7650deece3cead170a3de4f5c89d6d466bcfb8404d469a03b3ebfffd22405780

Sharing

Copy URL Twitter E-mail

General

Target

7650deece3cead170a3de4f5c89d6d466bcfb8404d469a03b3ebfffd22405780
Size

384KB
MD5

6ed7b05224cf902150ffc2f9e0820f37
SHA1

d5ea2afe8385ede912f1dfc2c49e21dd3f8611ca
SHA256

7650deece3cead170a3de4f5c89d6d466bcfb8404d469a03b3ebfffd22405780
SHA512

b9fa2fc0f27057b8d0f54a3c718679b2219d42f2ee04464e7fb4974d495e7ad4db9a2c75fa7bf1561cf8088600b7fb09025b1a3a35fe8ff54bfa0c662ff3151a
SSDEEP

6144:4lLFwRg6y0sIxt17XFCuZOj1RHpQyl1MQbJdGAcbGL4AOO7DrMJ:4lLFtb0sINXFCuZOpRHpQyldmG8aI

Score

N/A

Malware Config

Signatures

Files

7650deece3cead170a3de4f5c89d6d466bcfb8404d469a03b3ebfffd22405780
.exe windows x86

0fb72a00ce323146a80fe9ca202dacbe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

KillTimer
PeekMessageA
DispatchMessageA
TranslateMessage
GetMessageA
DefWindowProcA
IsWindow
SendMessageA
CreateWindowExA
DestroyWindow
LoadIconA
LoadCursorA
RegisterClassExA
SetWindowTextA
SetTimer
ShowWindow
FindWindowA
LoadStringA
PostMessageA

winspool.drv

EnumJobsA
OpenPrinterA
SetJobA
GetJobA
GetPrinterDriverDirectoryA
GetPrinterDataA
ClosePrinter

kernel32

HeapDestroy
GetFileType
SetHandleCount
lstrcpynA
GetModuleFileNameA
GetModuleHandleA
GetLastError
GetCurrentProcessId
CloseHandle
ReleaseMutex
GetCurrentThreadId
WaitForSingleObject
CreateMutexA
OpenMutexA
FormatMessageA
DeleteFileA
GetWindowsDirectoryA
GetTickCount
WriteFile
HeapCreate
GetFileSize
CreateFileA
GetLocalTime
MultiByteToWideChar
WideCharToMultiByte
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCurrentProcess
GetProcAddress
GetVersionExA
LoadLibraryA
FreeLibrary
OutputDebugStringA
PeekNamedPipe
ReadFile
QueryPerformanceCounter
VirtualFree
GetSystemTimeAsFileTime
GetACP
GetOEMCP
FlushFileBuffers
VirtualAlloc
IsBadWritePtr
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
IsBadCodePtr
VirtualProtect
GetSystemInfo
VirtualQuery
GetTimeZoneInformation
SetStdHandle
GetLocaleInfoW
SetEndOfFile
SetEnvironmentVariableA
SetFilePointer
GetLocaleInfoA
RtlUnwind
RaiseException
IsBadReadPtr
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapAlloc
HeapFree
TerminateProcess
GetCPInfo
HeapReAlloc
LCMapStringA
LCMapStringW
GetTimeFormatA
GetDateFormatA
CompareStringA
CompareStringW
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
HeapSize
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW

gdi32

GetStockObject

advapi32

RegOpenKeyExA
SetKernelObjectSecurity
GetSecurityDescriptorDacl
SetSecurityInfo
InitializeAcl
AddAccessAllowedAce
IsValidSid
GetLengthSid
GetAce
AllocateAndInitializeSid
FreeSid
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegCloseKey
InitializeSecurityDescriptor
SetSecurityDescriptorDacl

Sections

.text
Size: 284KB - Virtual size: 282KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0fb72a00ce323146a80fe9ca202dacbe

Headers

File Characteristics

Imports

user32

winspool.drv

kernel32

gdi32

advapi32

Sections

.text Size: 284KB - Virtual size: 282KB

.rdata Size: 80KB - Virtual size: 77KB

.data Size: 12KB - Virtual size: 17KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 284KB - Virtual size: 282KB

.rdata
Size: 80KB - Virtual size: 77KB

.data
Size: 12KB - Virtual size: 17KB

.rsrc
Size: 4KB - Virtual size: 2KB