0032aedc4af5450e2162058cbfd581f38d6d5a6539217df2b8b1620778eedae6

Sharing

Copy URL Twitter E-mail

General

Target

0032aedc4af5450e2162058cbfd581f38d6d5a6539217df2b8b1620778eedae6
Size

88KB
MD5

8441499cf861b4cd21d8c5e2a75b0918
SHA1

69ecdf5ef46df9874e320a598ab38a3d74ed4b22
SHA256

0032aedc4af5450e2162058cbfd581f38d6d5a6539217df2b8b1620778eedae6
SHA512

098b763284e1a7c8c8a8d8fabd6fad95acfab0448ba35993921c0acfc4f47baa1bbd4efe0284a5d9fcc4ab0a11d232460c2de3c88c7cb3836d03f185287d7861
SSDEEP

1536:MA3MB5h/OT0iXpRe8w1LxFSyao/Jn1YF+za+GdTsD/xH/Pl:RY5h/OXTu1LxMa1YECszN

Score

N/A

Malware Config

Signatures

Files

0032aedc4af5450e2162058cbfd581f38d6d5a6539217df2b8b1620778eedae6
.dll windows x86

09340d6c69e4645ac3d6e5f7047a0ef1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTime
GetVersion
IsValidLocale
LoadLibraryA
GetProcAddress
GetModuleHandleA
GetHandleInformation
VirtualAlloc

advapi32

RegDeleteValueW
LookupPrivilegeValueA
RegDeleteKeyA
RegCreateKeyExW
CloseServiceHandle
RegCreateKeyExA
AllocateAndInitializeSid
RegEnumKeyExW
RegCreateKeyW
RegOpenKeyW
RegEnumValueW
ChangeServiceConfigA
UnlockServiceDatabase
RegOpenKeyExW
RegSetValueExW
RegSetValueExA
EqualSid
RegEnumValueA
InitializeSecurityDescriptor
GetTokenInformation
FreeSid
RegDeleteValueA
LockServiceDatabase
RegOpenKeyExA
RegQueryInfoKeyA
RegDeleteKeyW
RegCloseKey
RegEnumKeyExA
GetSecurityDescriptorControl
RegQueryValueExW
RegQueryValueW
RegQueryValueExA
RegFlushKey
LookupAccountSidW

comctl32

CreatePropertySheetPageA
InitCommonControlsEx
PropertySheetW
ImageList_AddMasked
CreateToolbarEx
PropertySheetA

version

VerQueryValueW
GetFileVersionInfoW

winspool.drv

AddPrintProcessorA
OpenPrinterA
GetJobA
FindFirstPrinterChangeNotification
DocumentPropertiesA
EnumPrinterDataExA
ResetPrinterA
WritePrinter
EnumMonitorsA
SetPortA
AbortPrinter
EnumPrinterDataA
GetPrinterA
EnumPrinterDriversA
SetFormA
DeletePrinterDriverA
SetPrinterDataExA
AddJobA
StartPagePrinter
DeletePrinterDriverExA
ScheduleJob
AddPrinterDriverA
StartDocPrinterA
DeletePrinter
DeleteFormA
FindNextPrinterChangeNotification
AdvancedDocumentPropertiesA
GetPrinterDriverA
AddFormA
AddPrinterDriverExA
ConfigurePortA
GetPrinterDriverDirectoryA
EnumFormsA
GetPrinterDataA
DeletePrinterDataExA
EndPagePrinter
FindClosePrinterChangeNotification
EnumPrintProcessorDatatypesA
ConnectToPrinterDlg
AddMonitorA
DeletePrintProcessorA

msvcrt

_onexit
__dllonexit
_adjust_fdiv
malloc
_unlink
_initterm
free
fseek
sprintf
fclose
ftell
fread
fopen
fwrite
memset
printf

Exports

Exports

Hycwieecag

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

09340d6c69e4645ac3d6e5f7047a0ef1

Headers

File Characteristics

Imports

kernel32

advapi32

comctl32

version

winspool.drv

msvcrt

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 21KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 52KB - Virtual size: 48KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 24KB - Virtual size: 21KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 52KB - Virtual size: 48KB

.reloc
Size: 4KB - Virtual size: 3KB