205612ec87d09d0d6c8130df69ec7536f2a7146dd56ee9716b7284b5190b33bc

Sharing

Copy URL Twitter E-mail

General

Target

205612ec87d09d0d6c8130df69ec7536f2a7146dd56ee9716b7284b5190b33bc
Size

63KB
MD5

11157dc923e46137180baa729dea5596
SHA1

a3a1c13c9f22c483fde61215634a38ea9468beba
SHA256

205612ec87d09d0d6c8130df69ec7536f2a7146dd56ee9716b7284b5190b33bc
SHA512

d993c89ee17c513652dc2306eed7e50e6c0c3e7599ab57c7debc3247e499d5500db02c4f7704661307b258d1aa7a64bf5263994445504b04a39e5e0342b312c4
SSDEEP

1536:CkgP1HdcQDxs7h0CgbvnBQ6EelCJ9gSK:CJ19cQ16iCgbPxbCJ9gd

Score

N/A

Malware Config

Signatures

Files

205612ec87d09d0d6c8130df69ec7536f2a7146dd56ee9716b7284b5190b33bc
.exe windows x86

40a9f86e436c59b14f44997ba64607e2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
CreateFileA
ReadFile
lstrcpynA
CloseHandle
SetFilePointer
GetModuleHandleA
LocalHandle
GlobalAlloc
SetStdHandle
LoadLibraryA
GetLastError
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
WideCharToMultiByte
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
MultiByteToWideChar
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetStringTypeA
GetStringTypeW
lstrcatA
HeapFree
GetProcAddress
lstrlenA
LocalFree
LocalAlloc
lstrcpyA
VirtualAlloc
FlushFileBuffers
HeapAlloc
GlobalFree
GlobalLock
lstrcmpiA
GlobalUnlock

user32

RegisterClassA
DispatchMessageA
TranslateMessage
LoadAcceleratorsA
TranslateAcceleratorA
GetMessageA
ShowWindow
CreateWindowExA
GetSystemMetrics
LoadStringA
EnableWindow
GetSysColor
GetMenu
EnableMenuItem
MessageBeep
GetDlgItemTextA
SendDlgItemMessageA
EndDialog
PostQuitMessage
GetDC
SetWindowLongA
SendMessageA
ReleaseDC
PostMessageA
SetFocus
DefWindowProcA
DialogBoxParamA
BeginPaint
GetClientRect
FillRect
EndPaint
LoadIconA
LoadCursorA
MessageBoxA

gdi32

CreatePen
GetStockObject
GetTextMetricsA
TextOutA
SetBkMode
DeleteObject
SetTextColor
LineTo
MoveToEx
SelectObject

winspool.drv

EnumPrintersA

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 951B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 647KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

40a9f86e436c59b14f44997ba64607e2

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

version

Sections

.text Size: 40KB - Virtual size: 40KB

.rdata Size: 1024B - Virtual size: 951B

.data Size: 12KB - Virtual size: 647KB

.idata Size: 3KB - Virtual size: 2KB

.rsrc Size: 5KB - Virtual size: 116KB

.text
Size: 40KB - Virtual size: 40KB

.rdata
Size: 1024B - Virtual size: 951B

.data
Size: 12KB - Virtual size: 647KB

.idata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 5KB - Virtual size: 116KB