1b23480da7642f7ecdc79ae225f0d885e78520e019546504bdd3825fba68767d

Sharing

Copy URL Twitter E-mail

General

Target

1b23480da7642f7ecdc79ae225f0d885e78520e019546504bdd3825fba68767d
Size

430KB
MD5

83aaa96f5b5e195d30db25193523bfd0
SHA1

d215b17e93ad64b2de7a419dee794227a246861e
SHA256

1b23480da7642f7ecdc79ae225f0d885e78520e019546504bdd3825fba68767d
SHA512

028f776004a571e0df4a65bd61e196983f2b9f7dd48299dd65e37b6957b00299f6ce05042c9fbfe70af28856b35d16c040de315d3eafb6af17c54b0ba8bd958b
SSDEEP

6144:C30NRV0S+DlGAYle/DEJ7SXylTA7emMg/dznaVnpm5vni:C30SSysvkEJ76ye6vg/Znenpm5vi

Score

N/A

Malware Config

Signatures

Files

1b23480da7642f7ecdc79ae225f0d885e78520e019546504bdd3825fba68767d
.exe windows x86

555b6482a35cd61bcd58e4d2416f25a9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFileGather
GetCurrentDirectoryA

user32

CharNextW
SetTimer
CloseWindowStation
CallWindowProcW
DestroyWindow
SendMessageW
SystemParametersInfoW
GetSysColorBrush
wsprintfW
SetWindowLongW
SetForegroundWindow
UnregisterDeviceNotification
RegisterWindowMessageW
SetWindowTextW
PostMessageW
MessageBoxW
SetWindowPos
RegisterDeviceNotificationW
MonitorFromRect
KillTimer
DefDlgProcW
PostQuitMessage
FindWindowW
TranslateMessage
ShowWindow
DefWindowProcW
GetWindowLongW
GetClientRect
GetMonitorInfoW
SendDlgItemMessageW
GetSystemMetrics
DispatchMessageW
CreateWindowExW
EndDialog
LoadStringW
GetMessageW
LoadImageW

shell32

SHCreateDirectoryExA

winspool.drv

ConvertUnicodeDevModeToAnsiDevmode
ConfigurePortA
GetJobA
DeletePrinterDriverExA

winsta

WinStationQueryInformationW

ole32

CoCreateInstance
CoUninitialize
CLSIDFromString
CoInitialize

comctl32

ImageList_Create
CreateStatusWindowW
ImageList_AddMasked
ImageList_Destroy

ntdll

wcstoul
RtlReleaseResource
RtlUnwind
RtlOpenCurrentUser
_wcsicmp
NtQueryVirtualMemory
RtlDeleteResource
NtClose
RtlAcquireResourceShared
RtlAcquireResourceExclusive
NtDuplicateToken
RtlInitializeResource

setupapi

SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiOpenDevRegKey
SetupDiGetClassDevsW
SetupDiOpenDeviceInfoW
SetupDiDestroyDeviceInfoList
SetupDiOpenDeviceInterfaceRegKey
SetupDiGetDeviceInterfaceAlias
SetupDiOpenDeviceInterfaceW
SetupDiGetDeviceInstanceIdW
SetupDiCreateDeviceInfoList

Sections

.text
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 142KB - Virtual size: 773KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

555b6482a35cd61bcd58e4d2416f25a9

Headers

File Characteristics

Imports

kernel32

user32

shell32

winspool.drv

winsta

ole32

comctl32

ntdll

setupapi

Sections

.text Size: 145KB - Virtual size: 145KB

.data Size: 142KB - Virtual size: 773KB

.rdata Size: 25KB - Virtual size: 24KB

.rsrc Size: 112KB - Virtual size: 111KB

.data Size: 5KB - Virtual size: 5KB

.text
Size: 145KB - Virtual size: 145KB

.data
Size: 142KB - Virtual size: 773KB

.rdata
Size: 25KB - Virtual size: 24KB

.rsrc
Size: 112KB - Virtual size: 111KB

.data
Size: 5KB - Virtual size: 5KB