08e14aed0a48ea8562ff1aa7199ba55a011e7e6af8b93117f24b6617d04e22b1

Sharing

Copy URL

Twitter E-mail

General

Target

08e14aed0a48ea8562ff1aa7199ba55a011e7e6af8b93117f24b6617d04e22b1
Size

589KB
MD5

049a67043603fae6a55c02fad0128120
SHA1

701d3787b03586d7c9a65487509c8ea965c45a56
SHA256

08e14aed0a48ea8562ff1aa7199ba55a011e7e6af8b93117f24b6617d04e22b1
SHA512

047a50b75b91e2bb6e6be575408d59e3839164c6b411904fa726821b747dfc3740c1adceb92c23e81c55c139425eda54672b1fa341b287c7f1b7d28d5840841c
SSDEEP

12288:t+ujy2PtaclKuvqWi7TGO4k6109z9ZpDHGFSH:HxFaclf3SGO4n1sYwH

Score

N/A

Malware Config

Signatures

Files

08e14aed0a48ea8562ff1aa7199ba55a011e7e6af8b93117f24b6617d04e22b1
.exe windows x86

3bf76bfd34f2f3d226b12f2bd6d8bf29

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiA
FreeLibrary
BeginUpdateResourceW
ConsoleMenuControl
VerLanguageNameW
EnumResourceNamesW
WriteConsoleOutputA
GetVolumeNameForVolumeMountPointA
GetSystemTime
GetHandleInformation
GetACP
GetCompressedFileSizeW
SetCommState
LocalFree
FreeEnvironmentStringsA
GetProcAddress
GetModuleHandleA
GetFileType
FindNextFileA
GetLocalTime
VirtualAlloc
LoadLibraryA
IsValidLocale
VirtualLock
GetVersion
GetStartupInfoA

gdi32

GdiPlayScript
LPtoDP
CopyEnhMetaFileW
SetPixelFormat
CreateCompatibleBitmap
CreateCompatibleDC
CombineRgn
SetLayout
DeleteDC
GetObjectA
SelectObject
GetStockObject

comctl32

ImageList_ReplaceIcon
ord2
ord17
_TrackMouseEvent
FlatSB_GetScrollInfo
ord8

shell32

StrCmpNW

shlwapi

PathGetArgsW
PathIsDirectoryA
SHDeleteKeyA
SHRegEnumUSValueA
PathIsSameRootA
SHEnumValueW
PathFileExistsW
SHRegSetUSValueW
PathCanonicalizeA
StrIsIntlEqualA
PathStripPathW
PathRelativePathToA
StrPBrkA

version

VerInstallFileA
VerQueryValueW
GetFileVersionInfoSizeA

winmm

waveOutGetNumDevs
midiDisconnect
mmTaskYield
midiOutLongMsg
PlaySoundA
timeGetTime
joyGetDevCapsW
mciGetErrorStringA
mciGetDeviceIDA

winspool.drv

ConfigurePortA
AddJobW
AddFormA
ResetPrinterW
GetPrinterDataW
AddMonitorA
DocumentPropertiesA
OpenPrinterA

msvcrt

_ftime
_onexit
__dllonexit
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_mbccpy
_setjmp
fclose
_strlwr
_mbsdec
_strnset
fputc
_itow
_ismbbgraph
fread
fsetpos
_y1
wprintf
_unlink
_wopen
_ismbbkpunct
fseek
fopen
_wexecle
fwprintf
_cscanf
ferror
_dstbias
fprintf
_mbstok
ftell
_CxxThrowException
_EH_prolog
sprintf
printf
feof
fputs
__lc_collate_cp
memset
fwrite

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 544KB - Virtual size: 542KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3bf76bfd34f2f3d226b12f2bd6d8bf29

Headers

File Characteristics

Imports

kernel32

gdi32

comctl32

shell32

shlwapi

version

winmm

winspool.drv

msvcrt

Sections

.text Size: 36KB - Virtual size: 35KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 544KB - Virtual size: 542KB

.text
Size: 36KB - Virtual size: 35KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 544KB - Virtual size: 542KB