efee1d37b7f346c7783bea527d6275ccb9767e0f0dde0c231396a986cb0a7cbc

Sharing

Copy URL Twitter E-mail

General

Target

efee1d37b7f346c7783bea527d6275ccb9767e0f0dde0c231396a986cb0a7cbc
Size

317KB
MD5

91837a611a4da6696d0eea30000b4862
SHA1

2f18381e0da82b6131ae75f0e674b1e2605c86ac
SHA256

efee1d37b7f346c7783bea527d6275ccb9767e0f0dde0c231396a986cb0a7cbc
SHA512

d46f98a0ccc330835d5302b1e9036b93b0ee0e634069c3b92b20191b446e295afb018f36f469546446e9b4d5fbbd1c909797bbfb8c1848934b9cde70c7d47570
SSDEEP

6144:6tgES1T7CaUOae6Pb0eNxUiqH3lJt5TvFwFCx68P6hU6r4SD9fAQPxLptZCDOlIZ:6qTGv0ZBPit9A6LptMvrM38MO

Score

N/A

Malware Config

Signatures

Files

efee1d37b7f346c7783bea527d6275ccb9767e0f0dde0c231396a986cb0a7cbc
.dll windows x86

33c14285e2ac6e502d3093d592db345b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
CloseHandle
CompareFileTime
GetFileTime
CreateFileW
FreeLibrary
LoadLibraryExW
SetErrorMode
MultiByteToWideChar
GetSystemDefaultLCID
SetLastError
LoadLibraryW
SizeofResource
LockResource
LoadResource
FindResourceW
MapViewOfFile
CreateFileMappingW
GetFileSize
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
InterlockedDecrement
InterlockedIncrement
GetProcAddress
MulDiv
LocalFree
LocalAlloc
Sleep
UnmapViewOfFile

msvcrt

malloc
_adjust_fdiv
_initterm
free
??2@YAPAXI@Z
wcslen
wcscmp
_wcsnicmp
iswctype
_strnicmp
isspace
wcsncpy
wcsncmp
wcsstr
qsort
_vsnprintf
strstr
_strlwr
_purecall
strncmp
??3@YAXPAX@Z
strncpy
atoi
_wcsicmp
wcsrchr

winspool.drv

GetPrinterDataW
GetPrinterDriverW
EnumFormsW
GetPrinterW
WritePrinter
FlushPrinter

gdi32

EngGradientFill
XLATEOBJ_piVector
XLATEOBJ_iXlate
STROBJ_bEnum
EngStretchBltROP
XLATEOBJ_cGetPalette
EngUnicodeToMultiByteN
FONTOBJ_pvTrueTypeFontFile
STROBJ_bGetAdvanceWidths
FONTOBJ_vGetInfo
EngMultiByteToWideChar
EngFindResource
EngLoadModule
FONTOBJ_pifi
FONTOBJ_pxoGetXform
STROBJ_vEnumStart
STROBJ_bEnumPositionsOnly
EngTextOut
FONTOBJ_cGetGlyphs
CLIPOBJ_cEnumStart
EngGetCurrentCodePage
CLIPOBJ_bEnum
XFORMOBJ_iGetXform
BRUSHOBJ_ulGetBrushColor
BRUSHOBJ_pvGetRbrush
EngTransparentBlt
EngAlphaBlend
EngLineTo
EngStrokeAndFillPath
EngFillPath
EngStrokePath
BRUSHOBJ_pvAllocRbrush
EngPaint
EngPlgBlt
EngStretchBlt
EngCopyBits
PATHOBJ_vEnumStart
EngDeletePalette
EngFreeModule
EngCreateDeviceSurface
EngCreateBitmap
EngDeleteSurface
EngUnlockSurface
EngMarkBandingSurface
EngLockSurface
EngAssociateSurface
HT_Get8BPPFormatPalette
HT_Get8BPPMaskPalette
EngCreatePalette
XFORMOBJ_bApplyXform
EngBitBlt
EngEraseSurface
PATHOBJ_bEnum
CLIPOBJ_ppoGetPath

Exports

Exports

DllMain
DrvDisableDriver
DrvEnableDriver
DrvQueryDriverInfo

Sections

.text
Size: 249KB - Virtual size: 249KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

33c14285e2ac6e502d3093d592db345b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

winspool.drv

gdi32

Exports

Exports

Sections

.text Size: 249KB - Virtual size: 249KB

.data Size: 62KB - Virtual size: 61KB

.rsrc Size: 1024B - Virtual size: 1000B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 249KB - Virtual size: 249KB

.data
Size: 62KB - Virtual size: 61KB

.rsrc
Size: 1024B - Virtual size: 1000B

.reloc
Size: 4KB - Virtual size: 3KB