91a56ad76bd3a642b139e9103adb018681afa35064b49be23f983bab66378803

Sharing

Copy URL Twitter E-mail

General

Target

91a56ad76bd3a642b139e9103adb018681afa35064b49be23f983bab66378803
Size

270KB
MD5

c241ce04ec7f38e17f30377ac6a73f46
SHA1

480a88ff07a11d2343d45586e61aede7db03f4d3
SHA256

91a56ad76bd3a642b139e9103adb018681afa35064b49be23f983bab66378803
SHA512

818dc565e9e368a1976a6f97fe8a5d9615c9cee59134e98d1077337435a54ee05001ea950b42420ca06be3f6b3df111aa7deaee5e8a8a3558006ee5782c1b277
SSDEEP

6144:VIGVjELonbxPmhX4p2Osv0QGmJWP/XZKOFPXCCuFx/JS:VaybxuOpRsv0xD/XZlFPyZ5

Score

N/A

Malware Config

Signatures

Files

91a56ad76bd3a642b139e9103adb018681afa35064b49be23f983bab66378803
.exe windows x86

43c5beb7116369894852b18394f30371

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadCursorA
GetWindowThreadProcessId
CloseWindow
FindWindowA
MapDialogRect
GetWindow
FindWindowExA
IsZoomed
CreateDialogIndirectParamA
SetSysColors
BeginDeferWindowPos
DeferWindowPos
SetWindowPos
SetWindowTextA
GetDialogBaseUnits
GetNextDlgTabItem

gdi32

CreateCompatibleBitmap
AngleArc
CopyEnhMetaFileW
EndDoc
CloseEnhMetaFile
FrameRgn
CopyMetaFileW
CreateFontA
ExtEscape
AddFontResourceW
FloodFill
CloseMetaFile

advapi32

RegFlushKey
RegSaveKeyA
RegNotifyChangeKeyValue
RegDeleteKeyA
OpenProcessToken
RegUnLoadKeyA

kernel32

TlsGetValue
GetLastError
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
GetStringTypeA
CreateMutexA
SetEvent
GlobalSize
LocalFree
GetOverlappedResult
IsBadReadPtr
IsValidCodePage
LocalLock
WaitForMultipleObjects
LocalReAlloc
VirtualQueryEx
WideCharToMultiByte
GetThreadLocale
VirtualProtectEx
GetStringTypeW
GetPrivateProfileSectionA
GetPrivateProfileStringA
GetProcAddress
SetHandleInformation
VirtualAllocEx
LCMapStringW
LCMapStringA
MultiByteToWideChar
SetLastError
LoadLibraryA
HeapReAlloc
VirtualAlloc
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
HeapAlloc

winspool.drv

AddPrinterW
AddPrinterDriverExA
GetJobW
AddPrinterConnectionA
GetJobA
EnumPrintProcessorsW
DeletePrinterConnectionA

netapi32

NetUseDel
NetLocalGroupDelMembers
NetErrorLogWrite
NetAuditWrite
NetConnectionEnum
NetGroupAddUser
NetGetJoinInformation
NetGroupAdd
NetFileGetInfo

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.got
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

43c5beb7116369894852b18394f30371

Headers

File Characteristics

Imports

user32

gdi32

advapi32

kernel32

winspool.drv

netapi32

Sections

.text Size: 28KB - Virtual size: 28KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 344KB

.got Size: 212KB - Virtual size: 211KB

.rsrc Size: 22KB - Virtual size: 22KB

.text
Size: 28KB - Virtual size: 28KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 344KB

.got
Size: 212KB - Virtual size: 211KB

.rsrc
Size: 22KB - Virtual size: 22KB