57dabbff10c83a068a9b89dfeed6c00c767388b80b3b7c4fa6c77bba7dff2c36

Sharing

Copy URL Twitter E-mail

General

Target

57dabbff10c83a068a9b89dfeed6c00c767388b80b3b7c4fa6c77bba7dff2c36
Size

617KB
MD5

18a9198ef5a1466597db029e289152f0
SHA1

aad4b0ef0116b0d821571f560726690c28374eb9
SHA256

57dabbff10c83a068a9b89dfeed6c00c767388b80b3b7c4fa6c77bba7dff2c36
SHA512

5826c885500abd6ef23ef9bea4ccd83b5c34c42b108489db8d7291a4df56d53d3d3523533240037eb0c0efd5bab2639ce20e02bbe086c1403587eeff27c89853
SSDEEP

12288:nWl/xJZC4A1z7SMy7Wrh9ZrWWw+FCm8rlAV2:nWlq7S1CrXkWwYGL

Score

N/A

Malware Config

Signatures

Files

57dabbff10c83a068a9b89dfeed6c00c767388b80b3b7c4fa6c77bba7dff2c36
.exe windows x64

40af45cd4c3bf8313cd8e7e58febc922

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GlobalAlloc
GlobalUnlock
GlobalHandle
SetLastError
GetVersionExA
CloseHandle
lstrcmpA
Sleep
GetLastError
GlobalLock
HeapReAlloc
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetLocaleInfoA
MultiByteToWideChar
HeapSize
GetOEMCP
GetACP
GetCPInfo
InitializeCriticalSection
EnterCriticalSection
GlobalFree
GetModuleFileNameA
LoadLibraryA
GetProcAddress
FreeLibrary
lstrcpyA
GetCommandLineA
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
RtlUnwindEx
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
FlsGetValue
FlsSetValue
TlsFree
FlsFree
GetCurrentThreadId
FlsAlloc
HeapSetInformation
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection

user32

wsprintfA
PostQuitMessage
DestroyWindow
CreateDialogParamA
SetWindowLongA
KillTimer
RegisterClassExA
CreateWindowExA
GetMessageA
TranslateMessage
DispatchMessageA
SetTimer
LoadStringA
SendDlgItemMessageA
GetWindowLongA
DefWindowProcA

winspool.drv

EnumPortsA
GetPrinterA
GetPrinterDataA
ClosePrinter
OpenPrinterA
EnumPrintersA

advapi32

RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegQueryValueExA

Sections

.text
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp1
Size: 540KB - Virtual size: 1.8MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

40af45cd4c3bf8313cd8e7e58febc922

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

winspool.drv

advapi32

Sections

.text Size: 41KB - Virtual size: 40KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 9KB

.pdata Size: 2KB - Virtual size: 2KB

.rsrc Size: 15KB - Virtual size: 15KB

.vmp1 Size: 540KB - Virtual size: 1.8MB

.text
Size: 41KB - Virtual size: 40KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 9KB

.pdata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 15KB - Virtual size: 15KB

.vmp1
Size: 540KB - Virtual size: 1.8MB