cb1b9241ef3df247c9b12bc868b2ec75a5b9e0cbd496619ac01e15f2757b9af6

General

Target

cb1b9241ef3df247c9b12bc868b2ec75a5b9e0cbd496619ac01e15f2757b9af6
Size

280KB
MD5

829ea84e58b04a2b67461532c98f2300
SHA1

eb545e52bcf55ac251728b16269f08c64d8e1c9b
SHA256

cb1b9241ef3df247c9b12bc868b2ec75a5b9e0cbd496619ac01e15f2757b9af6
SHA512

92c7fffc6626d6b12e43ed7090822ae4a4740c75d576f19057775a5e2e64690f91232c7296f696ae55f72b8a08a2a1d059f1f23ff71ea8117876c8a8158a3f3e
SSDEEP

6144:l7c/DPYmUZLCQWww0+ryDpESjr2rBfLMpwfR36Q7Q5k:e/DYPdofWNjfA9LTZ6cx

Score

N/A

Malware Config

Signatures

Files

cb1b9241ef3df247c9b12bc868b2ec75a5b9e0cbd496619ac01e15f2757b9af6
.exe windows x86

d75fd5ecd3733c33a9c346b676f1b67b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winspool.drv

OpenPrinterW

advapi32

RegOpenKeyExW
RegSetValueExW
RegOpenKeyExA

kernel32

GetLocalTime
GetCurrentProcessId
GetACP
MapViewOfFile
CompareStringW
MultiByteToWideChar
LocalUnlock
CreateFileMappingW
lstrcpyW
GetTickCount
GetFileInformationByHandle
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetLocaleInfoW
lstrcpynW
lstrlenW
SetLastError
UnhandledExceptionFilter
WideCharToMultiByte
GlobalLock
GetCommandLineW
SetUnhandledExceptionFilter
FoldStringW
IsDebuggerPresent

user32

GetMenuState
GetDlgCtrlID
EndDialog
TranslateMessage
MoveWindow
GetMenu
CharUpperW
UpdateWindow
GetWindowTextW
GetCursorPos
InvalidateRect
DefWindowProcW
GetClientRect
DrawTextExW
ReleaseDC
PostMessageW
GetDlgItem
PostQuitMessage
wsprintfW
ChildWindowFromPoint
SetScrollPos
CharNextW
EnableMenuItem

comdlg32

ReplaceTextW
GetSaveFileNameW

shell32

DragQueryFileW
ShellAboutW

gdi32

CreateDCW
AbortDoc
GetTextMetricsW
GetWindowOrgEx
CreatePalette
StartPage

Sections

.text
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 662KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 153KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d75fd5ecd3733c33a9c346b676f1b67b

Headers

File Characteristics

Imports

winspool.drv

advapi32

kernel32

user32

comdlg32

shell32

gdi32

Sections

.text Size: 106KB - Virtual size: 105KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 17KB - Virtual size: 662KB

.rsrc Size: 153KB - Virtual size: 152KB

.text
Size: 106KB - Virtual size: 105KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 17KB - Virtual size: 662KB

.rsrc
Size: 153KB - Virtual size: 152KB