4b64f2a647821c1269b784c86b4bedd88409ae27c7e735e9c419e5961b768482

Sharing

Copy URL Twitter E-mail

General

Target

4b64f2a647821c1269b784c86b4bedd88409ae27c7e735e9c419e5961b768482
Size

516KB
MD5

81ed7d206808c3c8481fcd5a7aab566e
SHA1

97d3298162587d93e31094651dff585ee43f7521
SHA256

4b64f2a647821c1269b784c86b4bedd88409ae27c7e735e9c419e5961b768482
SHA512

9796ebff416c604a6753d770f7d4ced387f0606333b76fd211192dd071fa2de38ca3ab7e928c43711570139afd7fe35f8e04c2465355b6454c24b3b7b694db16
SSDEEP

12288:qTQHxz2XYI/GbgVoHhFucca/hlLsT0Rpky:qTQHxKXYI/GbgVoPuccaZlxpN

Score

N/A

Malware Config

Signatures

Files

4b64f2a647821c1269b784c86b4bedd88409ae27c7e735e9c419e5961b768482
.dll windows x86

e3135b221577dcfc5a88f364f1f79bfc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryA
GetVersionExA
MoveFileExA
WritePrivateProfileStringA
SetFileAttributesA
WideCharToMultiByte
Sleep
CopyFileA
FindNextFileA
GetLastError
LoadLibraryA
SetEndOfFile
GetProcAddress
FreeLibrary
FindFirstFileA
FindClose
CreateFileA
GetFileTime
CloseHandle
CompareFileTime
GetWindowsDirectoryA
CreateDirectoryA
DeleteFileA
SetEnvironmentVariableA
GetStringTypeW
GetStringTypeA
GetOEMCP
GetFileAttributesA
GlobalFree
SetLastError
ResetEvent
OpenEventA
CreateEventA
WaitForSingleObject
SetEvent
GlobalAlloc
GetModuleHandleA
OutputDebugStringA
ReadFile
WriteFile
DeviceIoControl
GetComputerNameA
MultiByteToWideChar
lstrlenW
IsBadReadPtr
IsBadWritePtr
InitializeCriticalSection
lstrlenA
InterlockedIncrement
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
InterlockedDecrement
CreateSemaphoreA
ReleaseSemaphore
LocalFree
TerminateThread
CreateThread
GetExitCodeThread
LocalAlloc
WaitForMultipleObjects
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
RaiseException
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
FlushFileBuffers
DeleteCriticalSection
HeapReAlloc
HeapSize
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
SetFilePointer
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
SetUnhandledExceptionFilter
IsBadCodePtr
SetStdHandle
GetCPInfo
CompareStringA
CompareStringW
GetACP

user32

GetKeyboardType
LoadStringA
wsprintfA

winspool.drv

OpenPrinterA
GetPrinterA
SetPrinterDataA
ClosePrinter
EnumPortsA
GetPrinterDriverDirectoryA
EnumJobsA
EnumPrintersA
DeletePrinterDriverA
DeletePrinter
GetPrinterDriverA
GetPrinterDataA

advapi32

RegDeleteKeyA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegFlushKey
RegQueryValueExA
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumKeyA
RegCloseKey
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegEnumKeyW
RegEnumValueA
RegEnumValueW
IsTextUnicode

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

ole32

CoInitialize
CoUninitialize

oleaut32

SysAllocStringByteLen
SafeArrayGetUBound
SafeArrayGetLBound
VariantInit
SafeArrayCreate
SysAllocStringLen
SysStringLen
SafeArrayPutElement
VariantClear
SysFreeString
SafeArrayAccessData
LoadRegTypeLi
SysAllocString
SafeArrayUnaccessData

Exports

Exports

VendorJettison
VendorSetup
VendorUninstall

Sections

.text
Size: 260KB - Virtual size: 259KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 204KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e3135b221577dcfc5a88f364f1f79bfc

Headers

File Characteristics

Imports

kernel32

user32

winspool.drv

advapi32

version

ole32

oleaut32

Exports

Exports

Sections

.text Size: 260KB - Virtual size: 259KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 204KB - Virtual size: 212KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 28KB - Virtual size: 27KB

.text
Size: 260KB - Virtual size: 259KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 204KB - Virtual size: 212KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 28KB - Virtual size: 27KB