f3fa9d6af0c06daf76a4df742e18c867bf5858228dea19ec166f6f6ecc6ddc15

Sharing

Copy URL Twitter E-mail

General

Target

f3fa9d6af0c06daf76a4df742e18c867bf5858228dea19ec166f6f6ecc6ddc15
Size

304KB
MD5

570b26bba37952c24ffad9ef020cc2a5
SHA1

01b5028bd0dd81f953a05383942a916088032da1
SHA256

f3fa9d6af0c06daf76a4df742e18c867bf5858228dea19ec166f6f6ecc6ddc15
SHA512

f0a7ccae615c6de0379eca2568c81194aa226eb343d28efa2c8da64924b048ec9f9504792a19eee1fd123ef605ba263a1d861e5f928c6c9d8fde04fa3800908f
SSDEEP

3072:t3W78aZ0noeXU8+Xh+HCky8jxsG3pHoww+tUD2k/lS8ApmtXmgXQ2gt+OKuuYpxL:Z08hoF8ylRGBjk/lqeXXQ2LOKuCqklt

Score

N/A

Malware Config

Signatures

Files

f3fa9d6af0c06daf76a4df742e18c867bf5858228dea19ec166f6f6ecc6ddc15
.exe windows x86

51719f5b0c3a7f17894051be5be02095

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winspool.drv

ConvertAnsiDevModeToUnicodeDevmode
DeviceCapabilitiesW
EnumJobsW
ClosePrinter
EnumPrintersW
GetPrinterDriverA
OpenPrinterW
OpenPrinterA
GetPrinterDriverW
GetPrinterDriverDirectoryA

user32

ReleaseDC
OemToCharBuffA
LoadStringW
LoadStringA
GetDesktopWindow
GetDC
CharUpperBuffA
CharUpperA
CharToOemBuffA

kernel32

FindResourceA
FlushFileBuffers
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
FreeResource
GetACP
GetCPInfo
GetCommandLineA
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetCurrentDirectoryA
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDiskFreeSpaceExA
GetDiskFreeSpaceExW
GetDriveTypeA
GetDriveTypeW
GetEnvironmentStringsA
GetEnvironmentStringsW
GetFileAttributesA
GetFileAttributesW
GetFileSize
GetFileType
GetFullPathNameA
GetFullPathNameW
GetLastError
GetLocaleInfoA
GetLocaleInfoW
GetLongPathNameW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetPrivateProfileIntA
GetProcAddress
GetProcessHeap
GetShortPathNameW
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDefaultLangID
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTempFileNameW
GetTempPathA
GetTempPathW
GetTickCount
GetTimeZoneInformation
GetUserDefaultLCID
GetVersion
FindNextFileW
GlobalAlloc
GlobalFree
GlobalHandle
GlobalLock
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDBCSLeadByte
IsDBCSLeadByteEx
IsDebuggerPresent
FindNextFileA
IsValidCodePage
IsValidLocale
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LoadResource
LocalAlloc
LockResource
MoveFileA
MoveFileW
MultiByteToWideChar
QueryPerformanceCounter
RaiseException
ReadFile
RemoveDirectoryA
RemoveDirectoryW
ResetEvent
RtlUnwind
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableA
SetEvent
SetFileAttributesW
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
SizeofResource
Sleep
SwitchToThread
SystemTimeToFileTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
lstrcatA
lstrcatW
lstrcmpA
lstrcmpiA
lstrcpyA
lstrcpyW
lstrcpynA
lstrcpynW
lstrlenA
lstrlenW
FindFirstFileW
FindFirstFileA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
ExitProcess
EnumSystemLocalesA
EnterCriticalSection
DeleteFileW
DeleteFileA
DeleteCriticalSection
CreateFileW
CreateFileA
CreateEventA
CreateDirectoryW
CreateDirectoryA
CompareStringW
CompareStringA
CompareFileTime
CloseHandle
GetVersionExA
IsProcessorFeaturePresent

advapi32

CloseServiceHandle
CryptGenRandom
CryptReleaseContext
GetUserNameW
RegCloseKey
RegOpenKeyA
RegOpenKeyExW
RegQueryValueExA
RegQueryValueExW
SetSecurityDescriptorRMControl
CryptAcquireContextA

gdi32

StartPage
StartDocA
SetPixelV
SetICMMode
SetBkColor
SelectObject
RemoveFontResourceW
GetTextFaceA
CreateFontIndirectA
CreateDIBSection
CreateDCW
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
BitBlt
AddFontResourceW
DeleteObject
EndDoc
EndPage
EnumFontFamiliesA
EnumFontFamiliesExA
ExtSelectClipRgn
GdiResetDCEMF
GetDIBits
GetDeviceCaps
GetFontData
GetStockObject
GetObjectA
DeleteDC
CreateScalableFontResourceW

ole32

HMETAFILEPICT_UserSize
CoUninitialize
CoInitialize
CoCreateGuid
HMENU_UserMarshal

shell32

SHChangeNotify
SHFileOperationA
SHFileOperationW
SHGetDesktopFolder
SHGetFileInfoA
SHGetFileInfoW
SHGetMalloc
SHGetPathFromIDListA
SHGetPathFromIDListW
SHGetSpecialFolderLocation

Sections

.text
Size: 241KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

51719f5b0c3a7f17894051be5be02095

Headers

File Characteristics

Imports

winspool.drv

user32

kernel32

advapi32

gdi32

ole32

shell32

Sections

.text Size: 241KB - Virtual size: 244KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 22KB - Virtual size: 23KB

.idata Size: 6KB - Virtual size: 7KB

.rsrc Size: 1024B - Virtual size: 3KB

.text
Size: 241KB - Virtual size: 244KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 22KB - Virtual size: 23KB

.idata
Size: 6KB - Virtual size: 7KB

.rsrc
Size: 1024B - Virtual size: 3KB