493e229ca1480f99402d29330d03e07b66dd34f976f4ad35f7b55dd94e0a0b38

General

Target

493e229ca1480f99402d29330d03e07b66dd34f976f4ad35f7b55dd94e0a0b38
Size

544KB
MD5

08583dce211b1cf733cec045b4e37720
SHA1

182fcab56a36538efc13e84a07e468121660a4ad
SHA256

493e229ca1480f99402d29330d03e07b66dd34f976f4ad35f7b55dd94e0a0b38
SHA512

0173ebeb1f6a434f8f084b541f8d3ae6da80b0d267d24c804c70f4b09954d92fbb06904a8e031bae36ef7a3f7c667ff0620354c681dfe69da963abb32468a713
SSDEEP

12288:hXuMI2RWhqw7GrZKBQg/OXDnoYNuRmndDbz4X6:heMxsZKoBQgWzbuR6Db

Score

N/A

Malware Config

Signatures

Files

493e229ca1480f99402d29330d03e07b66dd34f976f4ad35f7b55dd94e0a0b38
.exe windows x86

3997d292da695b8dd950ec474992f87b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
VirtualAlloc
GetModuleHandleA
IsValidLocale
GetVersion
GetProcAddress
GetHandleInformation
ExitProcess
GetSystemTime
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
CreateFileA
IsBadWritePtr
HeapReAlloc
FlushFileBuffers
SetStdHandle
HeapAlloc
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
ReadFile
CloseHandle
HeapFree
WriteFile
SetFilePointer
GetLastError
GetFileType
GetStdHandle
SetHandleCount
GetCurrentProcess
DeleteFileA
TerminateProcess
GetCommandLineA
GetStartupInfoA

shell32

SHFileOperationA
DragQueryPoint
SHBrowseForFolderA
ShellAboutA
SHGetSpecialFolderLocation
Shell_NotifyIconA
CommandLineToArgvW

winspool.drv

StartDocPrinterA
OpenPrinterA
FindFirstPrinterChangeNotification
AddPrinterA
AbortPrinter
DeletePrintProcessorA
SetPrinterDataExA
DeletePrinterDataExA
AddPrintProcessorA
ScheduleJob
DeletePortA
DeletePrinter
SetPortA
EnumPortsA
GetPrinterA
DeletePrinterDataA
AdvancedDocumentPropertiesA
DeletePrintProvidorA
PrinterProperties
ClosePrinter
ReadPrinter
WritePrinter
ConfigurePortA
FindClosePrinterChangeNotification
SetPrinterA
ResetPrinterA
AddPrinterDriverExA
GetPrinterDataA
EndDocPrinter
AddPortA
EnumPrinterDataExA
AddPrinterDriverA
EnumJobsA
GetPrintProcessorDirectoryA

Sections

.text
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 480KB - Virtual size: 484KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3997d292da695b8dd950ec474992f87b

Headers

File Characteristics

Imports

kernel32

shell32

winspool.drv

Sections

.text Size: 56KB - Virtual size: 53KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 480KB - Virtual size: 484KB

.text
Size: 56KB - Virtual size: 53KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 480KB - Virtual size: 484KB