ce1ce545084dafb0048f6b5de49408b4aab54262ba83614bed31585db583a8e9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ce1ce545084dafb0048f6b5de49408b4aab54262ba83614bed31585db583a8e9
Size

619KB
MD5

11c5a6fd5129f6aab25ee336cdab4001
SHA1

202a33734c644cf6fd6c9d0e89c19c59977c17fb
SHA256

ce1ce545084dafb0048f6b5de49408b4aab54262ba83614bed31585db583a8e9
SHA512

1e804c73e38aa33bab8e399bf2c62290ce8807e3a9328710b0e621db22acb2f70406c0899284c338bdba755a38b9b76577e56cc6304632a848afbe94d7099967
SSDEEP

12288:rpwTCqf8EajHv4QlW/pXPClX3AiTmxx8k+lHQzTWpcVphvU:zEM8/pXMAiK0lwPWpcVXU

Score

N/A

Malware Config

Signatures

Files

ce1ce545084dafb0048f6b5de49408b4aab54262ba83614bed31585db583a8e9
.exe windows x86

95a4f69f806433ca3a09e4f14760199d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
IsValidLocale
GetHandleInformation
GetVersion
GetLocalTime
EnumDateFormatsExW
FreeLibrary
GetSystemTime
GetProcAddress
LoadLibraryA
FoldStringW
GetModuleHandleA
QueryDosDeviceA

winspool.drv

GetJobA
EnumMonitorsA
AddPrintProcessorA
EnumPrintersW
DEVICEMODE
DeleteFormA
DeletePrinterDataExW
DocumentPropertiesA
DeletePrinterDataA
EnumPortsW
ord208
DeletePortA
EnumFormsW
GetPrinterDataW
SetPrinterW
AdvancedDocumentPropertiesW
OpenPrinterA
SetPortW
AddPortW
DeletePrintProvidorW
EnumPrinterDataExA

msvcrt

fputs
fclose
fread
printf
_tzname
fprintf
feof
_wcsupr
fopen
fwprintf
sprintf
fsetpos
exp
__p__pgmptr
_unlink
ftell
atof
_putws
ferror
fputc
_unloaddll
_wexeclp
_fcloseall
_wstat
_fileinfo
_dup
memset
wcstok
_locking
_execve
_cexit
fseek
fwrite
_onexit
strcspn

Sections

.text
Size: 600KB - Virtual size: 597KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE