65b8d0658dea125ac44883d2bfcb326726338db3a7a539c537598a577bc48da9

General

Target

65b8d0658dea125ac44883d2bfcb326726338db3a7a539c537598a577bc48da9
Size

92KB
MD5

6a207450c326b26f7c3858ba077b0ad1
SHA1

f35c76fa58471f03327cd9d998ba58ed75a1b8b0
SHA256

65b8d0658dea125ac44883d2bfcb326726338db3a7a539c537598a577bc48da9
SHA512

f9057adf6c2d14966fec2219e54fe128f15004389f5fd3bc508c1798892250e2427a61c24fc0ef113ec1af2ec407a804d352c7631e9cc49e6c7f44df762dab94
SSDEEP

1536:ul5yaB3nFUIcfpxj/kqu0L7vyk1LEadBBq1QiMMMkkkkkkkDxMMMkkkkkkkJSH:ulwaB3nFUdfyQ7vV1pBgJMMMkkkkkkkM

Score

N/A

Malware Config

Signatures

Files

65b8d0658dea125ac44883d2bfcb326726338db3a7a539c537598a577bc48da9
.exe windows x86

8c997b49225c198aa45c0ade8171c762

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_snprintf
_splitpath
_mbscmp
_c_exit
_cexit
_XcptFilter
_exit
_mbsnbcpy

kernel32

GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoA
GetTickCount
QueryPerformanceCounter
SetEnvironmentVariableA
LoadLibraryA
GetProcAddress
FreeLibrary
GetModuleFileNameA
HeapFree
HeapAlloc
GetProcessHeap
SetLastError
ExpandEnvironmentStringsA
GetLastError
GetVersionExA
GetVersion

gdi32

CreateDCA
StartDocA
EndDoc
DeleteDC

user32

MoveWindow
WinHelpA
MessageBoxA
SendMessageA
GetDlgItem
GetWindowRect
GetDesktopWindow
LoadStringA
GetWindowContextHelpId
SetWindowLongA
MessageBeep
GetWindowLongA
EndDialog
DialogBoxParamA

comctl32

ord17

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

winspool.drv

ClosePrinter
OpenPrinterA
EnumPrintersA

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c997b49225c198aa45c0ade8171c762

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

gdi32

user32

comctl32

advapi32

winspool.drv

Sections

.text Size: 6KB - Virtual size: 6KB

.data Size: 60KB - Virtual size: 60KB

.rsrc Size: 24KB - Virtual size: 24KB

.text
Size: 6KB - Virtual size: 6KB

.data
Size: 60KB - Virtual size: 60KB

.rsrc
Size: 24KB - Virtual size: 24KB