a36f04a6c1f20a17ef8253cebe9ce176a4dd70c5939ecf3e2eead0dcc76acc72

Sharing

Copy URL

Twitter E-mail

General

Target

a36f04a6c1f20a17ef8253cebe9ce176a4dd70c5939ecf3e2eead0dcc76acc72
Size

2.7MB
MD5

17fc53a4f6876e6a606ce7fb8807f44b
SHA1

1b2c74f6ff796bce39853835152d88ef7ce2d9d9
SHA256

a36f04a6c1f20a17ef8253cebe9ce176a4dd70c5939ecf3e2eead0dcc76acc72
SHA512

5ea14d653d6817069bed4b811b3ffbf025415279a9c4fe2f1d8b854a2039209a20f497fb64d30755bb197c1bda681b7e68eab35e27ea578f3a196e9e05be867c
SSDEEP

49152:Jgi8Oa/QhlLTw72y3x5aps72bYlZe/zaKZfpXH2zvdzg8SghwNIdxSp2xWnNJzr2:JgtD/QhRTw72y3x5aps72cZO+gfpXYdN

Score

N/A

Malware Config

Signatures

Files

a36f04a6c1f20a17ef8253cebe9ce176a4dd70c5939ecf3e2eead0dcc76acc72
.exe windows x86

a27b70c67753c5e2683e1f6cc3018348

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__p__commode
__p__fmode
__set_app_type
_adjust_fdiv
_controlfp
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_except_handler3
strncpy

winspool.drv

AddPrinterDriverW
DocumentPropertiesA
AddPortA
EnumPrinterDriversA
SpoolerDevQueryPrintW

rpcrt4

RpcAsyncGetCallStatus
NdrComplexArrayMemorySize
RpcMgmtWaitServerListen
RpcMgmtSetComTimeout
RpcServerInqDefaultPrincNameA
RpcRevertToSelfEx
NdrDcomAsyncClientCall
RpcMgmtEpUnregister
RpcServerUseAllProtseqsIfEx

kernel32

GetProcAddress
ReadFile
GetThreadContext
CreateProcessA
SetThreadContext
GetModuleHandleA
GetLastError
GetStartupInfoA

user32

DispatchMessageA
GetMessageA
PeekMessageA
SetTimer
PaintDesktop
GetWindowRgn

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 24.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SELIGER
Size: 2.1MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

GXVM
Size: 4KB - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

IAIQ
Size: 4KB - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

JGMI
Size: 4KB - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

E5OY
Size: 4KB - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

HX97
Size: 4KB - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CWD6
Size: 4KB - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

MRKH
Size: 4KB - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

MLHC
Size: 4KB - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ROTO
Size: 4KB - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SMPV
Size: 4KB - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

FEUP
Size: 4KB - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

GFPW
Size: 4KB - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

MBVQ
Size: 4KB - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

JRJO
Size: 4KB - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ONBM
Size: 4KB - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

E8DR
Size: 4KB - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

KDUY
Size: 4KB - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

FB1D
Size: 4KB - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

MYTJ
Size: 4KB - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

XC9F
Size: 4KB - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

IF6E
Size: 4KB - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

N4ZI
Size: 4KB - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

MHTP
Size: 4KB - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

TVX2
Size: 4KB - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

X3BC
Size: 4KB - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CIVX
Size: 4KB - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

IBCD
Size: 4KB - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

NR0B
Size: 4KB - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

I2C1
Size: 4KB - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PTLD
Size: 4KB - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

AWGT
Size: 4KB - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

AYTZ
Size: 4KB - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

HSXG
Size: 4KB - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ENDZ
Size: 4KB - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a27b70c67753c5e2683e1f6cc3018348

Headers

File Characteristics

Imports

msvcrt

winspool.drv

rpcrt4

kernel32

user32

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 48KB - Virtual size: 24.1MB

