372f23855c34c386f150b407ead48c0df971a60033d6523413d22cde7a5404e0

Sharing

Copy URL Twitter E-mail

General

Target

372f23855c34c386f150b407ead48c0df971a60033d6523413d22cde7a5404e0
Size

267KB
MD5

153e9e10b92c557f07d3e089442bbd0a
SHA1

2881b8b1140c267dfbb4118354a482952915051a
SHA256

372f23855c34c386f150b407ead48c0df971a60033d6523413d22cde7a5404e0
SHA512

9a7b987c91523965f3417c45b06a151d9d088da416afc9c2a3a1313d2a458a7dadd80bc7319789a43b2f1da7391fde4baa1118586673caf205f43f6673fdbe85
SSDEEP

3072:3GlxnBz9w8A1jwDHmcAB+F2SHp13GqlVkRm3l7Vt57deWxLX9l2QOKRs9UE+4y/R:Sq5wDdCn6PlVDPuWxhh5aMyAWmOyR

Score

N/A

Malware Config

Signatures

Files

372f23855c34c386f150b407ead48c0df971a60033d6523413d22cde7a5404e0
.exe windows x86

239199da8d7b8456b323bf501b3c091d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CancelWaitableTimer
HeapSize
SetWaitableTimer
FormatMessageW
RegisterWaitForSingleObject
GetCurrentThreadId
RaiseException
LockResource
LoadResource
GlobalUnlock
ResetEvent
FindResourceW
WriteFile
UnhandledExceptionFilter
CreateProcessW
SetUnhandledExceptionFilter
QueueUserAPC
WaitForMultipleObjects
InitializeCriticalSectionAndSpinCount
FindResourceExW
HeapReAlloc
LoadLibraryExW
HeapDestroy
GetModuleHandleW
SleepEx
lstrlenW
TlsSetValue
CreateNamedPipeW
HeapFree
IsDebuggerPresent
DisconnectNamedPipe
CreateFileW
CloseHandle
TerminateThread
DuplicateHandle
UnregisterWaitEx
ConnectNamedPipe
GlobalLock
CancelIo
CreateEventW
FreeLibrary
LocalAlloc
SizeofResource
CreateSemaphoreW
DeleteCriticalSection
GetSystemTimeAsFileTime
HeapAlloc
WaitForSingleObject
EnterCriticalSection
GetProcessHeap
ReadFile
GlobalSize
LocalFree
ResumeThread
LeaveCriticalSection
SetNamedPipeHandleState
GetExitCodeThread
ReleaseSemaphore
lstrlenA
OpenThread
CreateWaitableTimerW
GetOverlappedResult
WaitForMultipleObjectsEx
GetTimeFormatA
VirtualAllocEx
GetModuleHandleA

advapi32

TraceMessage
GetTraceLoggerHandle
RegQueryValueExW
GetTraceEnableFlags
ControlTraceW
UnregisterTraceGuids
RegOpenKeyExW
OpenProcessToken
RegisterTraceGuidsW
GetTraceEnableLevel
RegCloseKey
GetTokenInformation
ConvertSidToStringSidW

user32

CloseClipboard
RegisterClipboardFormatW
DestroyWindow
CharNextW
GetWindowThreadProcessId
UnregisterClassW
ChangeClipboardChain
PostThreadMessageW
IsWindow
TranslateMessage
DispatchMessageW
GetActiveWindow
PostMessageW
EnumWindows
DefWindowProcW
GetOpenClipboardWindow
IsClipboardFormatAvailable
SendMessageW
OpenClipboard
RegisterClassExW
GetClipboardData
GetMessageW
CreateWindowExW
EmptyClipboard
SetClipboardViewer

oleaut32

VariantClear

shlwapi

PathAddBackslashW

iphlpapi

GetAdaptersInfo

ole32

IIDFromString

winspool.drv

DocumentEvent
GetPrinterA
EXTDEVICEMODE
EnumFormsW
StartDocDlgA
PrinterMessageBoxA
AddPrinterDriverExW
ClosePrinter
AddPrinterW
AddPrinterConnectionW
SetPortA
DeletePrintProcessorA
DeletePrinterDataW
SetPrinterDataExW

tapi3

DllUnregisterServer

Sections

.RINL
Size: 2KB - Virtual size: 7KB

IMAGE_SCN_MEM_READ

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.IZRX
Size: 1024B - Virtual size: 746B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bbFc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.FmeaFg
Size: 1024B - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.IKbndOu
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.urRr
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.YsLvTY
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.iHgb
Size: 512B - Virtual size: 464B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xPLULCD
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 209KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.GtQUiIX
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gIfquFO
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

239199da8d7b8456b323bf501b3c091d

Headers

File Characteristics

Imports

kernel32

advapi32

user32

oleaut32

shlwapi

iphlpapi

ole32

winspool.drv

tapi3

Sections

.RINL Size: 2KB - Virtual size: 7KB

.text Size: 16KB - Virtual size: 16KB

.IZRX Size: 1024B - Virtual size: 746B

.bbFc Size: 3KB - Virtual size: 2KB

.FmeaFg Size: 1024B - Virtual size: 672B

.IKbndOu Size: 3KB - Virtual size: 2KB

.urRr Size: 2KB - Virtual size: 1KB

.YsLvTY Size: 1KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 108KB

.iHgb Size: 512B - Virtual size: 464B

.xPLULCD Size: 2KB - Virtual size: 1KB

.rdata Size: 209KB - Virtual size: 208KB

.GtQUiIX Size: 2KB - Virtual size: 2KB

.gIfquFO Size: 3KB - Virtual size: 2KB

.rsrc Size: 10KB - Virtual size: 10KB

.RINL
Size: 2KB - Virtual size: 7KB

.text
Size: 16KB - Virtual size: 16KB

.IZRX
Size: 1024B - Virtual size: 746B

.bbFc
Size: 3KB - Virtual size: 2KB

.FmeaFg
Size: 1024B - Virtual size: 672B

.IKbndOu
Size: 3KB - Virtual size: 2KB

.urRr
Size: 2KB - Virtual size: 1KB

.YsLvTY
Size: 1KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 108KB

.iHgb
Size: 512B - Virtual size: 464B

.xPLULCD
Size: 2KB - Virtual size: 1KB

.rdata
Size: 209KB - Virtual size: 208KB

.GtQUiIX
Size: 2KB - Virtual size: 2KB

.gIfquFO
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 10KB - Virtual size: 10KB