8fe1df4eba5fd54e4c66ccc05deda44f888150f7caddf2531d8a4684cf754019

Sharing

Copy URL Twitter E-mail

General

Target

8fe1df4eba5fd54e4c66ccc05deda44f888150f7caddf2531d8a4684cf754019
Size

202KB
MD5

acbf6e4fec81b2cbf23e94c200d2090f
SHA1

19498a981f027a90396cfebb98837077498c18b3
SHA256

8fe1df4eba5fd54e4c66ccc05deda44f888150f7caddf2531d8a4684cf754019
SHA512

af4b388c4684abd04b7fda586f0f77f56dece6efe1a7342de2fe405280735bcf06dc2d98ba02cdaeb2badb2f71748fa97d0b3d6f5e633281c599e93b32229328
SSDEEP

3072:HDkSh0mHj4XFMngD5VJMe9eJ89CInc8LIZMtgU68pNmQd/IJ:jkSiMGFMg9MeYJ89Cx8ECq8Hm+/+

Score

N/A

Malware Config

Signatures

Files

8fe1df4eba5fd54e4c66ccc05deda44f888150f7caddf2531d8a4684cf754019
.exe windows x86

1806c06499648e2a11f1886c2e590012

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteA

oledlg

OleUIBusyW

dbghelp

SymGetModuleInfoW64
SymRegisterFunctionEntryCallback
StackWalk64
SymEnumTypes
FindFileInPath

shlwapi

PathFindFileNameW
PathAddBackslashW
PathStripToRootW
PathIsUNCW
PathFindExtensionW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

kernel32

GetCurrentProcess
HeapSize
CreateFileW
LCMapStringW
IsProcessorFeaturePresent
FlushFileBuffers
LoadLibraryW
HeapReAlloc
HeapAlloc
GetStringTypeW
ReadFile
RtlUnwind
CloseHandle
WaitForSingleObject
OpenJobObjectW
EnumTimeFormatsW
SetProcessWorkingSetSize
FindNextFileA
GetLogicalDrives
GetLastError
MoveFileA
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCommandLineA
HeapSetInformation
GetStartupInfoW
EncodePointer
SetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
SetHandleCount
GetStdHandle
DeleteCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DecodePointer
TerminateProcess
MultiByteToWideChar
Sleep
HeapFree
GetProcAddress
GetModuleHandleW
ExitProcess
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
WriteConsoleW
SetFilePointer

Sections

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.BSS
Size: 5KB - Virtual size: 36.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1806c06499648e2a11f1886c2e590012

Headers

DLL Characteristics

File Characteristics

Imports

shell32

oledlg

dbghelp

shlwapi

winspool.drv

kernel32

Sections

.text Size: 95KB - Virtual size: 94KB

.rdata Size: 10KB - Virtual size: 10KB

.BSS Size: 5KB - Virtual size: 36.0MB

.rsrc Size: 90KB - Virtual size: 90KB

.text
Size: 95KB - Virtual size: 94KB

.rdata
Size: 10KB - Virtual size: 10KB

.BSS
Size: 5KB - Virtual size: 36.0MB

.rsrc
Size: 90KB - Virtual size: 90KB