e3386a0e1d2cea2889dde022f86d13cb03fdaa3915bf18bd76b7f36ca26fb144

General

Target

e3386a0e1d2cea2889dde022f86d13cb03fdaa3915bf18bd76b7f36ca26fb144
Size

590KB
MD5

08a80ecc30f55fb02a988fbeaac0c171
SHA1

eccb9fb28304e3ab30a6d79b17faffd47be9a218
SHA256

e3386a0e1d2cea2889dde022f86d13cb03fdaa3915bf18bd76b7f36ca26fb144
SHA512

c1dd93bbab705729851614db7963e5ea93979ebab0ea7b796fb2f9fb036c24db09342612eef8ed1b8184bd510783426a939b389308c286fa5d76da9098fd08f0
SSDEEP

12288:tLUPylWfu6821uVvQ3zAedJHNduGhLKfou/v:aPyl8wguV4jrHNduQajn

Score

N/A

Malware Config

Signatures

Files

e3386a0e1d2cea2889dde022f86d13cb03fdaa3915bf18bd76b7f36ca26fb144
.exe windows x86

ccb5104eca9530238eff9c874bfe5f07

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
LoadLibraryA
GetVersion
IsValidLocale
GetConsoleAliasesLengthA
FreeLibrary
GetModuleHandleA
FindCloseChangeNotification
SetFilePointerEx
OutputDebugStringA
LockFile
SetComputerNameW
GetHandleInformation
VerLanguageNameW
GetPrivateProfileIntW
GetProcAddress
lstrlenW
CloseConsoleHandle
SetFileAttributesA
GetLocalTime
GetPrivateProfileStructW
GetSystemTime

shell32

StrStrIW

shlwapi

UrlIsOpaqueA
PathIsUNCServerA
PathIsRelativeW
StrCatW
UrlCreateFromPathW
SHRegCloseUSKey
SHRegQueryInfoUSKeyA
SHQueryValueExW
PathCanonicalizeA
PathCompactPathExW
PathRelativePathToA
StrDupA
PathIsSystemFolderW
SHRegWriteUSValueA

version

GetFileVersionInfoSizeA
VerFindFileA
VerQueryValueA
VerFindFileW

winspool.drv

EnumPrintProcessorDatatypesW
SetPortA
ord100
AddPortExA
DeletePrintProcessorA
EnumMonitorsA
PlayGdiScriptOnPrinterIC
DeletePrinterDataW
GetPrintProcessorDirectoryW
DocumentPropertiesA
ord101
OpenPrinterA
FindFirstPrinterChangeNotification
GetPrinterW

msvcrt

feof
fclose
__p__pgmptr
fopen
_getcwd
fseek
fread
ferror
fwprintf
sprintf
ftell
_outp
fputc
fwrite
memset
fputs
printf
fsetpos
iswascii
fprintf
_unlink

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 520KB - Virtual size: 516KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ccb5104eca9530238eff9c874bfe5f07

Headers

File Characteristics

Imports

kernel32

shell32

shlwapi

version

winspool.drv

msvcrt

Sections

.text Size: 60KB - Virtual size: 57KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 520KB - Virtual size: 516KB

.text
Size: 60KB - Virtual size: 57KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 520KB - Virtual size: 516KB