93527b52a1094ae6658f64cff70c70e3cdb9d0b80912d55b0d93da912dc4e642

Sharing

Copy URL

Twitter E-mail

General

Target

93527b52a1094ae6658f64cff70c70e3cdb9d0b80912d55b0d93da912dc4e642
Size

339KB
MD5

ddbea14aa39e9d30074e7ebfc6a95f55
SHA1

1f2a71d36d059040153d281969b07f9364d5c2b4
SHA256

93527b52a1094ae6658f64cff70c70e3cdb9d0b80912d55b0d93da912dc4e642
SHA512

a49d755c24d704bf0aef0bb85160a6b8c5cfaf0045afc31560ec5fa82ae502df2a8f3410b1ac33b274343e5d7fb0f3b41dd9ffde23de30024863a687cf0910cf
SSDEEP

6144:6RgJZRbMK79GfHiEQF9BcvT/9BwviZ27vyQOxcUkripfpf2n1MArJ:iSMmGfLQF9Sr/9iiZBQOqXepfpf2n1M4

Score

N/A

Malware Config

Signatures

Files

93527b52a1094ae6658f64cff70c70e3cdb9d0b80912d55b0d93da912dc4e642
.exe windows x86

9f7f6ee2e3b55fb1758f678fc33a090b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetWindowPlacement
IsWindowUnicode
CreateDialogIndirectParamA
ChildWindowFromPoint
IsZoomed
CloseWindow
GetNextDlgTabItem
CreateDialogParamA
EndDeferWindowPos
MapDialogRect
GetWindowPlacement
MessageBoxA
LoadCursorA
DispatchMessageA
SetClipboardData
GetClipboardData
LoadIconA
CreateWindowExA

gdi32

GetBrushOrgEx
CombineTransform
Ellipse
EqualRgn
CreateFontW
CopyMetaFileA
CombineRgn
DeleteMetaFile
ChoosePixelFormat
ExtCreateRegion
CreateCompatibleDC

advapi32

OpenEventLogW
RegEnumKeyExA
OpenBackupEventLogW
GetOldestEventLogRecord
ClearEventLogA
ReportEventW
ReportEventA
RegisterEventSourceW

kernel32

FoldStringA
GlobalFree
GetPrivateProfileStringA
WriteProfileStringA
GetProcAddress
GetStartupInfoA
GetTickCount
GetACP
GetStdHandle
GetCommandLineA
GetProcessHeap
GetModuleHandleA
QueryPerformanceCounter
GetLastError
FreeEnvironmentStringsA
VirtualAllocEx
GetModuleFileNameA
GetEnvironmentVariableA
VerLanguageNameA
HeapReAlloc
LocalAlloc
EnterCriticalSection
GlobalLock
GetTimeFormatA
VirtualUnlock
HeapSize
LocalHandle
GetUserDefaultLangID

version

VerInstallFileA
VerFindFileA
GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

winspool.drv

AddJobA
EnumPrinterDriversA
AddFormA
GetJobA
GetPrinterDriverW
AbortPrinter
EnumPrintProcessorsA
EnumPrintProcessorsW
AddPrinterConnectionA
AddPrinterA
DeleteFormA
GetJobW
DeletePrinterDataA
GetPrinterW
ConfigurePortA

netapi32

NetRemoteComputerSupports
NetAuditClear
Netbios
NetErrorLogClear
NetConfigGetAll
NetErrorLogRead
NetAuditRead
NetAuditWrite
NetGetJoinableOUs
NetGetJoinInformation
NetConnectionEnum
NetFileEnum
NetConfigGet
NetFileClose

msvcrt

__p__commode
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__fmode
__set_app_type
_except_handler3
_controlfp
exit
_XcptFilter
_exit
_acmdln

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 314KB - Virtual size: 414KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f7f6ee2e3b55fb1758f678fc33a090b

Headers

File Characteristics

Imports

user32

gdi32

advapi32

kernel32

version

winspool.drv

netapi32

msvcrt

Sections

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 314KB - Virtual size: 414KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 314KB - Virtual size: 414KB

.rsrc
Size: 4KB - Virtual size: 3KB