56f2ab45972ed49a5169405223eafd1600a780b8381eeee0e1c5a75a7f38bce8

Sharing

Copy URL Twitter E-mail

General

Target

56f2ab45972ed49a5169405223eafd1600a780b8381eeee0e1c5a75a7f38bce8
Size

388KB
MD5

6e6865c8f2e4f620d4cf9a8b971383be
SHA1

c6bca11ee2cccceaa7b2efcc6ce72b424474af8f
SHA256

56f2ab45972ed49a5169405223eafd1600a780b8381eeee0e1c5a75a7f38bce8
SHA512

86a45b9532f657cd078f6128e43f339546d3e22f459e022cfdae87400e67692e656916a7a5fe1ae2fdb1170382308c06897e23538edc9143f1e2fc1c4220c835
SSDEEP

6144:Nbw7Tlmw1ru5qshdJaR5yU8IwwV1r5+VGkDtG2bi4fhLxfzmxQB0dNR:mPlmw1ru5qsZi51t+VvDE2bi4fhLxSR

Score

N/A

Malware Config

Signatures

Files

56f2ab45972ed49a5169405223eafd1600a780b8381eeee0e1c5a75a7f38bce8
.exe windows x86

3bd86700e11f11ffe5a473929ef17d2b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteProfileStringA
GetProfileStringA
lstrcatA
lstrcpyA
GetShortPathNameA
GlobalFree
lstrlenA
GlobalAlloc
GetVersionExA
SetEnvironmentVariableA
CreateDirectoryA
GetWindowsDirectoryA
CreateEventA
OpenEventA
CreateFileA
FindClose
FindFirstFileA
Sleep
GetLastError
SetEvent
ResetEvent
CreateMutexA
WaitForSingleObject
ReleaseMutex
CreateProcessA
CloseHandle
GetPrivateProfileStringA
GetFileTime
CompareFileTime
RtlUnwind
GetStdHandle
SetHandleCount
SetEndOfFile
LoadLibraryA
GetProcAddress
WritePrivateProfileStringA
ExitProcess
TerminateProcess
GetCurrentProcess
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
HeapFree
RaiseException
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
HeapAlloc
HeapReAlloc
HeapSize
FlushFileBuffers
WriteFile
ReadFile
GetACP
GetOEMCP
GetFileType
SetFilePointer
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetCPInfo
CompareStringA
CompareStringW

user32

SendMessageTimeoutA

winspool.drv

ClosePrinter
GetPrinterA
OpenPrinterA

advapi32

RegSetValueExA
RegFlushKey
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegQueryInfoKeyA

Sections

.text
Size: 188KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3bd86700e11f11ffe5a473929ef17d2b

Headers

File Characteristics

Imports

kernel32

user32

winspool.drv

advapi32

Sections

.text Size: 188KB - Virtual size: 184KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 20KB - Virtual size: 29KB

.rsrc Size: 4KB - Virtual size: 912B

.text Size: 164KB - Virtual size: 164KB

.text
Size: 188KB - Virtual size: 184KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 20KB - Virtual size: 29KB

.rsrc
Size: 4KB - Virtual size: 912B

.text
Size: 164KB - Virtual size: 164KB