ec1bac250bd35cd3365fcbd7931b4e884a8e991f36d02e3032d9867f5e5ac35b

Sharing

Copy URL Twitter E-mail

General

Target

ec1bac250bd35cd3365fcbd7931b4e884a8e991f36d02e3032d9867f5e5ac35b
Size

205KB
MD5

70afa29a0b847bc70764c22aaa164ef0
SHA1

3a17c2e04b9349d9777fed1764e771bb2c89c02c
SHA256

ec1bac250bd35cd3365fcbd7931b4e884a8e991f36d02e3032d9867f5e5ac35b
SHA512

67536eaefb9785260351f9eb6726307a2ba4eb333dc6b08fd8f793312e0899e8087bf7b5a46c62875655d529132e0ed997dc1d1f4d3c04070060ccb9de8486fc
SSDEEP

3072:jq4s7ogG6qbwvCosTdwBYOIPPjoZ/bmHEI7ACAjJYar7YbC2:jjMpmosTyw7ybeEiA5jJYa/Yn

Score

N/A

Malware Config

Signatures

Files

ec1bac250bd35cd3365fcbd7931b4e884a8e991f36d02e3032d9867f5e5ac35b
.exe windows x86

08c94620681d9cbeb19be3d8ffad0e08

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupOpenInfFileA
SetupGetStringFieldA
SetupGetMultiSzFieldA
SetupSetDirectoryIdA
SetupInstallFromInfSectionA
SetupTermDefaultQueueCallback
SetupDefaultQueueCallbackA
SetupInitDefaultQueueCallback
SetupDiOpenClassRegKey
SetupDiGetINFClassA
SetupFindNextLine
SetupFindFirstLineA
SetupCloseInfFile

kernel32

GetModuleFileNameA
ExpandEnvironmentStringsA
GetModuleHandleA
GetFileAttributesA
DeleteFileA
GetWindowsDirectoryA
GetSystemDirectoryA
GetCommandLineA
GetLastError
SystemTimeToFileTime
GetSystemInfo
GetVersionExA
GetProcAddress
FreeLibrary
GetStartupInfoA
LoadLibraryA

user32

CharNextA

winspool.drv

GetPrintProcessorDirectoryA
GetPrinterDriverDirectoryA
AddPrinterA
AddPrinterDriverA
AddPrintProcessorA
AddMonitorA
OpenPrinterA
ClosePrinter
EnumPrinterDriversA

advapi32

RegCloseKey

msvcp60

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?reserve@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_Xran@std@@YAXXZ
?_Xlen@std@@YAXXZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z

msvcrt

sscanf
_initterm
__getmainargs
_acmdln
exit
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
_XcptFilter
_exit
_onexit
__dllonexit
free
fopen
_strdate
_strtime
vfprintf
fflush
_mbsdec
fclose
_mbctoupper
_mbsicmp
__setusermatherr
__CxxFrameHandler
_mbsnbicmp
memmove
??2@YAPAXI@Z
_snprintf
_ismbcspace

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

08c94620681d9cbeb19be3d8ffad0e08

Headers

File Characteristics

Imports

setupapi

kernel32

user32

winspool.drv

advapi32

msvcp60

msvcrt

Sections

.text Size: 32KB - Virtual size: 30KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 32KB - Virtual size: 30KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 1KB