6667fd3ec36455badea51f590e8ab4a9c14a2d4ec83336171c2fef6ee07e0947

Sharing

Copy URL Twitter E-mail

General

Target

6667fd3ec36455badea51f590e8ab4a9c14a2d4ec83336171c2fef6ee07e0947
Size

236KB
MD5

527694b91769403a6ca34f310b0d1e97
SHA1

ce40dbfa35e48ab33c595b4714d57371e7b884ff
SHA256

6667fd3ec36455badea51f590e8ab4a9c14a2d4ec83336171c2fef6ee07e0947
SHA512

8c1c2e9eac9834bac369b1c4d985bbf77ba7496c246d6f03157e13df1d1d72fb7c9cbed5517d16411d92639626b05a262437b6d0f5598aa02cef6928c3f2f7aa
SSDEEP

6144:1oBGsPNnarcB9webwdy0m6QoNCVNjoa9QdgUShI:1Vslar0webAiOyVoaagUSe

Score

N/A

Malware Config

Signatures

Files

6667fd3ec36455badea51f590e8ab4a9c14a2d4ec83336171c2fef6ee07e0947
.exe windows x86

3d6d4535b19966c2b5c85ea460e46e38

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoInitialize
CoUninitialize
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc

ws2_32

getservbyport
getprotobynumber
socket
setsockopt
getservbyname
htons
recv
send
recvfrom
htonl

winspool.drv

AddPrinterA
ClosePrinter
ConfigurePortA
DeleteFormA
DeleteMonitorA
DeletePortA
EnumPortsA
EnumPrintProcessorDatatypesA
EnumPrintProcessorsA
GetPrinterA
OpenPrinterA
PrinterMessageBoxA
ReadPrinter

sti

StiCreateInstanceW

kernel32

GetLocalTime
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoW
LCMapStringW
LCMapStringA
SetEndOfFile
SetConsoleCtrlHandler
GetStringTypeW
GetStringTypeA
ReadFile
GetOEMCP
GetACP
SetStdHandle
IsBadCodePtr
IsBadReadPtr
GetVersionExA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidCodePage
IsValidLocale
GetCPInfo
SetUnhandledExceptionFilter
FlushFileBuffers
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetProfileStringW
lstrcmpA
GetWindowsDirectoryA
CreatePipe
GlobalFree
GlobalAlloc
GetLocaleInfoA
GlobalUnlock
RemoveDirectoryA
CreateThread
LocalFree
LocalAlloc
CloseHandle
GetFileSize
CreateFileA
DeleteCriticalSection
Sleep
FreeLibrary
LoadLibraryA
GetProcAddress
EnterCriticalSection
InitializeCriticalSection
InterlockedExchange
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
RtlUnwind
GetTimeZoneInformation
GetSystemTime
HeapFree
HeapAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
RaiseException
FatalAppExitA
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapSize
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
GetCurrentThread
WriteFile
SetFilePointer
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
GetModuleFileNameA

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 606KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3d6d4535b19966c2b5c85ea460e46e38

Headers

File Characteristics

Imports

ole32

ws2_32

winspool.drv

sti

kernel32

Sections

.text Size: 80KB - Virtual size: 79KB

.rdata Size: 76KB - Virtual size: 75KB

.data Size: 76KB - Virtual size: 606KB

.text
Size: 80KB - Virtual size: 79KB

.rdata
Size: 76KB - Virtual size: 75KB

.data
Size: 76KB - Virtual size: 606KB