ed0b90d2c4da6ecacf77d7677e01f6f3d1e0e8fff0c2f0cd15a765e3225d26b9

General

Target

ed0b90d2c4da6ecacf77d7677e01f6f3d1e0e8fff0c2f0cd15a765e3225d26b9
Size

26KB
MD5

de3d0e4b23f88f3317bc663be6b9e7e0
SHA1

c64932f20c289c0f70861eda25d7914aaf196594
SHA256

ed0b90d2c4da6ecacf77d7677e01f6f3d1e0e8fff0c2f0cd15a765e3225d26b9
SHA512

632f3d011b8d21e5be9aa3e56c69ca0bf13a77bc2e0b6b399df88ade74b3a764c9627fd4c2f11255a68d3a32305595ddc16491407faaa0e555c5775958a2948e
SSDEEP

768:OyCLaXT1sxix2KMKnCjoCLPt6+xpBzKs:CLaXT1sxixDf0PtBms

Score

N/A

Malware Config

Signatures

Files

ed0b90d2c4da6ecacf77d7677e01f6f3d1e0e8fff0c2f0cd15a765e3225d26b9
.dll windows x64

22fcfd221ed6845c4d04b0bbb0412173

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcrt

memset
memcpy
free
malloc
sprintf
_initterm
wcsstr
_wtoi
swprintf

ntdll

RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
VerSetConditionMask

kernel32

VerifyVersionInfoW
SetThreadPriority
CreateThread
lstrlenW
WaitForSingleObject
OutputDebugStringW
ResetEvent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
lstrcmpiW
GlobalFree
GlobalAlloc
CloseHandle
CreateEventW
DisableThreadLibraryCalls
InitializeCriticalSection
SetLastError
SetEvent
MultiByteToWideChar
GetTickCount
OutputDebugStringA
Sleep
WideCharToMultiByte
GetLastError
QueryPerformanceCounter

advapi32

RegSetValueExW
RegCloseKey
RegCreateKeyExW
RegQueryValueExW

spoolss

SetJobW
SetPortW
SetPrinterW
GetPrinterW
OpenPrinterW
ClosePrinter

Exports

Exports

InitializePrintMonitor

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 732B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

22fcfd221ed6845c4d04b0bbb0412173

Headers

File Characteristics

Imports

msvcrt

ntdll

kernel32

advapi32

spoolss

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 2KB - Virtual size: 3KB

.pdata Size: 1024B - Virtual size: 732B

.rsrc Size: 1024B - Virtual size: 920B

.reloc Size: 512B - Virtual size: 260B

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 2KB - Virtual size: 3KB

.pdata
Size: 1024B - Virtual size: 732B

.rsrc
Size: 1024B - Virtual size: 920B

.reloc
Size: 512B - Virtual size: 260B