3dfbfcfe5c4905a1478780128dca975ee9d049b76c771299205c5a4dfc3fe9f6

Sharing

Copy URL Twitter E-mail

General

Target

3dfbfcfe5c4905a1478780128dca975ee9d049b76c771299205c5a4dfc3fe9f6
Size

556KB
MD5

80e3248d76e02e566ca5ebeb75b4c548
SHA1

100489ff5962f4b9ea45c5798ff7c891c2330ea1
SHA256

3dfbfcfe5c4905a1478780128dca975ee9d049b76c771299205c5a4dfc3fe9f6
SHA512

4bafdfe819f82d393ff7ed0b9ef617cbaa229088d38892b0d30e84d106abdbd3626bf847d95050f424ea1706ab29302cc77b2975823082d2cba132442deb93c6
SSDEEP

12288:YZOSS/ty8QXNI6NB38gtWsZLEbYWVWSve:YOSgyB38ghoeue

Score

N/A

Malware Config

Signatures

Files

3dfbfcfe5c4905a1478780128dca975ee9d049b76c771299205c5a4dfc3fe9f6
.exe windows x86

3a541a8e056882d45252bcb81703199e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTime
ExitProcess
LoadLibraryA
GetVersion
GetModuleHandleA
LCMapStringW
LCMapStringA
SetEndOfFile
GetOEMCP
GetProcAddress
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
CreateFileA
FlushFileBuffers
SetStdHandle
IsBadWritePtr
HeapReAlloc
HeapAlloc
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
WriteFile
GetFileType
GetStdHandle
SetHandleCount
SetFilePointer
GetCurrentProcess
TerminateProcess
ReadFile
CloseHandle
GetLastError
HeapFree
GetCommandLineA
GetStartupInfoA
GetHandleInformation
lstrcpynA
IsValidLocale
GetACP
VirtualAlloc
DeleteFileA

advapi32

RegOpenKeyW
UnlockServiceDatabase
CloseServiceHandle
RegFlushKey
GetTokenInformation
RegOpenKeyExW
RegDeleteValueA
RegCloseKey
RegQueryValueExW
ChangeServiceConfigA
ChangeServiceConfig2A
RegDeleteKeyW
RegEnumValueW
RegEnumValueA
AllocateAndInitializeSid
RegCreateKeyExA
GetSecurityDescriptorControl
RegCreateKeyExW
RegOpenKeyExA
RegCreateKeyW
RegQueryValueW
LookupAccountSidW
RegEnumKeyExA

shell32

StrCmpNIA
StrCmpNA
StrStrA
StrRChrA
StrChrA

shlwapi

StrCSpnA
SHDeleteEmptyKeyA
PathFindOnPathA
SHRegSetUSValueA
PathMakeSystemFolderA
PathIsUNCServerShareA
StrFromTimeIntervalA
PathFindFileNameA
SHGetValueA
PathQuoteSpacesA
SHRegEnumUSValueA
PathSkipRootA
SHRegCreateUSKeyA
PathStripPathA
PathFindExtensionA
PathUnquoteSpacesA
PathIsRootA
PathSearchAndQualifyA
SHSetValueA
PathGetCharTypeA
PathIsUNCA
PathIsDirectoryA
PathIsSameRootA
SHQueryInfoKeyA
PathRenameExtensionA
PathMakePrettyA
PathRelativePathToA
PathIsFileSpecA
PathAppendA
PathCommonPrefixA
PathGetDriveNumberA
SHOpenRegStreamA
PathCombineA
PathIsRelativeA
SHRegOpenUSKeyA
SHRegQueryInfoUSKeyA
StrToIntExA
PathRemoveBackslashA
SHRegWriteUSValueA
SHRegDeleteUSValueA
PathRemoveFileSpecA
SHRegDeleteEmptyUSKeyA
SHRegQueryUSValueA
PathIsUNCServerA
PathIsPrefixA
SHRegEnumUSKeyA
PathCanonicalizeA
PathRemoveArgsA
PathRemoveBlanksA
PathMatchSpecA
PathFindNextComponentA
StrFormatByteSizeA
PathRemoveExtensionA
PathFileExistsA
PathIsSystemFolderA
PathCompactPathExA
PathCompactPathA
SHRegGetUSValueA
PathParseIconLocationA
PathIsURLA
SHDeleteKeyA
StrPBrkA
SHEnumValueA
PathGetArgsA
PathStripToRootA
SHQueryValueExA
PathIsContentTypeA
PathAddBackslashA
StrTrimA
PathBuildRootA
PathSetDlgItemPathA
StrNCatA
StrDupA
StrToIntA
SHDeleteValueA
PathUnmakeSystemFolderA
StrSpnA

comctl32

DestroyPropertySheetPage
ImageList_ReplaceIcon
ord6
CreatePropertySheetPageW

winspool.drv

GetPrinterA
FreePrinterNotifyInfo
PrinterProperties
AddPrinterA
SetJobA
AddPortA
DeletePortA
DeletePrinterDriverA
DeletePrintProvidorA

Sections

.text
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 480KB - Virtual size: 484KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3a541a8e056882d45252bcb81703199e

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

shlwapi

comctl32

winspool.drv

Sections

.text Size: 64KB - Virtual size: 62KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 480KB - Virtual size: 484KB

.text
Size: 64KB - Virtual size: 62KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 480KB - Virtual size: 484KB