37ed24204e29c85db7588b1cf7729ab7d9e5b1bc6ed21ccd746e7b86e4a67353

Sharing

Copy URL Twitter E-mail

General

Target

37ed24204e29c85db7588b1cf7729ab7d9e5b1bc6ed21ccd746e7b86e4a67353
Size

843KB
MD5

721df4d97ceb0501230c7d5306dcf710
SHA1

1d069029667ae5adbab56084c061e199c144768d
SHA256

37ed24204e29c85db7588b1cf7729ab7d9e5b1bc6ed21ccd746e7b86e4a67353
SHA512

876d203be90a840c1b6353b26b0d2fff7f5d5fc4092ca2662f94a8bf5ca1a2a2e4715b8a06c58309a8ac0a83b33a2b79c62a24b6f7ecf8ad7d74a6926064fd0f
SSDEEP

24576:tkNgCvp4BoQuzlQ3yuNC82JinwTFk52D:tkNpBdpzlQ3PagwTFN

Score

N/A

Malware Config

Signatures

Files

37ed24204e29c85db7588b1cf7729ab7d9e5b1bc6ed21ccd746e7b86e4a67353
.dll windows x86

7dc59306e43ec75e403d66484b11c8c0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

VerSetConditionMask
RtlUnwind

winspool.drv

DocumentPropertiesW
GetPrinterW
EnumFormsW
GetJobW
SetJobW
GetPrinterDriverW
AbortPrinter
StartPagePrinter
EndPagePrinter
WritePrinter

kernel32

InterlockedDecrement
GetCurrentThreadId
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapReAlloc
HeapSize
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
InterlockedIncrement
VirtualAlloc
WriteFile
LoadLibraryA
InitializeCriticalSection
GetModuleHandleW
Sleep
SetFilePointer
GetConsoleCP
GetConsoleMode
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
TlsFree
GetSystemInfo
VirtualQuery
CreateFileA
FlushFileBuffers
GetLocaleInfoW
TlsSetValue
TlsAlloc
TlsGetValue
ExitProcess
GetModuleHandleA
HeapAlloc
HeapFree
OutputDebugStringA
CreateThread
ExitThread
RaiseException
GetVersionExA
GetCommandLineA
InterlockedExchange
CloseHandle
GlobalLock
GlobalUnlock
CreateEventW
SetEvent
WaitForSingleObject
GetModuleFileNameW
FreeLibrary
GetSystemDirectoryW
LoadLibraryW
GetProcAddress
FormatMessageA
LocalFree
GetLastError
MulDiv
SetLastError
DisableThreadLibraryCalls
VerifyVersionInfoW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
FormatMessageW
GetOEMCP
LocalAlloc
CreateFileW
DeleteFileW
CreateHardLinkW
ReadFile
GetFileSize
GetTempFileNameW
GetTempPathW
RemoveDirectoryW
FindNextFileW
FindClose
FindFirstFileW
VirtualProtect

gdi32

FONTOBJ_pifi
FONTOBJ_cGetGlyphs
FONTOBJ_pQueryGlyphAttrs
XFORMOBJ_bApplyXform
XFORMOBJ_iGetXform
STROBJ_bEnum
STROBJ_vEnumStart
PATHOBJ_bEnum
PATHOBJ_vEnumStart
EngDeletePath
CLIPOBJ_ppoGetPath
FONTOBJ_pvTrueTypeFontFile
BRUSHOBJ_pvGetRbrush
EngDeletePalette
EngCreatePalette
EngCreateBitmap
EngAlphaBlend
EngTransparentBlt
EngPlgBlt
EngStretchBltROP
EngBitBlt
EngEraseSurface
EngCopyBits
BRUSHOBJ_pvAllocRbrush
EngTextOut
EngGradientFill
EngStrokeAndFillPath
EngFillPath
EngStrokePath
XLATEOBJ_piVector
XLATEOBJ_cGetPalette
EngLockSurface
EngStretchBlt
EngUnlockSurface
EngDeleteSurface
EngCreateDeviceSurface
EngAssociateSurface
EngMarkBandingSurface
FONTOBJ_pxoGetXform

user32

SetRectEmpty
IntersectRect
IsRectEmpty
UnionRect
LoadStringW
OffsetRect
CopyRect

ole32

CreateStreamOnHGlobal
StringFromGUID2
CoCreateGuid
GetHGlobalFromStream
CoTaskMemFree

oleaut32

SysAllocStringLen
SetErrorInfo
GetErrorInfo
SysAllocString
SysFreeString

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Exports

Exports

DllMain
DrvDisableDriver
DrvEnableDriver
DrvQueryDriverInfo

Sections

.text
Size: 696KB - Virtual size: 696KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7dc59306e43ec75e403d66484b11c8c0

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

winspool.drv

kernel32

gdi32

user32

ole32

oleaut32

advapi32

version

Exports

Exports

Sections

.text Size: 696KB - Virtual size: 696KB

.data Size: 14KB - Virtual size: 22KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 34KB - Virtual size: 33KB

.rmnet Size: 96KB - Virtual size: 96KB

.text
Size: 696KB - Virtual size: 696KB

.data
Size: 14KB - Virtual size: 22KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 34KB - Virtual size: 33KB

.rmnet
Size: 96KB - Virtual size: 96KB