1c0012b7f3c43fa266f00b5d6642fcd8a2f6a88c7932a01532610d43ce56b3b5

Sharing

Copy URL Twitter E-mail

General

Target

1c0012b7f3c43fa266f00b5d6642fcd8a2f6a88c7932a01532610d43ce56b3b5
Size

267KB
MD5

5943506f35c53f03b08c1540e12ce755
SHA1

f2b72afbfb92013c54f43962eaad8f3167cb5f52
SHA256

1c0012b7f3c43fa266f00b5d6642fcd8a2f6a88c7932a01532610d43ce56b3b5
SHA512

3f470e014f9a232582c254549b863f7d8b114a55fa87cc60086b72c69edf8a794189382c019d9672115fab6f75e36c8806bad05387a677c48a310f275d59d5a6
SSDEEP

3072:YGlxnBz9w8A1jwDHmcAB+F2SHp13GqlVkRm3l7Vt57deWxLX9l2QOKRs9UE+4y/R:Zq5wDdCn6PlVDPuWxhh5aMyAWmOyR

Score

N/A

Malware Config

Signatures

Files

1c0012b7f3c43fa266f00b5d6642fcd8a2f6a88c7932a01532610d43ce56b3b5
.exe windows x86

239199da8d7b8456b323bf501b3c091d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CancelWaitableTimer
HeapSize
SetWaitableTimer
FormatMessageW
RegisterWaitForSingleObject
GetCurrentThreadId
RaiseException
LockResource
LoadResource
GlobalUnlock
ResetEvent
FindResourceW
WriteFile
UnhandledExceptionFilter
CreateProcessW
SetUnhandledExceptionFilter
QueueUserAPC
WaitForMultipleObjects
InitializeCriticalSectionAndSpinCount
FindResourceExW
HeapReAlloc
LoadLibraryExW
HeapDestroy
GetModuleHandleW
SleepEx
lstrlenW
TlsSetValue
CreateNamedPipeW
HeapFree
IsDebuggerPresent
DisconnectNamedPipe
CreateFileW
CloseHandle
TerminateThread
DuplicateHandle
UnregisterWaitEx
ConnectNamedPipe
GlobalLock
CancelIo
CreateEventW
FreeLibrary
LocalAlloc
SizeofResource
CreateSemaphoreW
DeleteCriticalSection
GetSystemTimeAsFileTime
HeapAlloc
WaitForSingleObject
EnterCriticalSection
GetProcessHeap
ReadFile
GlobalSize
LocalFree
ResumeThread
LeaveCriticalSection
SetNamedPipeHandleState
GetExitCodeThread
ReleaseSemaphore
lstrlenA
OpenThread
CreateWaitableTimerW
GetOverlappedResult
WaitForMultipleObjectsEx
GetTimeFormatA
VirtualAllocEx
GetModuleHandleA

advapi32

TraceMessage
GetTraceLoggerHandle
RegQueryValueExW
GetTraceEnableFlags
ControlTraceW
UnregisterTraceGuids
RegOpenKeyExW
OpenProcessToken
RegisterTraceGuidsW
GetTraceEnableLevel
RegCloseKey
GetTokenInformation
ConvertSidToStringSidW

user32

CloseClipboard
RegisterClipboardFormatW
DestroyWindow
CharNextW
GetWindowThreadProcessId
UnregisterClassW
ChangeClipboardChain
PostThreadMessageW
IsWindow
TranslateMessage
DispatchMessageW
GetActiveWindow
PostMessageW
EnumWindows
DefWindowProcW
GetOpenClipboardWindow
IsClipboardFormatAvailable
SendMessageW
OpenClipboard
RegisterClassExW
GetClipboardData
GetMessageW
CreateWindowExW
EmptyClipboard
SetClipboardViewer

oleaut32

VariantClear

shlwapi

PathAddBackslashW

iphlpapi

GetAdaptersInfo

ole32

IIDFromString

winspool.drv

DocumentEvent
GetPrinterA
EXTDEVICEMODE
EnumFormsW
StartDocDlgA
PrinterMessageBoxA
AddPrinterDriverExW
ClosePrinter
AddPrinterW
AddPrinterConnectionW
SetPortA
DeletePrintProcessorA
DeletePrinterDataW
SetPrinterDataExW

tapi3

DllUnregisterServer

Sections

.RINL
Size: 2KB - Virtual size: 7KB

IMAGE_SCN_MEM_READ

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.IZRX
Size: 1024B - Virtual size: 746B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bbFc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.FmeaFg
Size: 1024B - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.IKbndOu
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.urRr
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.YsLvTY
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.iHgb
Size: 512B - Virtual size: 464B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xPLULCD
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 209KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.GtQUiIX
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gIfquFO
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

239199da8d7b8456b323bf501b3c091d

Headers

File Characteristics

Imports

kernel32

advapi32

user32

oleaut32

shlwapi

iphlpapi

ole32

winspool.drv

tapi3

Sections

.RINL Size: 2KB - Virtual size: 7KB

.text Size: 16KB - Virtual size: 16KB

.IZRX Size: 1024B - Virtual size: 746B

.bbFc Size: 3KB - Virtual size: 2KB

.FmeaFg Size: 1024B - Virtual size: 672B

.IKbndOu Size: 3KB - Virtual size: 2KB

.urRr Size: 2KB - Virtual size: 1KB

.YsLvTY Size: 1KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 108KB

.iHgb Size: 512B - Virtual size: 464B

.xPLULCD Size: 2KB - Virtual size: 1KB

.rdata Size: 209KB - Virtual size: 208KB

.GtQUiIX Size: 2KB - Virtual size: 2KB

.gIfquFO Size: 3KB - Virtual size: 2KB

.rsrc Size: 10KB - Virtual size: 10KB

.RINL
Size: 2KB - Virtual size: 7KB

.text
Size: 16KB - Virtual size: 16KB

.IZRX
Size: 1024B - Virtual size: 746B

.bbFc
Size: 3KB - Virtual size: 2KB

.FmeaFg
Size: 1024B - Virtual size: 672B

.IKbndOu
Size: 3KB - Virtual size: 2KB

.urRr
Size: 2KB - Virtual size: 1KB

.YsLvTY
Size: 1KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 108KB

.iHgb
Size: 512B - Virtual size: 464B

.xPLULCD
Size: 2KB - Virtual size: 1KB

.rdata
Size: 209KB - Virtual size: 208KB

.GtQUiIX
Size: 2KB - Virtual size: 2KB

.gIfquFO
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 10KB - Virtual size: 10KB