868257a8529825a3cadd1d0868313a777ba10c63e4fda460744e16e7f3987d44

Sharing

Copy URL Twitter E-mail

General

Target

868257a8529825a3cadd1d0868313a777ba10c63e4fda460744e16e7f3987d44
Size

836KB
MD5

e1261f5b7fee8133c25d2365bf00e939
SHA1

3f089537d4a5d3347b47dfa68aad95a990fb19f3
SHA256

868257a8529825a3cadd1d0868313a777ba10c63e4fda460744e16e7f3987d44
SHA512

ea54acc1d8a31c943fb2762c862a83135e76dfdcdf2c7d9f4f8fa8532bad294a0a094fb3c2f71acba36f686344b08802e57e0a7487fbfccd136c137274fe6a1a
SSDEEP

24576:WiRmu89tyvt4jIBkI+dYSfb2UgxQp8fDu23ulaMKrco:cu8PyLkITSfaUVADClaD

Score

N/A

Malware Config

Signatures

Files

868257a8529825a3cadd1d0868313a777ba10c63e4fda460744e16e7f3987d44
.exe windows x86

b7b15b00067af6e1e4f17d2c0b3fd70c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crtdll

_lseek
_putw
labs
_ultoa
_gcvt
_ismbbalnum
_strcmpi
_statusfp
iswlower
fputwc
_fmode_dll

msvcirt

?eback@streambuf@@IBEPADXZ
?str@ostrstream@@QAEPADXZ
?flush@ostream@@QAEAAV1@XZ
??0ifstream@@QAE@ABV0@@Z
??_8strstream@@7Bostream@@@
?clear@ios@@QAEXH@Z
??4ostream_withassign@@QAEAAV0@ABV0@@Z
??_Eiostream@@UAEPAXI@Z
??0strstreambuf@@QAE@H@Z
?str@strstream@@QAEPADXZ
??_Difstream@@QAEXXZ
?setmode@ifstream@@QAEHH@Z
?bitalloc@ios@@SAJXZ
?sync_with_stdio@ios@@SAXXZ
??0ostrstream@@QAE@PADHH@Z
??_Gfstream@@UAEPAXI@Z
??0istream_withassign@@QAE@XZ
?sh_read@filebuf@@2HB

printui

bFolderRefresh
bFolderEnumPrinters
ConstructPrinterFriendlyName
vQueueCreate
ShowErrorMessageSC
DllMain
PrinterPropPageProvider
bPrinterSetup
DocumentPropertiesWrap
PrintUIEntryW
PrintNotifyTray_Exit
vPrinterPropPages
ShowErrorMessageHR
UnregisterPrintNotify
PnPInterface
vDocumentDefaults
ConnectToPrinterDlg
PrintNotifyTray_Init
RegisterPrintNotify
vServerPropPages
bFolderGetPrinter

odbc32

SQLGetFunctions
SQLStatisticsW
SQLSetScrollOptions
SQLProcedureColumnsA
SQLForeignKeysA
ValidateErrorQueue
SQLPrepare
SQLDataSources
CollectODBCPerfData
SQLDescribeCol
PostODBCComponentError
SQLColumnsW
SQLRowCount
SQLBrowseConnectW
SQLSetConnectOption

kernel32

GetOEMCP
RemoveDirectoryW
GetConsoleAliasesLengthW
GetSystemDirectoryA
HeapCreate
GetProfileSectionA
SetDefaultCommConfigW
MultiByteToWideChar
RemoveVectoredExceptionHandler
FindActCtxSectionStringA
LoadLibraryW
WritePrivateProfileSectionW

Sections

.text
Size: 385KB - Virtual size: 384KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 157KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 195KB - Virtual size: 194KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 868B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7b15b00067af6e1e4f17d2c0b3fd70c

Headers

DLL Characteristics

File Characteristics

Imports

crtdll

msvcirt

printui

odbc32

kernel32

Sections

.text Size: 385KB - Virtual size: 384KB

.rdata Size: 97KB - Virtual size: 96KB

.data Size: 157KB - Virtual size: 1.6MB

.rsrc Size: 195KB - Virtual size: 194KB

.reloc Size: 1024B - Virtual size: 868B

.text
Size: 385KB - Virtual size: 384KB

.rdata
Size: 97KB - Virtual size: 96KB

.data
Size: 157KB - Virtual size: 1.6MB

.rsrc
Size: 195KB - Virtual size: 194KB

.reloc
Size: 1024B - Virtual size: 868B