6ff67ef4553fa9cd49ba4014071e07edad86491dccbcc6318f729a0dd55c332e

General

Target

6ff67ef4553fa9cd49ba4014071e07edad86491dccbcc6318f729a0dd55c332e
Size

116KB
MD5

8024f2cf7114d7649c4046b1ee6fb340
SHA1

17de55a3ccfbe7c872a9252964cf6eaefb2be1bc
SHA256

6ff67ef4553fa9cd49ba4014071e07edad86491dccbcc6318f729a0dd55c332e
SHA512

3398d4f0017c985869d9bca9ba66b534a08f32f47ffcbaece7ca8c28dcc8b6c8bcf98ab965f34661b98767c2192815306b216e6637fe99965d5976ca428b7ad1
SSDEEP

1536:nGn+cjtYXoIooDhlhThlpwPTxzPlxFRwp1iLtGhuDSKsFl7y828y6aR:Gn9uooDhlFh3+xz9Pmp1phuWbLja

Score

N/A

Malware Config

Signatures

Files

6ff67ef4553fa9cd49ba4014071e07edad86491dccbcc6318f729a0dd55c332e
.exe windows x86

58217506429c30dfb29f94fb03096ae7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
GlobalUnlock
GetLastError
lstrcmpiA
GlobalLock
GlobalAlloc
lstrlenA
FreeLibrary
GetProcAddress
LoadLibraryA
HeapAlloc
GlobalFree
WritePrivateProfileStringA
LocalFree
LocalUnlock
GetPrivateProfileSectionA
LocalLock
LocalSize
LocalAlloc
GetModuleFileNameA
GetPrivateProfileStringA
lstrcpynA
lstrcatA
HeapFree
lstrcpyA
GetVersionExA
WriteProfileStringA
lstrcmpA
GetEnvironmentStrings
WideCharToMultiByte
GetStringTypeW
GetStringTypeA
Sleep
LCMapStringW
GetEnvironmentStringsW
HeapReAlloc
MultiByteToWideChar
GetOEMCP
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
LCMapStringA
GetACP
VirtualAlloc
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile
GetCPInfo

user32

MessageBoxA
wsprintfA

winspool.drv

GetPrinterA
ClosePrinter
SetPrinterA
EnumPrintersA
EnumPortsA
OpenPrinterA

advapi32

RegCloseKey
RegOpenKeyExA
RegDeleteValueA
RegQueryValueExA
RegQueryInfoKeyA
RegEnumValueA

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

58217506429c30dfb29f94fb03096ae7

Headers

File Characteristics

Imports

kernel32

user32

winspool.drv

advapi32

Sections

.text Size: 24KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 11KB

.rsrc Size: 72KB - Virtual size: 72KB

.text
Size: 24KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 72KB - Virtual size: 72KB