09e340a7b0f0029f94d252385e66a3b36dd9582c6bf97e2e89cbf9acab70ec5c

General

Target

09e340a7b0f0029f94d252385e66a3b36dd9582c6bf97e2e89cbf9acab70ec5c
Size

589KB
MD5

6b05976ea6625edd14c76aabab42cf20
SHA1

81e631dd02fa713d9d5e3375af409e587460daa6
SHA256

09e340a7b0f0029f94d252385e66a3b36dd9582c6bf97e2e89cbf9acab70ec5c
SHA512

97e7d71d7c14ffa9feda7088371c8d1cb951332efd2bc19d0e7552b6aa2822a2e5789b77563f14530b3ba39bd13ea21c4c2c6d7ef2239a1c5d159a38ca89c585
SSDEEP

12288:iAOekOIMJlJ/JaPmRLgfLGZFqEmMWvjyLrgyW3JcYC+/:iP0IMJlquRiqzgOLrg9eYCC

Score

N/A

Malware Config

Signatures

Files

09e340a7b0f0029f94d252385e66a3b36dd9582c6bf97e2e89cbf9acab70ec5c
.exe windows x86

b3ab09f4543c34b827f8a9700436de5f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
VirtualAlloc
GetProcAddress
LoadLibraryA
HeapWalk
FreeLibrary
IsValidLocale
SetNamedPipeHandleState
ReadFile
DosDateTimeToFileTime
GetHandleInformation
GetLocalTime
PurgeComm
MapViewOfFileEx
GetVersion
OpenSemaphoreW
FindNextVolumeMountPointW
GetSystemTime
SetConsoleKeyShortcuts

user32

DrawStateA
CascadeWindows
TileChildWindows

winspool.drv

ConfigurePortA
ord209
EnumPrintProcessorDatatypesW
ClosePrinter
DeleteFormW
DeletePrintProcessorA
EnumJobsW
ord207
EnumJobsA
AddPrinterDriverExW
DocumentPropertiesA
EnumPrintProcessorsA
DeletePortW
DeletePrinterDataA
AddMonitorA
DeletePrinterDataExW
EnumPrintProcessorDatatypesA
AddPortA
AddJobA
EnumFormsA
OpenPrinterA
GetPrintProcessorDirectoryA
SetPrinterDataA
EnumPortsW
ord256
DeleteMonitorA

msvcrt

memset
_unlink
fsetpos
ferror
fwprintf
_wexecve
fclose
fseek
fopen
sprintf
printf
strrchr
fwrite
_strerror
feof
fread
fputs
fprintf
ftell
fputc
getenv

Sections

.text
Size: 572KB - Virtual size: 570KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b3ab09f4543c34b827f8a9700436de5f

Headers

File Characteristics

Imports

kernel32

user32

winspool.drv

msvcrt

Sections

.text Size: 572KB - Virtual size: 570KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 5KB

.text
Size: 572KB - Virtual size: 570KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 5KB