1b98fe66cd3369d989c7d79aa8966e06722acff19b8a0d02f5f017c3a0b279a7

General

Target

1b98fe66cd3369d989c7d79aa8966e06722acff19b8a0d02f5f017c3a0b279a7
Size

238KB
MD5

92e87e0916ef1596acef0ea53c10ae8d
SHA1

5571e949694c28d28298bbc2857b2e6efb427b37
SHA256

1b98fe66cd3369d989c7d79aa8966e06722acff19b8a0d02f5f017c3a0b279a7
SHA512

03f4fdf5841b689655efe3e732d33f00bee6831924f9df0c9641f3e1ab2fbb1cc54803a58324dacd953b0740944c1657f84fec3f5b77ff260c0fafa8b96b2858
SSDEEP

6144:CP59F2JMWZPVnu+2bA7uLIYttxr+roYKxfAnlUd1t:CT0JMWHu+/7uLx/YKxfqlUd1t

Score

N/A

Malware Config

Signatures

Files

1b98fe66cd3369d989c7d79aa8966e06722acff19b8a0d02f5f017c3a0b279a7
.exe windows x86

7dedab38da63c088f97590294563aeec

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessWorkingSetSize
CreateEventA
lstrlenA
CreateMailslotW
GetCommModemStatus
WriteProfileSectionA
Process32FirstW
MoveFileA
GetOverlappedResult
GetStdHandle
MoveFileW
SetVolumeLabelW
GetComputerNameA
_lopen
GetCPInfo
GetDriveTypeA
GetThreadLocale
WritePrivateProfileSectionA
OpenWaitableTimerW
CloseHandle
SetFileApisToANSI
EndUpdateResourceW
_llseek
DefineDosDeviceW
WaitForMultipleObjects
AssignProcessToJobObject
DebugActiveProcess
GetLongPathNameA
CancelWaitableTimer
DebugBreak
CreateMutexA
GetCommTimeouts
GlobalGetAtomNameW
GetDevicePowerState
TlsGetValue
GetCurrentDirectoryW
FindVolumeClose
EnumResourceNamesA
ReplaceFileW
DeleteFileA
EnumResourceTypesA
SetHandleInformation

version

VerInstallFileA
GetFileVersionInfoA
VerFindFileA

winspool.drv

DeletePrintProvidorA
AddPrinterW

user32

MapDialogRect
SetWindowPlacement
WindowFromDC
OpenDesktopA
UnhookWinEvent
ActivateKeyboardLayout
GetMouseMovePointsEx

Sections

.text
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 263B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 69KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7dedab38da63c088f97590294563aeec

Headers

File Characteristics

Imports

kernel32

version

winspool.drv

user32

Sections

.text Size: 159KB - Virtual size: 159KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 263B

.data Size: 69KB - Virtual size: 116KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 159KB - Virtual size: 159KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 263B

.data
Size: 69KB - Virtual size: 116KB

.rsrc
Size: 6KB - Virtual size: 5KB