3af6acdcce7624e95fbf4168b5e4b00e498c421dc912c74648ae9ec482340c1f

Sharing

Copy URL Twitter E-mail

General

Target

3af6acdcce7624e95fbf4168b5e4b00e498c421dc912c74648ae9ec482340c1f
Size

375KB
MD5

005f95b9e5879d096284a22e70d72320
SHA1

13c916f2ae813607b71970e90228194a3a560d5e
SHA256

3af6acdcce7624e95fbf4168b5e4b00e498c421dc912c74648ae9ec482340c1f
SHA512

99dc4a67acade151c706c1643be62d6d2d5ac087e77f302d6d971d205d65c5dbf1b74d1a36ae3726f87db7e9bbec05bd2335641ddc6895fc772dacc88dc316e6
SSDEEP

6144:9OIuvkSFVExqRzV86NDdthSD9QT9UJ12h1Tu27JIuNCTCL:4IuvdFVm6NJTSD29U/2h1qY+uNUCL

Score

N/A

Malware Config

Signatures

Files

3af6acdcce7624e95fbf4168b5e4b00e498c421dc912c74648ae9ec482340c1f
.exe windows x86

73b144efcedf8fd934e6b4b629a6733b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsAlloc
SetLastError
GetCurrentThreadId
TlsFree
TlsSetValue
TlsGetValue
HeapDestroy
HeapCreate
VirtualFree
HeapFree
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
GetACP
GetOEMCP
GetCPInfo
HeapAlloc
InitializeCriticalSection
VirtualAlloc
HeapReAlloc
RtlUnwind
InterlockedExchange
VirtualQuery
GetExitCodeProcess
WaitForSingleObject
CloseHandle
CreateProcessW
GetFileAttributesW
HeapSize
QueryPerformanceCounter
GetTickCount
UnhandledExceptionFilter
GetSystemTimeAsFileTime
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
VirtualProtect
GetSystemInfo
LocalFree
LocalAlloc
GetModuleFileNameW
FreeLibrary
lstrcpynW
OutputDebugStringA
LoadLibraryW
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalHandle
GetProfileIntW
WriteProfileStringW
GetModuleFileNameA
GetStdHandle
WriteFile
GetCurrentProcess
TerminateProcess
GetProcAddress
ExitProcess
GetVersionExA
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
SetEvent
lstrcatA
lstrcpyA
lstrlenW
SetCurrentDirectoryW
CreateMutexW
GetCommandLineW
lstrcmpW
lstrcmpA
Sleep
WaitForMultipleObjects
SetThreadPriority
CreateThread
CreateEventW
MapViewOfFile
CreateFileMappingW
UnmapViewOfFile
DeleteFileW
CreateFileW
FindClose
FindFirstFileW
lstrcpyW
GetSystemDirectoryW
GetVersionExW
lstrcatW
GetCurrentProcessId
CreateDirectoryW

user32

IsDlgButtonChecked
SetWindowPos
EnableWindow
wvsprintfA
CharNextW
RegisterWindowMessageW
LoadStringW
wsprintfW
IsWindow
MessageBeep
SendMessageW
wsprintfA
SetTimer
PostMessageW
SetWindowPlacement
GetSystemMetrics
GetWindowRect
GetWindowPlacement
KillTimer
DrawMenuBar
RemoveMenu
GetMenuItemID
GetMenuItemCount
GetSystemMenu
FlashWindow
GetParent
GetDlgItem
RemovePropW
SetPropW
UpdateWindow
SetWindowLongW
GetWindowLongW
GetPropW
CallWindowProcW
ShowWindow

winspool.drv

ClosePrinter
GetPrinterDataA
OpenPrinterA
GetPrinterW
OpenPrinterW
EnumJobsW
GetPrinterDriverDirectoryW

advapi32

RegCloseKey
RegEnumKeyW
RegOpenKeyExW
RegEnumValueW
RegCreateKeyW
RegSetValueExW
RegOpenKeyW
RegQueryValueExW
RegCreateKeyExW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

Sections

.text
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 109KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

73b144efcedf8fd934e6b4b629a6733b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

winspool.drv

advapi32

version

Sections

.text Size: 83KB - Virtual size: 83KB

.data Size: 8KB - Virtual size: 24KB

.rsrc Size: 109KB - Virtual size: 110KB

.text
Size: 83KB - Virtual size: 83KB

.data
Size: 8KB - Virtual size: 24KB

.rsrc
Size: 109KB - Virtual size: 110KB