00212b562c3d76115e1ac34ae85346d89cfb9fcc8760f809fec7d125816b7655

Sharing

Copy URL Twitter E-mail

General

Target

00212b562c3d76115e1ac34ae85346d89cfb9fcc8760f809fec7d125816b7655
Size

556KB
MD5

6b36faa1e60664a669df58270e2c1880
SHA1

8fcc05feedc4f380d9a690da2c36bd65cfca29b8
SHA256

00212b562c3d76115e1ac34ae85346d89cfb9fcc8760f809fec7d125816b7655
SHA512

eedde10f9401ca14ee018dfca0d5e589612fdc05c0d87dbd8a719ac195b7433878b0061c6dd396c1fd0907ab1371ebcbcac11b25acc33777c1e8d3d54a073336
SSDEEP

12288:QtKmhbbirXXhcOK6OfxHS+q1T0aX8kwU2/OlKHV:QtrmrHBROptWd2/4U

Score

N/A

Malware Config

Signatures

Files

00212b562c3d76115e1ac34ae85346d89cfb9fcc8760f809fec7d125816b7655
.exe windows x86

4feb4bef1323f4ad0385618a1e19b041

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetHandleInformation
GetModuleHandleA
GetProcAddress
IsValidLocale
VirtualAlloc
ReadConsoleOutputA
GetFileSizeEx
SwitchToFiber
FreeLibrary
lstrlenW
GetNumberOfConsoleInputEvents
FindFirstVolumeA
FindNextVolumeA
OpenSemaphoreW
SetFileApisToOEM
GetVersion
ReadFile
BackupSeek
GetCalendarInfoA
UTRegister
GetSystemTime
EscapeCommFunction
GetOEMCP
VirtualFreeEx
LoadLibraryExW
GetLocalTime
HeapAlloc
GetStartupInfoA

winmm

mmioClose
mmGetCurrentTask
mid32Message
joyGetNumDevs
waveInUnprepareHeader
midiStreamPosition
waveOutSetVolume
mmioCreateChunk
waveInGetDevCapsW
midiConnect
mmioAdvance
mmsystemGetVersion
timeGetTime
mixerClose
waveInGetErrorTextA
sndPlaySoundW
midiOutUnprepareHeader
mciSendStringA
PlaySoundA
midiOutCacheDrumPatches

winspool.drv

ord211
EnumFormsA
FindFirstPrinterChangeNotification
OpenPrinterA
ord204
SetPrinterDataExA
DocumentPropertiesA
DocumentPropertiesW

msvcrt

_fputchar
_onexit
__dllonexit
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_mbscmp
_mbsnbcmp
_mbscspn
_mbsnbicoll
_mbsinc
_mbsrchr
_mbsnicoll
ferror
__lc_handle
_wtempnam
_ismbcalpha
sprintf
tolower
atexit
strlen
__threadhandle
_winver
feof
fwprintf
_adj_fprem
_adj_fdiv_m64
fsetpos
printf
_mbslwr
_strlwr
fread
_atoi64
_memccpy
_findfirst
iswalpha
__argv
_endthread
_snwprintf
fprintf
_mbsnset
ftell
fopen
localtime
fputc
memset
_CIasin
__p__environ
fputs
fwrite
_tell
__p__osver
getwchar
fclose
_tzname
_loaddll
_commode
_wexeclp
_aexit_rtn
_ltoa
_getmbcp
strstr
_wopen
strcpy
__p__mbctype
_fcvt
_CIsinh
_fpieee_flt
_logb
_rmtmp
_unlink
_outp
_adj_fdivr_m64
strncmp
_amsg_exit
fseek
wcstol
_tolower

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 508KB - Virtual size: 506KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4feb4bef1323f4ad0385618a1e19b041

Headers

File Characteristics

Imports

kernel32

winmm

winspool.drv

msvcrt

Sections

.text Size: 36KB - Virtual size: 33KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 508KB - Virtual size: 506KB

.text
Size: 36KB - Virtual size: 33KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 508KB - Virtual size: 506KB