295bc2fde81da77708c8f96fcaa677edf4697b6c16097d69321b66d1019ad93e

Sharing

Copy URL Twitter E-mail

General

Target

295bc2fde81da77708c8f96fcaa677edf4697b6c16097d69321b66d1019ad93e
Size

175KB
MD5

08784156352a6503906d9705c8ba16d0
SHA1

f067e410602d772c11f9ffec45e84aad38b7ae35
SHA256

295bc2fde81da77708c8f96fcaa677edf4697b6c16097d69321b66d1019ad93e
SHA512

802a53b327198eae4aa0cfab67433daa28318b1c1ff9531b7003e3af424bc7d3c49cacb40be16b46120683813b7ef66c2f333efd3679290a574422cfce022dd1
SSDEEP

3072:InXUrGLgX+XFborBxFgTYRNPaxcqTJJu8JPa/bqetM5EFmEq:In7XFY4NxtrJPc/tM5wmE

Score

N/A

Malware Config

Signatures

Files

295bc2fde81da77708c8f96fcaa677edf4697b6c16097d69321b66d1019ad93e
.dll windows x86

e2c856e4793c50d68321d2475ac70bf1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

??_V@YAXPAX@Z
wcschr
_wcsicmp
_wsplitpath_s
??_U@YAPAXI@Z
_strnicmp
??3@YAXPAX@Z
??2@YAPAXI@Z
_XcptFilter
_amsg_exit
free
malloc
_initterm
_except_handler4_common
_vsnwprintf
wcsrchr
__CxxFrameHandler3
memcpy
_wcsnset
memset

netapi32

NetApiBufferFree
NetShareAdd
NetShareDel

kernel32

TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount
GetStringTypeExW
GetTimeFormatW
GetLocaleInfoEx
GetUserPreferredUILanguages
EnumUILanguagesW
FindFirstFileW
SystemTimeToFileTime
GetTempPathW
FindClose
GetFileType
GetSystemTime
ExpandEnvironmentStringsW
GetProcessHeap
GetVersionExW
GetDateFormatW
GetComputerNameW
CompareStringW
GetCurrentThread
GetCurrentProcess
OutputDebugStringW
MulDiv
CreateFileW
CopyFileW
SetEnvironmentVariableW
GetEnvironmentVariableW
GetFileAttributesW
MapViewOfFile
CreateFileMappingW
SetEndOfFile
SetFilePointer
GetTempFileNameW
GetSystemDirectoryW
CloseHandle
UnmapViewOfFile
DeleteFileW
LeaveCriticalSection
EnterCriticalSection
GetLocalTime
OutputDebugStringA
GetModuleFileNameW
LoadLibraryW
LoadLibraryA
GetProcAddress
GetModuleHandleW
GetModuleHandleA
SetLastError
GetFullPathNameW
lstrlenW
GetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
Sleep
LoadLibraryExA
ReadFile
RaiseException
GlobalFree
lstrcmpiW
GlobalAlloc
GetLocaleInfoW
HeapCreate
FreeLibrary
DeleteCriticalSection
DisableThreadLibraryCalls
LoadLibraryExW
DeactivateActCtx
ActivateActCtx
ReleaseActCtx
CreateActCtxW
GetExitCodeProcess
InitializeCriticalSectionAndSpinCount
GetVersion
LocalFree
LocalReAlloc
LocalAlloc
HeapFree
HeapAlloc
HeapDestroy
SetEvent
OpenEventW
ReleaseMutex
OpenFileMappingW
WaitForSingleObject
OpenMutexW
WriteFile

advapi32

AdjustTokenPrivileges
DuplicateTokenEx
LookupPrivilegeValueW
SetThreadToken
QueryServiceStatus
StartServiceW
OpenServiceW
OpenSCManagerW
OpenThreadToken
OpenProcessToken
CloseServiceHandle
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
MakeSelfRelativeSD
GetSecurityDescriptorLength
GetSecurityDescriptorControl
MapGenericMask
ConvertStringSecurityDescriptorToSecurityDescriptorW
UnregisterTraceGuids
RegisterTraceGuidsW
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
RegCloseKey
TraceMessage

user32

GetDlgCtrlID
EndDialog
MessageBeep
EnumChildWindows
GetComboBoxInfo
MessageBoxW
SetWindowPos
WinHelpW
FindWindowW
SetForegroundWindow
PostMessageW
GetDlgItemInt
SetWindowTextW
GetWindowLongW
LoadIconW
TrackPopupMenu
GetMessagePos
SetMenuDefaultItem
EnableMenuItem
CheckMenuItem
DestroyMenu
GetSubMenu
SetFocus
GetWindowTextW
LoadStringW
GetDlgItemTextW
SendMessageW
GetParent
IsDlgButtonChecked
GetDlgItem
EnableWindow
SetDlgItemTextW
CheckDlgButton
SendDlgItemMessageW
LoadMenuW
LoadCursorW
SetCursor
DialogBoxParamW
GetFocus
IsWindowEnabled
ShowWindow
SetDlgItemInt
SetWindowLongW
SetActiveWindow

winspool.drv

EnumFormsW
SetPrinterDataW
GetPrinterDriverW
GetPrinterW
GetPrinterDataW
EnumPrintersW
ClosePrinter
OpenPrinterW
AbortPrinter
EndDocPrinter
EndPagePrinter
StartPagePrinter
StartDocPrinterW
WritePrinter
SetJobW
GetJobW

ole32

CoInitializeEx
CoUninitialize

fxswzrd

FaxFreeSendWizardData
FaxSendWizard

shell32

SHGetPathFromIDListW
ShellExecuteW
SHFileOperationW
SHBrowseForFolderW
ShellExecuteExW
SHGetMalloc
SHGetFolderPathW

Exports

Exports

DevQueryPrintEx
DrvAdvancedDocumentProperties
DrvConvertDevMode
DrvDeviceCapabilities
DrvDevicePropertySheets
DrvDocumentEvent
DrvDocumentProperties
DrvDocumentPropertySheets
DrvDriverEvent
DrvPrinterEvent
PrinterProperties

Sections

.text
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e2c856e4793c50d68321d2475ac70bf1

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

netapi32

kernel32

advapi32

user32

winspool.drv

ole32

fxswzrd

shell32

Exports

Exports

Sections

.text Size: 99KB - Virtual size: 98KB

.data Size: 512B - Virtual size: 2KB

.idata Size: 6KB - Virtual size: 5KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 10KB - Virtual size: 10KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 99KB - Virtual size: 98KB

.data
Size: 512B - Virtual size: 2KB

.idata
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 10KB - Virtual size: 10KB

.rmnet
Size: 56KB - Virtual size: 60KB