97b26f5e1a9b838a5fa14ec4605f550eaeb30aa46162554b2ea9c2cc18abbd35

Sharing

Copy URL Twitter E-mail

General

Target

97b26f5e1a9b838a5fa14ec4605f550eaeb30aa46162554b2ea9c2cc18abbd35
Size

180KB
MD5

66bf1e2b2a7b6c11c98e2a6970781ab7
SHA1

b1bb398f4d33d5551edf99b11a71122ac10bb7ed
SHA256

97b26f5e1a9b838a5fa14ec4605f550eaeb30aa46162554b2ea9c2cc18abbd35
SHA512

429860106a8e29b096203ccc6c138ba129dfcf906c4f51c74309949c830a909ff0a1d525d79902ade6a153ed9fe88942a95d0e8dbfa83f72a164e331b87872c7
SSDEEP

3072:QAasb0jwt0mhDCI7AruohjcPgZtZ5lBptHuRKvv3gwawaW:QAalwt0mtAr5CPeTB5PTa

Score

N/A

Malware Config

Signatures

Files

97b26f5e1a9b838a5fa14ec4605f550eaeb30aa46162554b2ea9c2cc18abbd35
.dll windows x86

c67bb539cecf5272602df48502247ddb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

widcommsdk

??0CSdpDiscoveryRec@@QAE@XZ
?ReadDiscoveryRecords@CBtIf@@QAEHQAEHPAVCSdpDiscoveryRec@@PAU_GUID@@@Z
??1CSdpDiscoveryRec@@QAE@XZ
?StartDiscovery@CBtIf@@QAEHQAEPAU_GUID@@@Z
?StartInquiry@CBtIf@@QAEHXZ
?StopInquiry@CBtIf@@QAEXXZ
??1CBtIf@@UAE@XZ
??0CBtIf@@QAE@XZ
?OnAudioConnected@CBtIf@@UAEXG@Z
?OnAudioDisconnect@CBtIf@@UAEXG@Z
?OnDiscoveryComplete@CBtIf@@UAEXGJ@Z
?OnStackStatusChange@CBtIf@@UAEXW4STACK_STATUS@1@@Z

kernel32

WaitForSingleObject
CloseHandle
CreateEventW
OutputDebugStringW
DisableThreadLibraryCalls
LocalFree
FormatMessageW
GlobalAlloc
OutputDebugStringA
WideCharToMultiByte
GetCurrentProcess
GetModuleHandleW
ReleaseMutex
CallNamedPipeA
CreateThread
CreateMutexW
GetCPInfo
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
SetFilePointer
WriteFile
GetVersionExW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
TerminateProcess
LCMapStringW
LCMapStringA
IsBadWritePtr
VirtualAlloc
ExitProcess
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
VirtualFree
HeapCreate
HeapDestroy
TlsGetValue
LoadLibraryA
GetModuleFileNameA
lstrcpyW
lstrcatW
lstrlenW
GlobalFree
MultiByteToWideChar
SetEvent
LoadLibraryW
GetProcAddress
FreeLibrary
GetLastError
SetLastError
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP
SetStdHandle
ReadFile
FlushFileBuffers
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetVersion
GetEnvironmentStringsW
RtlUnwind
HeapFree
HeapReAlloc
HeapAlloc
InterlockedDecrement
InterlockedIncrement
GetCommandLineA

user32

SetWindowLongW
wsprintfW
IsWindow
DialogBoxParamW
EnableWindow
CallWindowProcW
CheckDlgButton
CheckRadioButton
PostMessageW
SetClassLongW
DestroyWindow
wvsprintfW
WinHelpW
ShowWindow
SetWindowPos
InvalidateRect
SendDlgItemMessageW
MessageBoxW
SetDlgItemTextW
GetWindowLongW
EndDialog
SetWindowTextW
SetForegroundWindow
GetDlgItem
LoadCursorW
SetCursor
GetDlgItemTextW
GetClientRect
CreateWindowExW
LoadIconW
GetWindowRect
LoadStringW
SendMessageW

advapi32

CryptAcquireContextW
RegQueryValueExW
RegEnumKeyExW
RegDeleteKeyW
RegCreateKeyExW
CryptImportKey
CryptDecrypt
CryptGetUserKey
CryptGenKey
CryptExportKey
CryptEncrypt
CryptDestroyKey
InitializeSecurityDescriptor
CryptSetProvParam
CryptReleaseContext
RegDeleteValueW
RegSetValueExW
RegOpenKeyExW
RegCloseKey

winspool.drv

XcvDataW
OpenPrinterW
EnumPortsW
ClosePrinter

comctl32

ImageList_Create
ImageList_ReplaceIcon

Exports

Exports

DllEntryPoint
InitializePrintMonitorUI

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c67bb539cecf5272602df48502247ddb

Headers

File Characteristics

Imports

widcommsdk

kernel32

user32

advapi32

winspool.drv

comctl32

Exports

Exports

Sections

.text Size: 72KB - Virtual size: 71KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 80KB - Virtual size: 89KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 12KB - Virtual size: 10KB

.text
Size: 72KB - Virtual size: 71KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 80KB - Virtual size: 89KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 12KB - Virtual size: 10KB