f489c4ec8f3b5a4e165d84d5b249eddb04054ad96628ef0867ae992309b435a4

Sharing

Copy URL

Twitter E-mail

General

Target

f489c4ec8f3b5a4e165d84d5b249eddb04054ad96628ef0867ae992309b435a4
Size

148KB
MD5

00f2500cb259f8bc1f00106a970846a0
SHA1

bbc91326fa035822a1c806f989fbf89ea6655b9c
SHA256

f489c4ec8f3b5a4e165d84d5b249eddb04054ad96628ef0867ae992309b435a4
SHA512

239ef5290636549bd379f4c363f38a800b3c547c2ae96322b678f5e56e5ab34de3f2072bfe4805d25e2bc2365ab9cf8e297405eea8f19b4a123badc1d64ff703
SSDEEP

1536:Cwsw9ukAf70iXoLSMwa0JKHRpsjmH/78vP+1H5A6jYHHwBj:/swXFiXoLSZJ8sjo8+1Hq6V

Score

N/A

Malware Config

Signatures

Files

f489c4ec8f3b5a4e165d84d5b249eddb04054ad96628ef0867ae992309b435a4
.exe windows x86

a95c8b8e7a82b175d2035a58d10835f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
GetACP
GetCPInfo
SetFilePointer
GetStringTypeW
GetProcAddress
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
WriteFile
GetFileType
LoadLibraryA
SetStdHandle
FlushFileBuffers
GetLastError
WinExec
GetTickCount
GetStringTypeA
Sleep
RtlUnwind
HeapFree
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
RaiseException
HeapReAlloc
HeapAlloc
TerminateProcess
GetCurrentProcess
HeapSize
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
CloseHandle

user32

CreateDialogParamA
GetMessageA
DispatchMessageA
TranslateMessage
SendMessageA
PostMessageA
KillTimer
PostQuitMessage
SetTimer
GetDlgItem
ShowWindow
DestroyWindow

winspool.drv

EnumPortsA

advapi32

QueryServiceStatus
ControlService
StartServiceA
CloseServiceHandle
OpenServiceA
OpenSCManagerA

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

efamg
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 80KB - Virtual size: 77KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a95c8b8e7a82b175d2035a58d10835f3

Headers

File Characteristics

Imports

kernel32

user32

winspool.drv

advapi32

Sections

.text Size: 32KB - Virtual size: 28KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 15KB

.rsrc Size: 4KB - Virtual size: 1KB

efamg Size: 8KB - Virtual size: 4KB

Size: 80KB - Virtual size: 77KB

.text
Size: 32KB - Virtual size: 28KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 15KB

.rsrc
Size: 4KB - Virtual size: 1KB

efamg
Size: 8KB - Virtual size: 4KB