SELIGER Size: 2.1MB - Virtual size: 2.0MB

GXVM Size: 4KB - Virtual size: 572B

IAIQ Size: 4KB - Virtual size: 572B

JGMI Size: 4KB - Virtual size: 572B

E5OY Size: 4KB - Virtual size: 572B

HX97 Size: 4KB - Virtual size: 572B

CWD6 Size: 4KB - Virtual size: 572B

MRKH Size: 4KB - Virtual size: 572B

MLHC Size: 4KB - Virtual size: 572B

ROTO Size: 4KB - Virtual size: 572B

SMPV Size: 4KB - Virtual size: 572B

FEUP Size: 4KB - Virtual size: 572B

GFPW Size: 4KB - Virtual size: 572B

MBVQ Size: 4KB - Virtual size: 572B

JRJO Size: 4KB - Virtual size: 572B

ONBM Size: 4KB - Virtual size: 572B

E8DR Size: 4KB - Virtual size: 572B

KDUY Size: 4KB - Virtual size: 572B

FB1D Size: 4KB - Virtual size: 572B

MYTJ Size: 4KB - Virtual size: 572B

XC9F Size: 4KB - Virtual size: 572B

IF6E Size: 4KB - Virtual size: 572B

N4ZI Size: 4KB - Virtual size: 572B

MHTP Size: 4KB - Virtual size: 572B

TVX2 Size: 4KB - Virtual size: 572B

X3BC Size: 4KB - Virtual size: 572B

CIVX Size: 4KB - Virtual size: 572B

IBCD Size: 4KB - Virtual size: 572B

NR0B Size: 4KB - Virtual size: 572B

I2C1 Size: 4KB - Virtual size: 572B

PTLD Size: 4KB - Virtual size: 572B

AWGT Size: 4KB - Virtual size: 572B

AYTZ Size: 4KB - Virtual size: 572B

HSXG Size: 4KB - Virtual size: 572B

ENDZ Size: 4KB - Virtual size: 572B

.rsrc Size: 20KB - Virtual size: 16KB

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 48KB - Virtual size: 24.1MB

SELIGER
Size: 2.1MB - Virtual size: 2.0MB

GXVM
Size: 4KB - Virtual size: 572B

IAIQ
Size: 4KB - Virtual size: 572B

JGMI
Size: 4KB - Virtual size: 572B

E5OY
Size: 4KB - Virtual size: 572B

HX97
Size: 4KB - Virtual size: 572B

CWD6
Size: 4KB - Virtual size: 572B

MRKH
Size: 4KB - Virtual size: 572B

MLHC
Size: 4KB - Virtual size: 572B

ROTO
Size: 4KB - Virtual size: 572B

SMPV
Size: 4KB - Virtual size: 572B

FEUP
Size: 4KB - Virtual size: 572B

GFPW
Size: 4KB - Virtual size: 572B

MBVQ
Size: 4KB - Virtual size: 572B

JRJO
Size: 4KB - Virtual size: 572B

ONBM
Size: 4KB - Virtual size: 572B

E8DR
Size: 4KB - Virtual size: 572B

KDUY
Size: 4KB - Virtual size: 572B

FB1D
Size: 4KB - Virtual size: 572B

MYTJ
Size: 4KB - Virtual size: 572B

XC9F
Size: 4KB - Virtual size: 572B

IF6E
Size: 4KB - Virtual size: 572B

N4ZI
Size: 4KB - Virtual size: 572B

MHTP
Size: 4KB - Virtual size: 572B

TVX2
Size: 4KB - Virtual size: 572B

X3BC
Size: 4KB - Virtual size: 572B

CIVX
Size: 4KB - Virtual size: 572B

IBCD
Size: 4KB - Virtual size: 572B

NR0B
Size: 4KB - Virtual size: 572B

I2C1
Size: 4KB - Virtual size: 572B

PTLD
Size: 4KB - Virtual size: 572B

AWGT
Size: 4KB - Virtual size: 572B

AYTZ
Size: 4KB - Virtual size: 572B

HSXG
Size: 4KB - Virtual size: 572B

ENDZ
Size: 4KB - Virtual size: 572B

.rsrc
Size: 20KB - Virtual size: 16KB