1a2212354db7e4ba0cd739c606b7c89ff314210371fcf24654c94f8b9e63609b

Sharing

Copy URL Twitter E-mail

General

Target

1a2212354db7e4ba0cd739c606b7c89ff314210371fcf24654c94f8b9e63609b
Size

252KB
MD5

925af77c1bd139daa7cc400694304045
SHA1

4d5bf3a64cf236bf119f63c0baf474d31698e0d7
SHA256

1a2212354db7e4ba0cd739c606b7c89ff314210371fcf24654c94f8b9e63609b
SHA512

901146964d289c398a9c7aeada1ebfcc37cb19a9d4bdf7a8e26dbc40ddbc82bc615ce6145a3642c03ea703a872d9bb2c903ffde13f1d54dec1cadb44b01983b0
SSDEEP

6144:+7GbDoKCHZOmd1iuI5Rb5bpLY3XzebeqWf7ZhLkeoDz3F3lj1Mu99GrKQ7f4kwPC:PfoKC899GrKQ7f4kwP/LuDqiY

Score

N/A

Malware Config

Signatures

Files

1a2212354db7e4ba0cd739c606b7c89ff314210371fcf24654c94f8b9e63609b
.exe windows x86

ca3316a470bc54f1f39a691f686c9f56

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

_lread
OpenFile
CloseHandle
CreateThread
ReadFile
GetFileSize
GetCurrentThreadId
GetLocalTime
WriteFile
PeekNamedPipe
GetFileType
SystemTimeToFileTime
GetVersionExA
GetCurrentProcess
FormatMessageA
lstrcatA
GetProcAddress
lstrcpyA
GetLastError
_lclose
lstrcpynA
lstrcmpA
SetEndOfFile
SetStdHandle
VirtualQuery
GetSystemInfo
VirtualProtect
IsBadCodePtr
IsBadReadPtr
FlushFileBuffers
GetOEMCP
GetACP
CreateDirectoryA
CreateFileA
GetSystemTimeAsFileTime
QueryPerformanceCounter
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
IsBadWritePtr
VirtualAlloc
VirtualFree
GetPrivateProfileIntA
GetCurrentProcessId
GetSystemTime
GetWindowsDirectoryA
WritePrivateProfileStringA
GetSystemDirectoryA
GlobalAlloc
GlobalFree
Sleep
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetModuleHandleA
GetModuleFileNameA
FreeLibrary
LoadLibraryA
MultiByteToWideChar
WideCharToMultiByte
GetTickCount
SetFilePointer
InterlockedIncrement
InterlockedDecrement
GetLocaleInfoA
RtlUnwind
RaiseException
HeapFree
HeapAlloc
ExitProcess
TerminateProcess
GetStartupInfoA
GetCommandLineA
GetCPInfo
HeapReAlloc
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
TlsFree
SetLastError
TlsSetValue
TlsGetValue
TlsAlloc
SetUnhandledExceptionFilter
HeapSize
HeapDestroy
HeapCreate
lstrlenA

user32

CharUpperBuffA
CharLowerA
DispatchMessageA
TranslateMessage
PeekMessageA
wsprintfA
FindWindowA
SendMessageA
PostMessageA
SetWindowTextA
GetMessageA
LoadIconA
LoadCursorA
RegisterClassA
CreateWindowExA
ShowWindow
UpdateWindow
CharNextA
SetWindowPos
IsWindow
KillTimer
PostQuitMessage
DefWindowProcA
SetTimer

gdi32

GetStockObject

winspool.drv

GetPrinterDriverDirectoryA
ClosePrinter
GetPrinterA
OpenPrinterA
EndDocPrinter
EndPagePrinter
WritePrinter
StartPagePrinter
StartDocPrinterA
GetPrinterDataA
EnumPrintersA

advapi32

InitializeSecurityDescriptor
RegCreateKeyExA
RegSetValueExA
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
IsValidSid
GetLengthSid
GetAce
AllocateAndInitializeSid
FreeSid
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
RegCreateKeyA
RegSetValueA
RegCloseKey

Sections

.text
Size: 180KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca3316a470bc54f1f39a691f686c9f56

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

Sections

.text Size: 180KB - Virtual size: 176KB

.rdata Size: 56KB - Virtual size: 54KB

.data Size: 8KB - Virtual size: 15KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 180KB - Virtual size: 176KB

.rdata
Size: 56KB - Virtual size: 54KB

.data
Size: 8KB - Virtual size: 15KB

.rsrc
Size: 4KB - Virtual size: 2KB