e347060d1fefabbf2934b64413a50b67db26ae7b9f4e683fc8b10b467867b462

Sharing

Copy URL Twitter E-mail

General

Target

e347060d1fefabbf2934b64413a50b67db26ae7b9f4e683fc8b10b467867b462
Size

200KB
MD5

921ff9eb6de67e450b606a549fbe438a
SHA1

d233c5e7c6f0141bba8fa5ba8ff5dd760fd81e9f
SHA256

e347060d1fefabbf2934b64413a50b67db26ae7b9f4e683fc8b10b467867b462
SHA512

5861a38184fac16f768a89ed4d5945399f4433d730e46fa53a3b30cedbc530ebd8ff2cd680f67f7bbcc7eebf8c305581951c67684a3ff997592957a11b1d78c3
SSDEEP

3072:+ttDHVs613FK3fXhbix5pAoPUyGyrpMxnTpfgmVEMBuEoswwiLUEBpD+n+eKjTw:+tt+6Q3cxfTUyepTpRVKEpiQEbyTKA

Score

N/A

Malware Config

Signatures

Files

e347060d1fefabbf2934b64413a50b67db26ae7b9f4e683fc8b10b467867b462
.exe windows x86

c390fbc496aeeb06b412540cbcf870a5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
SetCurrentDirectoryA
GetCurrentDirectoryA
GetTempFileNameA
Sleep
GetUserDefaultLangID
WinExec
HeapFree
GetProcessHeap
HeapAlloc
OpenProcess
GetCurrentThread
GetCurrentProcess
GetVersionExA
GetFileSize
ReadFile
DeleteFileA
GetFileAttributesA
SetFileAttributesA
CreateDirectoryA
FindFirstFileA
FindNextFileA
FindClose
RemoveDirectoryA
CopyFileA
GetTempPathA
GetSystemDirectoryA
CreateFileA
SetFilePointer
WriteFile
GetLastError
CloseHandle
CreateMutexA
WaitForSingleObject
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
lstrcpyA
FormatMessageA
GetPrivateProfileStringA
HeapReAlloc
GetModuleHandleA
RaiseException
LoadLibraryA
InterlockedIncrement
GetProcAddress
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
HeapSize
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
FlushFileBuffers
SetStdHandle
RtlUnwind
GetCPInfo
GetEnvironmentStrings
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess

user32

LoadStringA
DispatchMessageA
TranslateMessage
GetMessageA
UpdateWindow
ShowWindow
CreateWindowExA
RegisterClassA
LoadIconA
PostQuitMessage
DefWindowProcA
SendMessageA
SetTimer
PostMessageA
KillTimer
FindWindowA
wsprintfA

winspool.drv

DeleteMonitorA
ClosePrinter
GetPrinterDriverA
OpenPrinterA
EnumPrintersA
EnumPrinterDriversA
GetPrinterDriverDirectoryA
GetPrinterA
SetPrinterA
AddMonitorA
AddPrinterDriverA

advapi32

OpenThreadToken
EqualSid
FreeSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
LookupAccountSidA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegEnumKeyExA
RegEnumValueA
RegDeleteKeyA
RegDeleteValueA
RegQueryValueExA
RegSetValueExA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
GetAce
AddAccessAllowedAce
InitializeAcl
GetLengthSid
RegSetKeySecurity
GetSidSubAuthority
GetSidSubAuthorityCount
GetAclInformation
GetSecurityDescriptorDacl
RegGetKeySecurity
CopySid
CreateProcessAsUserA

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA

ole32

CoInitialize
CoCreateInstance

Sections

.text
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 19KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.2rdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c390fbc496aeeb06b412540cbcf870a5

Headers

File Characteristics

Imports

kernel32

user32

winspool.drv

advapi32

shell32

ole32

Sections

.text Size: 91KB - Virtual size: 90KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 19KB - Virtual size: 24KB

.rsrc Size: 2KB - Virtual size: 2KB

.2rdata Size: 72KB - Virtual size: 72KB

.text
Size: 91KB - Virtual size: 90KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 19KB - Virtual size: 24KB

.rsrc
Size: 2KB - Virtual size: 2KB

.2rdata
Size: 72KB - Virtual size: 72KB