d4addfce61b624fabe4cf3eda672ae893645e2f9b9937818a0de9646bac54965

Sharing

Copy URL Twitter E-mail

General

Target

d4addfce61b624fabe4cf3eda672ae893645e2f9b9937818a0de9646bac54965
Size

288KB
MD5

9021cb05eca369d97e455ffd6a6142f2
SHA1

aa8506b7a7a7c2a734c8308eac3758be97ddc064
SHA256

d4addfce61b624fabe4cf3eda672ae893645e2f9b9937818a0de9646bac54965
SHA512

1f21b3c646b28beb130340d89ab2151a4bd47ac8759387f9abbf1dd696f95a7ab3a9cacbee387a530f271937d4af218a3cf26aa51ab32b63cfd2de0690318714
SSDEEP

6144:+5AW0uZuKFtmeKA2/IzbQX/rsPyPKY0ySi1dyw1u:aASZuKFYeX2/bsPyPHLdywI

Score

N/A

Malware Config

Signatures

Files

d4addfce61b624fabe4cf3eda672ae893645e2f9b9937818a0de9646bac54965
.exe windows x86

d5092167554b6462840b99e7c410f3c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoInitialize
CoRegisterSurrogate
CoRegisterClassObject
CoUninitialize
OleInitialize
OleSetContainedObject
OleUninitialize

winspool.drv

AddPrintProcessorA
AddPrintProvidorA
AddPrinterConnectionA
EnumJobsA
EnumMonitorsA
EnumPortsA
EnumPrintProcessorDatatypesA
EnumPrinterDriversA
EnumPrinterKeyA
EnumPrintersA
FindClosePrinterChangeNotification
FlushPrinter
GetFormA
GetJobA
GetPrintProcessorDirectoryA
GetPrinterDataExA
GetPrinterDataA
GetPrinterDriverDirectoryA
GetPrinterDriverA
GetPrinterA
SetFormA
SetJobA
SetPortA
SetPrinterDataExA
SetPrinterDataA
StartDocPrinterA
StartPagePrinter
WaitForPrinterChange

kernel32

GetModuleHandleA
GetLocaleInfoW
SetEnvironmentVariableA
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
HeapSize
GetTickCount
QueryPerformanceCounter
GetStringTypeW
GetStringTypeA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetCPInfo
GetOEMCP
GetACP
IsBadWritePtr
HeapReAlloc
InterlockedExchange
InitializeCriticalSection
FatalAppExitA
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
WriteFile
VirtualQuery
VirtualAlloc
HeapFree
GetTimeZoneInformation
CreateEventA
GetVersion
GetVolumeInformationA
LoadLibraryA
ExitProcess
MultiByteToWideChar
GetCurrentProcessId
GetModuleFileNameA
GetSystemInfo
GetComputerNameA
GetLogicalDriveStringsA
GetProfileStringW
VirtualProtect
ConvertDefaultLocale
GetUserDefaultLCID
GetLastError
DuplicateHandle
GetCurrentProcess
CloseHandle
GetFileType
CreateFileA
GetTimeFormatA
GetDateFormatA
GetSystemTimeAsFileTime
GetStartupInfoA
GetCommandLineA
GetVersionExA
SetStdHandle
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetStdHandle
DeleteCriticalSection
RtlUnwind
SetEndOfFile
ReadFile
SetFilePointer
GetProcAddress
TerminateProcess
HeapAlloc
TlsAlloc
SetLastError
GetCurrentThreadId
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
WideCharToMultiByte

Sections

.text
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d5092167554b6462840b99e7c410f3c8

Headers

File Characteristics

Imports

ole32

winspool.drv

kernel32

Sections

.text Size: 80KB - Virtual size: 77KB

.rdata Size: 128KB - Virtual size: 124KB

.data Size: 72KB - Virtual size: 131KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 80KB - Virtual size: 77KB

.rdata
Size: 128KB - Virtual size: 124KB

.data
Size: 72KB - Virtual size: 131KB

.rsrc
Size: 4KB - Virtual size: 1KB