9b62538b86cad4e109c49903ac9ff10bc0f69881dc0997347b0874fcd457683e

Sharing

Copy URL Twitter E-mail

General

Target

9b62538b86cad4e109c49903ac9ff10bc0f69881dc0997347b0874fcd457683e
Size

97KB
MD5

916040bf6d147d4614e292451647b8e6
SHA1

bc4589a4919e4f901ceee4b033ddfb04ef8922ad
SHA256

9b62538b86cad4e109c49903ac9ff10bc0f69881dc0997347b0874fcd457683e
SHA512

e5a65c2f3baba1b258bced57f4bb0dc0763865c0cc5f0a3195769f6cdc9716530aa60c101f225206b4254022cb636226c63f7d7d767844fec277d7cf291c5900
SSDEEP

1536:BPkP2oTrQAlPbhf4esGzqn2TErbCOoExAvSyTnj0SlytMi4lBwa2KRe:9iQA9hQEgbCOoVvSybjryaGafR

Score

N/A

Malware Config

Signatures

Files

9b62538b86cad4e109c49903ac9ff10bc0f69881dc0997347b0874fcd457683e
.exe windows x86

d1f43ec2b7a7a31a4c1f4393df4550fe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

ClearEventLogW
RegQueryValueA
AccessCheck
RegSetValueExA

kernel32

HeapSize
GetUserDefaultLangID
GlobalLock
GlobalMemoryStatus
LocalFree
VirtualUnlock
GlobalAlloc
HeapLock
DeleteCriticalSection
HeapAlloc
WritePrivateProfileSectionA
GetModuleHandleA
GetProcAddress
GetEnvironmentStrings
GetCurrentProcessId
GetExitCodeThread
GetStdHandle
ResumeThread
GetHandleInformation
FreeEnvironmentStringsA
GetModuleFileNameA
VirtualAlloc
CreateSemaphoreA
GetLastError
GetFullPathNameA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetCurrentDirectoryA
GetDriveTypeA
HeapFree
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetFileType
SetFilePointer
WriteFile
ReadFile
InitializeCriticalSection
FlushFileBuffers
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
HeapReAlloc
SetStdHandle
CloseHandle
CreateFileA
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
SetEndOfFile
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

winspool.drv

AbortPrinter
DeletePrinterDataA
EnumPrinterDriversA
EnumJobsA
DeletePrinterConnectionA
GetJobW

netapi32

NetGetDCName
NetFileEnum

uxtheme

GetThemeBackgroundExtent

wsnmp32

ord903

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d1f43ec2b7a7a31a4c1f4393df4550fe

Headers

File Characteristics

Imports

advapi32

kernel32

winspool.drv

netapi32

uxtheme

wsnmp32

Sections

.text Size: 34KB - Virtual size: 34KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 3KB - Virtual size: 13KB

.rsrc Size: 46KB - Virtual size: 46KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 34KB - Virtual size: 34KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 3KB - Virtual size: 13KB

.rsrc
Size: 46KB - Virtual size: 46KB

.reloc
Size: 4KB - Virtual size: 3KB