002f8f1d9131a2ce7dfe3a074f0a9517910af23c6751b2cb036f1a41be59b6ba

Sharing

Copy URL

Twitter E-mail

General

Target

002f8f1d9131a2ce7dfe3a074f0a9517910af23c6751b2cb036f1a41be59b6ba
Size

164KB
MD5

35d19c6a3b3def9c1496c6d3c4fccbf4
SHA1

248f32d859659b092094789bc59eb85ba84c4784
SHA256

002f8f1d9131a2ce7dfe3a074f0a9517910af23c6751b2cb036f1a41be59b6ba
SHA512

153f61b577f1c8e922e0317dd4957de83fe7af0acaf48ca80957cf3b9ae36dc0ef444baeaf86b285fd79385933c90d9bbc86615ad0948f93d6569d6209da535d
SSDEEP

3072:eps6sRI6k+R3PYDa0lw9ItlZG7xb/4KEHbI++9RSedXlZ:uFs26k+9P7x9ItlZG7x/4KQbINd

Score

N/A

Malware Config

Signatures

Files

002f8f1d9131a2ce7dfe3a074f0a9517910af23c6751b2cb036f1a41be59b6ba
.dll windows x86

d0a9b5f51a941fbe9edf91f8e6478ba1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GlobalAlloc
lstrcpyA
lstrcmpA
GetPrivateProfileStringA
FindClose
FindFirstFileA
GetSystemDirectoryA
CreateFileA
GetCurrentDirectoryA
WriteFile
SizeofResource
LockResource
LoadResource
FindResourceA
CreateProcessA
GetModuleHandleA
GetDriveTypeA
GetLogicalDrives
lstrcpynA
ReadFile
GetFileSize
InitializeCriticalSection
IsBadCodePtr
IsBadReadPtr
OpenProcess
SetLastError
GetLastError
CloseHandle
lstrlenA
GetVersionExA
GetWindowsDirectoryA
OutputDebugStringA
ExitProcess
RtlUnwind
RaiseException
GetCurrentThreadId
GetCommandLineA
HeapAlloc
HeapFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetACP
GetOEMCP
GetCPInfo
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
SetUnhandledExceptionFilter
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
UnhandledExceptionFilter
VirtualAlloc
HeapReAlloc
IsBadWritePtr
HeapSize
LoadLibraryA
InterlockedExchange
VirtualQuery
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
VirtualProtect
GetSystemInfo

user32

WaitForInputIdle
MessageBoxA
wvsprintfA
wsprintfA
FindWindowA
GetWindowThreadProcessId

winspool.drv

GetPrinterA

advapi32

RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
CreateProcessAsUserA
OpenProcessToken
RegCreateKeyExA

shell32

ShellExecuteA

Exports

Exports

Setup

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d0a9b5f51a941fbe9edf91f8e6478ba1

Headers

File Characteristics

Imports

kernel32

user32

winspool.drv

advapi32

shell32

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 64KB - Virtual size: 64KB

.rsrc Size: 36KB - Virtual size: 33KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 64KB - Virtual size: 64KB

.rsrc
Size: 36KB - Virtual size: 33KB

.reloc
Size: 8KB - Virtual size: 4KB