bd2d22f529e24359dfc75174cc920d49db6f0751349559358fffc7acbc699479

Sharing

Copy URL Twitter E-mail

General

Target

bd2d22f529e24359dfc75174cc920d49db6f0751349559358fffc7acbc699479
Size

232KB
MD5

edeaeaf9e27ff459a65165fd34512302
SHA1

7a64ca38618939a6e857dd8ee6d6e2ae0ad6736d
SHA256

bd2d22f529e24359dfc75174cc920d49db6f0751349559358fffc7acbc699479
SHA512

70d87027ea97ffbcc50a25fbbdaeddc0cc9b8e8f35a74fb76a9bf8bb57a7f78ae077134bc2f71de0763b38e6e4c6f14c8fffab425a4dee53d0ad68445d45ad5f
SSDEEP

3072:ZJyB5L6KthNrlMo+Pyu/YpEcuspaXDeyd4GzMixzquSm+Sn+A/vO8IGFRUPK+36/:ZJyXFxaHvcuqvdYCm+rA/vUGo/60i

Score

N/A

Malware Config

Signatures

Files

bd2d22f529e24359dfc75174cc920d49db6f0751349559358fffc7acbc699479
.exe windows x86

04ea2eccae7f8d677c4febbed985d353

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

qdprint

QdFindStatusWindow
QdAddJob
QdQueueSMF
QdProgress
QdCloseProgress
QdSMF
QdOpenProgress
QdSMFop
QdScheduleJob

sddmui

SDDMGetGDIInfo
SDDMAdvancedSetupDialog
SDDMDeviceCapabilities
SDDMExtDeviceMode
SDDMDevInstall

sddm32

SDDMLoadDriver
SDDMReadProfile

zspool

EnumPrintersA
OpenPrinterA
GetPrinterDataA
ClosePrinter
GetJobA
SetJobA
GetPrinterA
GetUserNameA
ZSP_StructCopy
ZSP_MakeSpoolFilePath
EnumPrintProcessorsA
GetPrinterDriverA
ZSP_InitializeMonitor
SetPrinterA
EndDocPrinter
EnumPrintProcessorDatatypesA
StartDocPrinterA
RegCloseKey
RegEnumValueA
RegOpenKeyExA
WritePrinter
ZSP_GetMonitor

kernel32

GetUserDefaultLangID
CreateThread
GetCurrentThreadId
GetStartupInfoA
GetModuleHandleA
IsBadReadPtr
lstrcmpiA
lstrcpyA
LocalAlloc
LoadLibraryA
FreeLibrary
CreateFileA
GetFileInformationByHandle
WinExec
GetSystemDefaultLangID
FormatMessageA
OpenFileMappingA
MapViewOfFile
UnmapViewOfFile
CloseHandle
GetSystemTime
FindFirstFileA
FindNextFileA
FindClose
GetLastError
DeleteFileA
LocalFree
GetProfileStringA
WriteProfileStringA
GetVersionExA
GetPrivateProfileStringA
GetCurrentThread
GetVersion
GetCurrentProcessId
GlobalGetAtomNameA
GetTickCount
GetProcAddress

user32

SetTimer
UpdateWindow
ShowWindow
CreateWindowExA
PostQuitMessage
LoadIconA
DefWindowProcA
wsprintfA
SendMessageA
LoadCursorA
RegisterClassA
MessageBoxA
GetMessageA
PostMessageA
PeekMessageA
DispatchMessageA
TranslateMessage
FindWindowA
DestroyWindow
LoadStringA

msvcrt

memset
malloc
free
strcat
strlen
strstr
strcmp
_splitpath
_makepath
memcpy
strtok
_access
strncpy
printf
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_strcmpi
_stricmp
_strnicmp
strcpy

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 192KB - Virtual size: 496KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

04ea2eccae7f8d677c4febbed985d353

Headers

File Characteristics

Imports

qdprint

sddmui

sddm32

zspool

kernel32

user32

msvcrt

Sections

.text Size: 24KB - Virtual size: 20KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 2KB

.vmp0 Size: 192KB - Virtual size: 496KB

.text
Size: 24KB - Virtual size: 20KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 2KB

.vmp0
Size: 192KB - Virtual size: 496KB