole32

version

winspool.drv

advapi32

kernel32

user32

comdlg32

oleaut32

gdi32

msvcrt

Sections

.text Size: 500KB - Virtual size: 496KB

.rdata Size: 748KB - Virtual size: 746KB

.data Size: 260KB - Virtual size: 261KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 108KB - Virtual size: 107KB

.text
Size: 500KB - Virtual size: 496KB

.rdata
Size: 748KB - Virtual size: 746KB

.data
Size: 260KB - Virtual size: 261KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 108KB - Virtual size: 107KB