1c833007069433279734ba7acc7f7d64f6b4d7cbd2eb358fdd826f348395a52a

General

Target

1c833007069433279734ba7acc7f7d64f6b4d7cbd2eb358fdd826f348395a52a
Size

1017KB
MD5

598e9bb4fd06c37d5fa72dc6c444cb0a
SHA1

75b7cdba3011e746fc93d9c8a0fa2873cc006476
SHA256

1c833007069433279734ba7acc7f7d64f6b4d7cbd2eb358fdd826f348395a52a
SHA512

2fcbc7607bd99e7791612647fa2ed3ce983d000a9239e3f8676ac14ca91264ac927345bd11ad83db3ae252512d5c535d1aeccac2cc05807c26223502ecd4af8c
SSDEEP

24576:iY3djZRkYlC+RPfILZRlsn5WDA4UKM60RqIk:iY3jaSC4PqZwjz

Score

N/A

Malware Config

Signatures

Files

1c833007069433279734ba7acc7f7d64f6b4d7cbd2eb358fdd826f348395a52a
.exe windows x86

96139596467c50434071a8114f260eb4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

dbghelp

ImageDirectoryEntryToDataEx
SymRegisterCallback64
ImageDirectoryEntryToData
ImageNtHeader
EnumerateLoadedModules
ImageRvaToVa
SymSetOptions

advapi32

RegisterServiceCtrlHandlerExA
WmiFileHandleToInstanceNameW
LsaEnumerateAccountRights
RegNotifyChangeKeyValue
RegQueryMultipleValuesA
CreateProcessAsUserA
WmiNotificationRegistrationW
AddAccessAllowedObjectAce
RegLoadKeyW
SetFileSecurityA
AddAccessAllowedAceEx
EnumServicesStatusExA

winspool.drv

SetJobW
EnumPrintProcessorsW
PrinterProperties
AddMonitorA
DocumentPropertiesW
AddPrinterDriverExW
WritePrinter
AddPrintProcessorW
DeletePrintProcessorW
GetPrintProcessorDirectoryW
AddPrinterW
FindNextPrinterChangeNotification
AddPrinterDriverW
EnumPrinterDataW
GetPrinterDriverW
EnumPrinterDataExW

kernel32

HeapCreate
LocalCompact
CreateDirectoryA
OpenProcess
GetConsoleAliasA
GetDriveTypeA
_lcreat
WaitForMultipleObjectsEx
ConnectNamedPipe
LocalLock
GetPrivateProfileIntW
VirtualAlloc
GetDiskFreeSpaceW
WritePrivateProfileStringW

netapi32

NetpIsRemote
DsGetDcNameWithAccountW
NetFileGetInfo
NetUserSetInfo
DsGetSiteNameW
NetQueryDisplayInformation
NetUseGetInfo
NetServerEnum
NetUserGetLocalGroups
NetShareDelSticky
NetGroupDelUser

Sections

.text
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.BgKcLL
Size: 790KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

96139596467c50434071a8114f260eb4

Headers

File Characteristics

Imports

dbghelp

advapi32

winspool.drv

kernel32

netapi32

Sections

.text Size: 103KB - Virtual size: 103KB

.BgKcLL Size: 790KB - Virtual size: 1.3MB

.rsrc Size: 121KB - Virtual size: 121KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 103KB - Virtual size: 103KB

.BgKcLL
Size: 790KB - Virtual size: 1.3MB

.rsrc
Size: 121KB - Virtual size: 121KB

.reloc
Size: 1KB - Virtual size: 1KB