5e2c1a77991ad60bc402dddc049c72816caeb331a0793f74ebeadcf3d1042767

Sharing

Copy URL Twitter E-mail

General

Target

5e2c1a77991ad60bc402dddc049c72816caeb331a0793f74ebeadcf3d1042767
Size

1.9MB
MD5

f1c825005a33104b78984039433f2d44
SHA1

9513b13317e72ac3b459196a3419d0241a6ca6a0
SHA256

5e2c1a77991ad60bc402dddc049c72816caeb331a0793f74ebeadcf3d1042767
SHA512

c6f1304caa8094a49228226b634e5c788dcf768be3fd17227318acc668a30442a4c11518447d70b2f67537f2b4beaed79df3a9c29ae81d2266ccc6a4035876b1
SSDEEP

49152:6tqX8iRYEivgOzvA+iKfSQ/T9RwAHo35k:6tI8YYrHzZfHxO32

Score

N/A

Malware Config

Signatures

Files

5e2c1a77991ad60bc402dddc049c72816caeb331a0793f74ebeadcf3d1042767
.exe windows x86

d397843752973e15fd7a3add9aaa9018

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocalTime
HeapAlloc
GetProcessHeap
GetProcAddress
LoadLibraryW
GetSystemTime
CompareStringW
CompareStringA
WideCharToMultiByte
DebugBreak
RaiseException
GetVersionExA
LoadLibraryA
RtlUnwind
IsBadWritePtr
IsBadReadPtr
HeapValidate
ExitProcess
GetCPInfo
TerminateProcess
GetCurrentProcess
GetModuleHandleA
MultiByteToWideChar
LCMapStringA
GetLastError
LCMapStringW
HeapFree
GetModuleFileNameA
CloseHandle
FreeLibrary
SetUnhandledExceptionFilter
GetStdHandle
WriteFile
InterlockedDecrement
OutputDebugStringA
InterlockedIncrement
HeapReAlloc
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
FlushFileBuffers
GetStringTypeA
GetStringTypeW
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
IsBadCodePtr
VirtualProtect
GetSystemInfo
VirtualQuery
SetConsoleCtrlHandler
InterlockedExchange
ReadFile
SetStdHandle
GetTimeFormatA
GetDateFormatA
GetLocaleInfoW
UnhandledExceptionFilter
GetCommandLineA
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetACP
GetOEMCP
SetEnvironmentVariableA

winspool.drv

EnumPrintProcessorsW

Sections

.textbss
Size: - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 232KB - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d397843752973e15fd7a3add9aaa9018

Headers

File Characteristics

Imports

kernel32

winspool.drv

Sections

.textbss Size: - Virtual size: 102KB

.text Size: 232KB - Virtual size: 228KB

.rdata Size: 28KB - Virtual size: 25KB

.data Size: 12KB - Virtual size: 67KB

.idata Size: 4KB - Virtual size: 2KB

.textbss
Size: - Virtual size: 102KB

.text
Size: 232KB - Virtual size: 228KB

.rdata
Size: 28KB - Virtual size: 25KB

.data
Size: 12KB - Virtual size: 67KB

.idata
Size: 4KB - Virtual size: 2KB