5de3e57e4b07cdadd0986cef212a8727de73cfc19f28f415f4f46423b24da1f5

Sharing

Copy URL Twitter E-mail

General

Target

5de3e57e4b07cdadd0986cef212a8727de73cfc19f28f415f4f46423b24da1f5
Size

364KB
MD5

07cf34e8151bdbf2e577ef29e4028d83
SHA1

b0425fc46e3d4acd6f138b6c4fb6c640356d0e78
SHA256

5de3e57e4b07cdadd0986cef212a8727de73cfc19f28f415f4f46423b24da1f5
SHA512

a48f4f0d1cdea00677669b5f49e588dd75cae8f4b39a08025afec329640caef31f23f6525cd1a2c68cd5b4dc76cd47e04e1ec4cab7f0f0e9d46c06a3b77e3aca
SSDEEP

6144:gcBpNuml5COW1zpziS9hGoz2nitj9801l+bZ7f3j5CDhFcPn3AJsCs2id4IXqIia:gsS2nL63Fc/32id4hQlsrzYhd6KlKpvG

Score

N/A

Malware Config

Signatures

Files

5de3e57e4b07cdadd0986cef212a8727de73cfc19f28f415f4f46423b24da1f5
.dll windows x86

12464ff1ef483f5ac64659ed36a4cc70

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
memcpy
_stricmp
_CIsqrt
iswctype
isspace
_adjust_fdiv
_amsg_exit
_initterm
free
malloc
_XcptFilter
_vsnprintf
_strlwr
??2@YAPAXI@Z
??3@YAXPAX@Z
wcsstr
wcsrchr
_purecall
_wcsnicmp
_strnicmp
_CIatan2
wcsncmp
qsort
strstr
atoi
strncmp
_wcsicmp

winspool.drv

EnumFormsW
GetPrinterDataW
GetPrinterDriverW
GetPrinterW
WritePrinter
FlushPrinter

kernel32

GetFileSize
UnmapViewOfFile
CreateFileMappingW
MapViewOfFile
FindResourceW
LoadResource
LockResource
SizeofResource
GetFileAttributesExW
DeleteFileW
GetTempFileNameW
MoveFileExW
WriteFile
GetSystemDefaultLCID
SetLastError
LocalAlloc
HeapDestroy
LocalFree
GetVersionExW
MulDiv
GetProcAddress
InterlockedIncrement
InterlockedDecrement
HeapCreate
HeapAlloc
HeapFree
GetProcessHeap
GetModuleHandleW
GetVersion
InterlockedExchange
Sleep
InterlockedCompareExchange
RtlUnwind
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetLastError
VerifyVersionInfoW
VerSetConditionMask
LoadLibraryW
GetSystemDirectoryW
CloseHandle
CompareFileTime
GetFileTime
CreateFileW
FreeLibrary
LoadLibraryExW
SetErrorMode
WideCharToMultiByte
MultiByteToWideChar
HeapReAlloc

ole32

CoInitializeEx
CoUninitialize
CoCreateInstance

gdi32

EngGetCurrentCodePage
EngFreeModule
EngCreateDeviceSurface
EngCreateBitmap
EngDeleteSurface
CLIPOBJ_ppoGetPath
EngDeletePath
PATHOBJ_vGetBounds
XLATEOBJ_piVector
STROBJ_bEnum
XLATEOBJ_iXlate
EngStretchBltROP
XLATEOBJ_cGetPalette
EngUnicodeToMultiByteN
FONTOBJ_pvTrueTypeFontFile
STROBJ_bGetAdvanceWidths
FONTOBJ_vGetInfo
EngMultiByteToWideChar
EngFindResource
EngLoadModule
FONTOBJ_pifi
FONTOBJ_pxoGetXform
EngTextOut
STROBJ_vEnumStart
STROBJ_bEnumPositionsOnly
FONTOBJ_cGetGlyphs
CLIPOBJ_cEnumStart
CLIPOBJ_bEnum
XFORMOBJ_iGetXform
BRUSHOBJ_ulGetBrushColor
BRUSHOBJ_pvGetRbrush
EngTransparentBlt
EngGradientFill
EngAlphaBlend
EngLineTo
EngStrokeAndFillPath
EngFillPath
EngStrokePath
EngPaint
EngPlgBlt
EngStretchBlt
EngCopyBits
EngEraseSurface
EngBitBlt
BRUSHOBJ_pvAllocRbrush
PATHOBJ_vEnumStart
PATHOBJ_bEnum
XFORMOBJ_bApplyXform
EngCreatePalette
HT_Get8BPPFormatPalette
HT_Get8BPPMaskPalette
EngAssociateSurface
EngLockSurface
EngMarkBandingSurface
EngUnlockSurface
EngDeletePalette

Exports

Exports

DllMain
DrvDisableDriver
DrvEnableDriver
DrvQueryDriverInfo

Sections

.text
Size: 353KB - Virtual size: 352KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

12464ff1ef483f5ac64659ed36a4cc70

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

winspool.drv

kernel32

ole32

gdi32

Exports

Exports

Sections

.text Size: 353KB - Virtual size: 352KB

.data Size: 2KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 1016B

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 353KB - Virtual size: 352KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 1016B

.reloc
Size: 7KB - Virtual size: 6KB