194611984f2b5b900950c0922f59d5b7f0b894da20efa7577f2d48f63ad6d6ef

Sharing

Copy URL Twitter E-mail

General

Target

194611984f2b5b900950c0922f59d5b7f0b894da20efa7577f2d48f63ad6d6ef
Size

480KB
MD5

861c5fc8bad7d0b1a96b292595016c85
SHA1

74cd2cf61e08c16010e3906389d3d8db019803bb
SHA256

194611984f2b5b900950c0922f59d5b7f0b894da20efa7577f2d48f63ad6d6ef
SHA512

9507c8f78b463ecc427c3e388cba8355f86288a10f656dc2c14a6660a6656bfdde5f33e5867903d0e44007145b696871d75b9b421d886b75773d44379cbd8612
SSDEEP

12288:T2LtDtszaLU4LHV1FKznmaK53f6z5783JUgw:yZDG21PKznrA6z5gLw

Score

N/A

Malware Config

Signatures

Files

194611984f2b5b900950c0922f59d5b7f0b894da20efa7577f2d48f63ad6d6ef
.exe windows x86

d0c74c2d0c206dd46681ce96db7a1240

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winspool.drv

OpenPrinterW
EnumPrintersW
ord204

user32

DefWindowProcW
RegisterClassExW
MessageBoxW
GetSysColorBrush
DrawFrameControl
LoadIconW
ScreenToClient
SetFocus
GetMenuItemCount
GetDlgCtrlID
CreateWindowExW
GetSysColor
CopyRect
ReleaseCapture
DeleteMenu
DestroyIcon
GetFocus
InsertMenuW
LoadCursorW
SetRect
SetCapture
LoadBitmapW
MapWindowPoints
MessageBeep
IsWindowEnabled
SendMessageTimeoutW
PostMessageW
LockWindowUpdate
GetLastActivePopup
SetDlgItemTextW
CallNextHookEx
DrawTextExW
DestroyWindow
IsIconic
LoadImageW
wsprintfW
IsClipboardFormatAvailable
RegisterClassW
MapDialogRect
SetForegroundWindow
EnableMenuItem
TranslateMessage
SetWindowPos
AppendMenuW
ShowWindow
SetScrollPos
GetWindowPlacement
GetWindowDC
SetMenu
GetIconInfo
GetTopWindow
SetCursor

comdlg32

GetSaveFileNameA
GetFileTitleA

shell32

ord155
ShellExecuteA
SHGetMalloc
ExtractIconA

advapi32

InitializeSecurityDescriptor
StartServiceCtrlDispatcherA
CreateServiceA
RegQueryInfoKeyA
SetSecurityDescriptorDacl
RegCloseKey
RegEnumKeyExA

kernel32

GetACP
GetSystemDirectoryA
GetModuleFileNameA
CreateMutexW
SetFileTime
GetProcessHeap
GetStdHandle
InitializeCriticalSection
GetStringTypeA
TlsFree
GetCPInfo
EnterCriticalSection
RtlUnwind
GetLocaleInfoA
IsBadCodePtr
lstrlenA
FreeEnvironmentStringsW
GetLastError
OutputDebugStringA
GlobalFree
ExitProcess
LCMapStringW
GetCommandLineA
GetStringTypeW
HeapReAlloc
HeapAlloc
CreateDirectoryA
TlsSetValue
GetModuleHandleA
LockResource
MoveFileW
FreeEnvironmentStringsA
GetFileAttributesW
SetStdHandle
CreateDirectoryW
ReleaseMutex
SetEnvironmentVariableA
GetUserDefaultLangID
GetVersion
TlsGetValue
SetEndOfFile
GetOEMCP
TerminateProcess
LoadLibraryA
lstrcpyW
HeapCreate
GetModuleFileNameW
SetUnhandledExceptionFilter
GetCurrentProcess
SetFilePointer
GlobalUnlock
CompareStringA
InterlockedExchange
GetFileType
FlushFileBuffers
GetEnvironmentStrings
Sleep
GetTickCount
GetSystemTime
FileTimeToSystemTime
LCMapStringA
GetCurrentProcessId
GetEnvironmentStringsW
InterlockedIncrement
LocalFree
GetLocalTime
GetProcAddress
GetStartupInfoW
MulDiv
VirtualQuery
GetTempPathW
GetStartupInfoA
QueryPerformanceCounter
WideCharToMultiByte
GetCurrentThreadId
GetModuleHandleW
GetFullPathNameW
CompareStringW
FindNextFileW
MultiByteToWideChar
HeapFree
DeleteCriticalSection
GetTimeZoneInformation
lstrlenW
DeleteFileW
UnhandledExceptionFilter
TerminateThread
SetLastError
RaiseException
GlobalSize
LoadLibraryW
GetCurrentThread
VirtualFree
TlsAlloc
VirtualAlloc
CompareFileTime
GetCommandLineW
GetSystemTimeAsFileTime
ReadFile
HeapSize
GetTempFileNameW
SetThreadPriority
CreateThread
SetHandleCount
CloseHandle
GlobalDeleteAtom
WriteConsoleA
SuspendThread
DuplicateHandle
LeaveCriticalSection
InterlockedDecrement
SetEvent
HeapDestroy
WriteFile
FindFirstFileA
WaitForMultipleObjects

ole32

OleDuplicateData
CLSIDFromString
RevokeDragDrop
OleUninitialize
CoTaskMemFree
CoTaskMemAlloc
CoRegisterMessageFilter
OleFlushClipboard

Sections

.text
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d0c74c2d0c206dd46681ce96db7a1240

Headers

File Characteristics

Imports

winspool.drv

user32

comdlg32

shell32

advapi32

kernel32

ole32

Sections

.text Size: 72KB - Virtual size: 68KB

.rdata Size: 252KB - Virtual size: 251KB

.data Size: 76KB - Virtual size: 97KB

.rsrc Size: 76KB - Virtual size: 73KB

.text
Size: 72KB - Virtual size: 68KB

.rdata
Size: 252KB - Virtual size: 251KB

.data
Size: 76KB - Virtual size: 97KB

.rsrc
Size: 76KB - Virtual size: 73KB