2ad67629411a5faf43033d7a1580a404761d7e84dbb69559d8076dc8f48f4c61

Sharing

Copy URL Twitter E-mail

General

Target

2ad67629411a5faf43033d7a1580a404761d7e84dbb69559d8076dc8f48f4c61
Size

7.8MB
MD5

69b3f7e65eaeaa27700d165012e3dca5
SHA1

74bbe4e34b1adbda3a7a60fdfa48c0ebe4bf2809
SHA256

2ad67629411a5faf43033d7a1580a404761d7e84dbb69559d8076dc8f48f4c61
SHA512

a939e762d39920f162765cab77441ba4ee3bce041e25b6db75b580e442f22ae4c909fd267ff6eabd9a91210174c94c805b337bfc7039b006385d5dc4abb51738
SSDEEP

196608:CphP2ys1OkJB5FcSZlSMfcPqHhWwzCo3i:lPkGzcSZlSBXYCo3i

Score

N/A

Malware Config

Signatures

Files

2ad67629411a5faf43033d7a1580a404761d7e84dbb69559d8076dc8f48f4c61
.exe windows x86

75354e15bdd9c9a61a640be1d370971a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__p__commode
__p__fmode
__set_app_type
_adjust_fdiv
_controlfp
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_except_handler3
strncpy

winspool.drv

ord214
PrinterProperties
FreePrinterNotifyInfo
StartDocPrinterA

pdh

PdhBrowseCountersW

shell32

SHFormatDrive
FindExecutableA

user32

GetMessageA
PeekMessageA
SetTimer
PaintDesktop
DispatchMessageA
IsWindowUnicode
SetScrollPos
SwitchDesktop
CreateDialogIndirectParamW
MessageBoxExA
PostThreadMessageW
GetKBCodePage
OpenWindowStationW
GetScrollRange
GetWindowRgn

kernel32

ReadFile
GetThreadContext
CreateProcessA
SetThreadContext
GetModuleHandleA
GetLastError
GetStartupInfoA
GetProcAddress

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 24.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SELIGER
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

FYKN
Size: 4KB - Virtual size: 810B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

LILY
Size: 4KB - Virtual size: 810B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

YEWF
Size: 4KB - Virtual size: 810B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

COZH
Size: 4KB - Virtual size: 810B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

U7MC
Size: 4KB - Virtual size: 810B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RBKM
Size: 4KB - Virtual size: 810B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

U3PN
Size: 4KB - Virtual size: 810B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

FX7Y
Size: 4KB - Virtual size: 810B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

HZO5
Size: 4KB - Virtual size: 810B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

XDKM
Size: 4KB - Virtual size: 810B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

JMVF
Size: 4KB - Virtual size: 810B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RRJW
Size: 4KB - Virtual size: 810B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ENIL
Size: 4KB - Virtual size: 810B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

S8EN
Size: 4KB - Virtual size: 810B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

HH8J
Size: 4KB - Virtual size: 810B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

GGVC
Size: 4KB - Virtual size: 810B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

FBCD
Size: 4KB - Virtual size: 810B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

I1YJ
Size: 4KB - Virtual size: 810B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BEWB
Size: 4KB - Virtual size: 810B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

WQAI
Size: 4KB - Virtual size: 810B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

TOGR
Size: 4KB - Virtual size: 810B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

NDXH
Size: 4KB - Virtual size: 810B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RUGG
Size: 4KB - Virtual size: 810B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

LTP2
Size: 4KB - Virtual size: 810B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

IRQ7
Size: 4KB - Virtual size: 810B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

AWNL
Size: 4KB - Virtual size: 810B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

JKP2
Size: 4KB - Virtual size: 810B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Y6DT
Size: 4KB - Virtual size: 810B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

75354e15bdd9c9a61a640be1d370971a

Headers

File Characteristics

Imports

msvcrt

winspool.drv

pdh

shell32

user32

kernel32

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 40KB - Virtual size: 24.1MB

SELIGER Size: 2.2MB - Virtual size: 2.2MB

FYKN Size: 4KB - Virtual size: 810B

LILY Size: 4KB - Virtual size: 810B

YEWF Size: 4KB - Virtual size: 810B

COZH Size: 4KB - Virtual size: 810B

U7MC Size: 4KB - Virtual size: 810B

RBKM Size: 4KB - Virtual size: 810B

U3PN Size: 4KB - Virtual size: 810B

FX7Y Size: 4KB - Virtual size: 810B

HZO5 Size: 4KB - Virtual size: 810B

XDKM Size: 4KB - Virtual size: 810B

JMVF Size: 4KB - Virtual size: 810B

RRJW Size: 4KB - Virtual size: 810B

ENIL Size: 4KB - Virtual size: 810B

S8EN Size: 4KB - Virtual size: 810B

HH8J Size: 4KB - Virtual size: 810B

GGVC Size: 4KB - Virtual size: 810B

FBCD Size: 4KB - Virtual size: 810B

I1YJ Size: 4KB - Virtual size: 810B

BEWB Size: 4KB - Virtual size: 810B

WQAI Size: 4KB - Virtual size: 810B

TOGR Size: 4KB - Virtual size: 810B

NDXH Size: 4KB - Virtual size: 810B

RUGG Size: 4KB - Virtual size: 810B

LTP2 Size: 4KB - Virtual size: 810B

IRQ7 Size: 4KB - Virtual size: 810B

AWNL Size: 4KB - Virtual size: 810B

JKP2 Size: 4KB - Virtual size: 810B

Y6DT Size: 4KB - Virtual size: 810B

.rsrc Size: 20KB - Virtual size: 16KB

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 40KB - Virtual size: 24.1MB

SELIGER
Size: 2.2MB - Virtual size: 2.2MB

FYKN
Size: 4KB - Virtual size: 810B

LILY
Size: 4KB - Virtual size: 810B

YEWF
Size: 4KB - Virtual size: 810B

COZH
Size: 4KB - Virtual size: 810B

U7MC
Size: 4KB - Virtual size: 810B

RBKM
Size: 4KB - Virtual size: 810B

U3PN
Size: 4KB - Virtual size: 810B

FX7Y
Size: 4KB - Virtual size: 810B

HZO5
Size: 4KB - Virtual size: 810B

XDKM
Size: 4KB - Virtual size: 810B

JMVF
Size: 4KB - Virtual size: 810B

RRJW
Size: 4KB - Virtual size: 810B

ENIL
Size: 4KB - Virtual size: 810B

S8EN
Size: 4KB - Virtual size: 810B

HH8J
Size: 4KB - Virtual size: 810B

GGVC
Size: 4KB - Virtual size: 810B

FBCD
Size: 4KB - Virtual size: 810B

I1YJ
Size: 4KB - Virtual size: 810B

BEWB
Size: 4KB - Virtual size: 810B

WQAI
Size: 4KB - Virtual size: 810B

TOGR
Size: 4KB - Virtual size: 810B

NDXH
Size: 4KB - Virtual size: 810B

RUGG
Size: 4KB - Virtual size: 810B

LTP2
Size: 4KB - Virtual size: 810B

IRQ7
Size: 4KB - Virtual size: 810B

AWNL
Size: 4KB - Virtual size: 810B

JKP2
Size: 4KB - Virtual size: 810B

Y6DT
Size: 4KB - Virtual size: 810B

.rsrc
Size: 20KB - Virtual size: 16KB