870acb68bdf4d6dd9d73da7b6b9c9b074f256727c929017e797a56b60126d9c7

General

Target

870acb68bdf4d6dd9d73da7b6b9c9b074f256727c929017e797a56b60126d9c7
Size

92KB
MD5

72ed1371de773050454b299ac5c5eace
SHA1

5fffb0bbe3a5f992e268252a8dbe376d9bb54960
SHA256

870acb68bdf4d6dd9d73da7b6b9c9b074f256727c929017e797a56b60126d9c7
SHA512

0f1f9208733d8452c04a55479465f902691f7527e5742199238c94d3ab58c7b51a1f7b1c2a80b6352811fdba47da3e455356ecb6367d2568450b21c13e1b8340
SSDEEP

1536:3MKwz/ICReufC5uieCFvEY9TZXW+hlZq/dw/n2wLZ8q6X4QKc+3gZve:3MKwr5EYC5/WwTZmClZq/LWZ8fTKc+Sv

Score

N/A

Malware Config

Signatures

Files

870acb68bdf4d6dd9d73da7b6b9c9b074f256727c929017e797a56b60126d9c7
.dll windows x86

bda6a23a70ce970a2f698353f8c1523e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetVersion
GetModuleHandleA
lstrcpynA
GetHandleInformation
GetProcAddress
LoadLibraryA
IsValidLocale
GetSystemTime

shell32

StrCmpNA

shlwapi

PathSearchAndQualifyA
PathMatchSpecA
StrFromTimeIntervalA
SHRegGetUSValueA
PathIsUNCServerA
PathRemoveBackslashA
PathAppendA
StrPBrkA
PathRemoveExtensionA
PathGetDriveNumberA
PathSkipRootA
SHRegEnumUSValueA
PathParseIconLocationA
PathGetCharTypeA
PathUnquoteSpacesA
PathSetDlgItemPathA
SHRegCreateUSKeyA
PathStripToRootA
PathIsFileSpecA
PathRelativePathToA
PathIsRootA
PathRemoveArgsA
PathFindExtensionA
StrSpnA
SHEnumValueA
StrFormatByteSizeA
SHRegSetUSValueA

winspool.drv

AddFormA
DeleteFormA
SetPortA
GetPrintProcessorDirectoryA
ScheduleJob
ResetPrinterA
DeletePrinterConnectionA
GetPrinterDriverDirectoryA
EnumFormsA
EnumPrinterDataA
DocumentPropertiesA
AddMonitorA
AddPortA
DeletePrinterDataExA
EnumPrinterDriversA
GetJobA
AddPrinterA

msvcrt

_onexit
__dllonexit
_adjust_fdiv
malloc
_initterm
free
fread
sprintf
printf
ftell
fopen
fclose
fwrite
memset
fseek
_unlink

Exports

Exports

KIUODRG

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bda6a23a70ce970a2f698353f8c1523e

Headers

File Characteristics

Imports

kernel32

shell32

shlwapi

winspool.drv

msvcrt

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 26KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 52KB - Virtual size: 50KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 28KB - Virtual size: 26KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 52KB - Virtual size: 50KB

.reloc
Size: 4KB - Virtual size: 3KB