c7d2af4b06e442ae8c8a252e2fd91c976163d9b3bffbf97e1bd17b9af30b1333

Sharing

Copy URL Twitter E-mail

General

Target

c7d2af4b06e442ae8c8a252e2fd91c976163d9b3bffbf97e1bd17b9af30b1333
Size

1.3MB
MD5

a0f74aa3fa12306a3957ad459d74216d
SHA1

c5bb889d360864f27600355201d6931bb388d384
SHA256

c7d2af4b06e442ae8c8a252e2fd91c976163d9b3bffbf97e1bd17b9af30b1333
SHA512

ea84e80518981d76e75621db39fedd46d05a7a7b4e4809aa096ef910e5a205013f2246bf68796f0ffb27d078a3caf232cfc1f47078c3cac4be5a2b3418fb540d
SSDEEP

24576:glOkezGp+2m7zzzYVmQecdgPYVZg6wkuK8VwA5HgOThBhR:gTKGstLgXg6XPOlBhR

Score

N/A

Malware Config

Signatures

Files

c7d2af4b06e442ae8c8a252e2fd91c976163d9b3bffbf97e1bd17b9af30b1333
.exe windows x86

9aa50e09c9170115cdbdbad0bc446a04

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegEnumKeyExA
RegCreateKeyExA
GetUserNameA
RegOpenKeyA
IsTextUnicode

gdi32

GetDeviceCaps
AddFontResourceA
TextOutW
ExtCreatePen
FillPath
CreateScalableFontResourceA
GetCurrentObject
MaskBlt
GetBkColor
GetBkMode
CreateCompatibleBitmap
SetDIBits
CreateHatchBrush
SetRectRgn
ExtCreateRegion
CombineRgn
GetWindowOrgEx
RemoveFontResourceA
GetROP2
StrokePath
Chord
SetPixel
ExtTextOutW
BeginPath
EndPath
ExtTextOutA
SetWindowExtEx
SetViewportExtEx
ScaleViewportExtEx
GetWindowExtEx
GdiFlush
GetStockObject
Rectangle
SetTextAlign
GetObjectA
TextOutA
LineTo
MoveToEx
CreatePen
CreatePatternBrush
SetPolyFillMode
SaveDC
StrokeAndFillPath
RestoreDC
CreateFontIndirectW
GetTextMetricsW
GetTextExtentPoint32W
GetGlyphOutlineW
GetTextMetricsA
GetTextExtentPoint32A
GetGlyphOutlineA
DPtoLP
CreateSolidBrush
CreateDIBitmap
CreateBitmap
GetDIBits
CreateDIBPatternBrushPt
CreateBrushIndirect
LPtoDP
SetBrushOrgEx
CreatePenIndirect
CreateFontIndirectA
SetROP2
SetBkMode
SetBkColor
SetTextColor
DeleteDC
DeleteObject
CreateCompatibleDC
CreateDIBSection
SelectObject
SetStretchBltMode
SetGraphicsMode
SetMapMode
SetWindowOrgEx
SetViewportOrgEx
PatBlt
SetBoundsRect
Polygon
Ellipse
Arc
PolyBezier
BitBlt
StretchBlt
StretchDIBits
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetViewportOrgEx
Pie
Polyline

user32

UnregisterClassA
DefWindowProcA
SetRect
PostQuitMessage
MsgWaitForMultipleObjects
CreateWindowExA
RegisterWindowMessageA
DestroyWindow
RegisterClassA
TranslateMessage
DispatchMessageA
GetMessageA
IntersectRect
PostThreadMessageA
SetWindowLongA
GetWindowLongA
UnionRect
LoadStringA
IsRectEmpty
SetRectEmpty
CopyRect
wsprintfA

kernel32

SetLastError
TerminateProcess
GetCurrentProcess
TlsAlloc
TlsGetValue
GetFileAttributesA
GetCPInfo
GetACP
GetOEMCP
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
MultiByteToWideChar
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
SetStdHandle
SetEndOfFile
ReleaseMutex
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
CompareStringA
CompareStringW
SetEnvironmentVariableA
CloseHandle
CreateMutexA
WaitForMultipleObjects
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
ExitThread
TlsSetValue
CreateThread
ResumeThread
HeapAlloc
InterlockedIncrement
InterlockedDecrement
HeapFree
RtlUnwind
RaiseException
IsBadReadPtr
GetComputerNameA
OpenEventA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetFileType
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
lstrlenW
lstrcpyW
lstrcpyA
IsDBCSLeadByte
WideCharToMultiByte
GetVersionExA
Sleep
ReleaseSemaphore
WaitForSingleObject
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
CreateSemaphoreA
GetModuleFileNameA
LoadLibraryExA
GetStdHandle
GetHandleInformation
CreateEventA
LoadLibraryA
GetProcAddress
FreeLibrary
GetCurrentThreadId
OutputDebugStringA
LocalAlloc
LocalFree
GetTempPathA
GetLastError
ReadFile
FindFirstFileA
FindClose
lstrlenA
lstrcpynA
CreateFileA
GetSystemTime
GetFileSize
SetFilePointer
WriteFile
FlushFileBuffers
DeleteFileA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
HeapReAlloc
HeapSize
IsBadCodePtr
GetSystemTimeAsFileTime
GetLocalTime
SizeofResource
LockResource
FindResourceA
LoadResource

winspool.drv

ClosePrinter
GetPrinterDriverDirectoryA
GetPrinterDataA
GetJobA
StartDocPrinterA
WritePrinter
EndDocPrinter
OpenPrinterA

Exports

Exports

HTCBGetHPRaster
HTCBGetIndexColor
HTCBGetInputRaster24
HTCBGetInputRaster32
HTCBGetInputRasterBGR24
HTCBGetInputRasterChunkyRow
HTCBGetInputRasterIndex8
HTCBRestoreData
HTCBSaveData
HTCBSendHPRaster
HTCBSendRasterMayYield

Sections

.text
Size: 552KB - Virtual size: 550KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 736KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9aa50e09c9170115cdbdbad0bc446a04

Headers

File Characteristics

Imports

advapi32

gdi32

user32

kernel32

winspool.drv

Exports

Exports

Sections

.text Size: 552KB - Virtual size: 550KB

.rdata Size: 40KB - Virtual size: 36KB

.data Size: 48KB - Virtual size: 58KB

.rsrc Size: 736KB - Virtual size: 2.5MB

.text
Size: 552KB - Virtual size: 550KB

.rdata
Size: 40KB - Virtual size: 36KB

.data
Size: 48KB - Virtual size: 58KB

.rsrc
Size: 736KB - Virtual size: 2.5MB