75d6eaa8f9098a1bb5aeed8c0490e7d5bf5f0ff14312abc8f2d45f8ebccb8f86

Sharing

Copy URL Twitter E-mail

General

Target

75d6eaa8f9098a1bb5aeed8c0490e7d5bf5f0ff14312abc8f2d45f8ebccb8f86
Size

679KB
MD5

0bd072011622dc7db5fabe557a687f42
SHA1

30897bc89685e49c25f97facb0468e1135020e02
SHA256

75d6eaa8f9098a1bb5aeed8c0490e7d5bf5f0ff14312abc8f2d45f8ebccb8f86
SHA512

70a7643c155bf2659194de5002ad74beb86f9108b06411584e7d9ee7445ef9f0782cc7482f2c12008d25b565200e2d0580d6e0cb9c752ede07cd94fb42d768d6
SSDEEP

12288:WHt2+1ijPYa5hsiSPyyyLkt/KlxrYojUCyd1BKjbme:GtujPYa5hH7LYmxr9wd1Bd

Score

N/A

Malware Config

Signatures

Files

75d6eaa8f9098a1bb5aeed8c0490e7d5bf5f0ff14312abc8f2d45f8ebccb8f86
.exe windows x86

07919f7fa3a48e085ae4312308d8418e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetPathFromIDListA
ShellExecuteA
SHBrowseForFolderA

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW
GetJobW
EnumPrintersW
ord204

advapi32

RegCloseKey
RegFlushKey
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyA
OpenProcessToken
RegSetValueExW
RegEnumValueA
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA
ControlService

kernel32

InterlockedExchange
GetEnvironmentStrings
GetStringTypeA
LoadLibraryA
WriteFile
TlsAlloc
GetTickCount
GetFileType
VirtualFree
GetLocaleInfoA
GetStartupInfoA
CreateMutexA
HeapAlloc
GetOEMCP
GetTimeFormatA
TlsGetValue
VirtualProtect
GetStringTypeW
GetVersionExA
GetCurrentThread
SetLastError
EnterCriticalSection
HeapFree
GetLocaleInfoW
TlsSetValue
GetUserDefaultLCID
ExitProcess
GetProcAddress
InitializeCriticalSection
CompareStringW
HeapDestroy
QueryPerformanceCounter
GetModuleFileNameA
GetLastError
SetConsoleCtrlHandler
LCMapStringA
IsBadWritePtr
GetEnvironmentStringsW
TerminateProcess
CloseHandle
RaiseException
SetStdHandle
HeapReAlloc
MultiByteToWideChar
FreeEnvironmentStringsW
SetFilePointer
FlushFileBuffers
VirtualQuery
DeleteCriticalSection
GetStdHandle
LeaveCriticalSection
IsValidLocale
GetCurrentProcessId
GetTimeZoneInformation
FatalAppExitA
HeapSize
HeapCreate
RtlUnwind
GetCommandLineA
GetModuleHandleA
UnhandledExceptionFilter
GetCurrentProcess
VirtualAlloc
LCMapStringW
GetCurrentThreadId
IsBadReadPtr
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
SetEnvironmentVariableA
GetCPInfo
IsValidCodePage
IsBadCodePtr
SetUnhandledExceptionFilter
EnumSystemLocalesA
GetSystemInfo
CompareStringA
SetHandleCount
ReadFile
TlsFree
GetACP
GetDateFormatA
WideCharToMultiByte

gdi32

ExtTextOutA
StretchDIBits

user32

GetDC
GetMessageTime
CreateWindowExA
DefWindowProcA
ShowWindow
SetWindowTextA
SetClipboardData
DestroyWindow
SetCapture
MessageBoxA
RegisterClassExA
SendDlgItemMessageA
RegisterClassA
PtInRect

comctl32

ImageList_SetBkColor
ImageList_AddMasked
ImageList_GetImageInfo
ImageList_GetIcon
CreatePropertySheetPageA

Sections

.text
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 451KB - Virtual size: 451KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

07919f7fa3a48e085ae4312308d8418e

Headers

File Characteristics

Imports

shell32

winspool.drv

advapi32

kernel32

gdi32

user32

comctl32

Sections

.text Size: 83KB - Virtual size: 83KB

.rdata Size: 451KB - Virtual size: 451KB

.data Size: 99KB - Virtual size: 104KB

.rsrc Size: 44KB - Virtual size: 43KB

.text
Size: 83KB - Virtual size: 83KB

.rdata
Size: 451KB - Virtual size: 451KB

.data
Size: 99KB - Virtual size: 104KB

.rsrc
Size: 44KB - Virtual size: 43KB