a01d8356c4001c502351eb3e0f1a7de8d096aca6a2eea5561723c3176e4d4437

General

Target

a01d8356c4001c502351eb3e0f1a7de8d096aca6a2eea5561723c3176e4d4437
Size

244KB
MD5

8cabd61c34e0169125dba74726d1fa9d
SHA1

70a0b10f7f824042b4881a3d2370826dce60ca02
SHA256

a01d8356c4001c502351eb3e0f1a7de8d096aca6a2eea5561723c3176e4d4437
SHA512

94b489612c78085abfbc1859ef51ad9dd08069f216b1e49dba521f7c494abeea9c5cfe26cbd3e830f0125eb0428f071b86c0fc30b665a252c7c08e0650fff20c
SSDEEP

3072:Ri503jKRtp82vflPP4iTz2aXBJrU2EK7j+9eBxvnbK77tANvzTPRVl2lfE0:Rwrtp8OP3z/XBlU47j+ABxm77S4lfE

Score

N/A

Malware Config

Signatures

Files

a01d8356c4001c502351eb3e0f1a7de8d096aca6a2eea5561723c3176e4d4437
.exe windows x86

6be81e63720784c46030c4c9769fdd13

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ShowWindowAsync
GetWindowTextA
GetWindowRect
DefDlgProcA
SendDlgItemMessageA
ArrangeIconicWindows
DeferWindowPos
EndDeferWindowPos
CascadeWindows
GetNextDlgGroupItem

kernel32

GetStartupInfoA
GetModuleHandleA
GetEnvironmentVariableA
FreeEnvironmentStringsA
OpenMutexA
ReleaseSemaphore
LocalReAlloc
LocalFree
TlsSetValue
SetEvent
GetProcAddress
GetStdHandle
LocalHandle
LocalLock
QueryPerformanceCounter
ReleaseMutex
GetProcessHeap
ResumeThread
TlsGetValue
GetACP
GetLastError
SuspendThread
VirtualAlloc

winspool.drv

ClosePrinter
AddFormA
AdvancedDocumentPropertiesA
AddPrinterA
DeleteFormA
AddJobA
DeletePrinter
ConfigurePortA
AddPrinterConnectionA
DeletePrinterKeyA
DeletePrinterDataA
DeletePrinterConnectionA
ConnectToPrinterDlg
AbortPrinter

msvcrt

_XcptFilter
_exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
exit
_controlfp
_except_handler3

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 210KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 329KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6be81e63720784c46030c4c9769fdd13

Headers

File Characteristics

Imports

user32

kernel32

winspool.drv

msvcrt

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 210KB - Virtual size: 209KB

.data Size: 512B - Virtual size: 329KB

.rsrc Size: 19KB - Virtual size: 19KB

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 210KB - Virtual size: 209KB

.data
Size: 512B - Virtual size: 329KB

.rsrc
Size: 19KB - Virtual size: 19KB