304b898d197b46f57b32112f067ce8beffaa8293248f72cbde5f3e13e05b55a2

Sharing

Copy URL Twitter E-mail

General

Target

304b898d197b46f57b32112f067ce8beffaa8293248f72cbde5f3e13e05b55a2
Size

411KB
MD5

a34ab34dc5fff9b9b78069d8d2e09cf0
SHA1

35d70c55109ba5cd36f225820dd0d1cfc239a346
SHA256

304b898d197b46f57b32112f067ce8beffaa8293248f72cbde5f3e13e05b55a2
SHA512

24f1f750ad1e91580afe87cc506f0887adc1824a1cd5c5699cb934fb412df3a45f374ae485caa6bcc1bc10c9d78c131e0408046c07965cc7790e5563dce7c02f
SSDEEP

12288:IyC81KN4KwqlkVZVVV1v66MdE86CpIMuQv8S3NIPy:VQkHTVV1JNt8urS3yPy

Score

N/A

Malware Config

Signatures

Files

304b898d197b46f57b32112f067ce8beffaa8293248f72cbde5f3e13e05b55a2
.exe windows x86

2aa118fabe5a5f6e8cc0f12e1a50106e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WritePrivateProfileStructW
GetPriorityClass

advapi32

CryptReleaseContext
CryptAcquireContextW
RegCreateKeyExW
GetAce
RegDeleteKeyW
CryptHashData
RegNotifyChangeKeyValue
RegSetValueExW
GetSecurityInfo
RegCloseKey
CryptGetHashParam
CryptDestroyHash
CryptCreateHash
RegQueryValueExW
SetSecurityInfo
RegOpenKeyExW

winspool.drv

AddPortExA
AdvancedDocumentPropertiesA
GetPrinterDriverDirectoryW
AddPrinterDriverExA

user32

SetForegroundWindow
RegisterClassW
SendDlgItemMessageW
CallWindowProcW
PostQuitMessage
DestroyWindow
GetWindowLongW
GetDesktopWindow
GetMonitorInfoW
SetWindowTextW
SetTimer
SendMessageW
DefWindowProcW
GetSystemMetrics
CheckDlgButton
SetWindowLongW
MessageBoxW
CharNextW
TranslateMessage
PostMessageW
GetParent
IsDlgButtonChecked
KillTimer
LoadIconW
GetClientRect
EndDialog
SystemParametersInfoW
GetSysColorBrush
GetMessageW
GetWindowRect
DispatchMessageW
SetWindowPos
ShowWindow
CreateWindowExW
DialogBoxParamW
GetDlgItem
FindWindowW
LoadStringW
MonitorFromRect

comctl32

ImageList_AddMasked
ImageList_Destroy
ImageList_Create

ole32

CoInitialize
CoUninitialize
CoCreateInstance

Sections

.text
Size: 145KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 118KB - Virtual size: 1001KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2aa118fabe5a5f6e8cc0f12e1a50106e

Headers

File Characteristics

Imports

kernel32

advapi32

winspool.drv

user32

comctl32

ole32

Sections

.text Size: 145KB - Virtual size: 144KB

.data Size: 118KB - Virtual size: 1001KB

.rdata Size: 24KB - Virtual size: 24KB

.rsrc Size: 117KB - Virtual size: 117KB

.idata Size: 5KB - Virtual size: 5KB

.text
Size: 145KB - Virtual size: 144KB

.data
Size: 118KB - Virtual size: 1001KB

.rdata
Size: 24KB - Virtual size: 24KB

.rsrc
Size: 117KB - Virtual size: 117KB

.idata
Size: 5KB - Virtual size: 5KB