c26be84f1e17d91d90ec5ef468792977c22f82e73b2b91fea3edf96c25ccc2d8

Sharing

Copy URL Twitter E-mail

General

Target

c26be84f1e17d91d90ec5ef468792977c22f82e73b2b91fea3edf96c25ccc2d8
Size

152KB
MD5

810afdb98431ebee4eaa2b3be3762623
SHA1

05dad38da65194d56efd3773cec2ea9dc1b79252
SHA256

c26be84f1e17d91d90ec5ef468792977c22f82e73b2b91fea3edf96c25ccc2d8
SHA512

24c4fa54e3096666b322acf2db02176ebd2b08bb4e163eed526de691a1cf7359b42381a4eb7b8256b2fd0ece761aa7081e40115d68388a7b8498038f9475577b
SSDEEP

3072:D4c9KCX9SDV6dRCFMbtJxczDKamMp6Pe4Pr/nFcSj:Mc9KCoV63CKxcyaT6jnFlj

Score

N/A

Malware Config

Signatures

Files

c26be84f1e17d91d90ec5ef468792977c22f82e73b2b91fea3edf96c25ccc2d8
.exe windows x86

669118ff8f2d9034b9037c19c5dbade4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DefWindowProcA
SetParent
EndDeferWindowPos
ExitWindowsEx
IntersectRect
GetClassNameA
IsWindowEnabled
DispatchMessageA
DrawIcon
LoadImageA
CheckMenuRadioItem
AppendMenuA
GetFocus
GetCursorPos
GetMessageA
GetClassInfoExA
EnumWindows
CallNextHookEx
GetWindowLongA
DrawTextA
InflateRect
ReleaseDC
SetFocus
RegisterClassExA
GetKeyNameTextA
GetWindowTextLengthA
CallWindowProcA

winspool.drv

SetFormA
ScheduleJob
ResetPrinterA
OpenPrinterA
GetPrinterA
GetPrinterDriverA
GetPrinterDriverDirectoryA
GetPrinterDataA
GetPrinterDataExA
GetPrintProcessorDirectoryA
GetJobA
EnumPrinterDriversA
EnumPrinterDataA
EnumPrinterDataExA

mprapi

MprAdminInterfaceTransportAdd
MprInfoCreate
MprInfoBlockSet
MprInfoBlockRemove
MprInfoBlockFind
MprAdminPortGetInfo
MprAdminPortEnum
MprAdminPortDisconnect
MprAdminInterfaceConnect
MprAdminInterfaceDeviceGetInfo
MprAdminInterfaceGetCredentialsEx
MprAdminInterfaceSetCredentials
MprInfoBlockQuerySize
MprAdminInterfaceTransportGetInfo
MprAdminMIBEntryCreate
MprAdminMIBEntryDelete
MprAdminMIBEntryGet
MprAdminPortClearStats

odbc32

ord26
ord24
ord72
ord154
ord58
ord59
ord28

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetConsoleCtrlHandler
SetEndOfFile
LCMapStringW
LCMapStringA
GetSystemInfo
VirtualProtect
GetLocaleInfoA
VirtualQuery
InterlockedExchange
LoadLibraryA
IsBadCodePtr
IsBadReadPtr
CreateFileA
FlushFileBuffers
SetStdHandle
GetCPInfo
GetOEMCP
GetACP
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
HeapSize
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetModuleFileNameA
GetStdHandle
WriteFile
SetUnhandledExceptionFilter
IsBadWritePtr
HeapReAlloc
VirtualAlloc
HeapCreate
HeapDestroy
SetFilePointer
VirtualFree
ReadFile
CloseHandle
GetLastError
GetVersionExA
GetCommandLineA
GetStartupInfoA
RaiseException
RtlUnwind
HeapAlloc
HeapFree
GetCurrentProcess
TerminateProcess
GetModuleHandleA
GetProcAddress
ExitProcess
VerLanguageNameA
WriteConsoleW
TlsAlloc
RemoveDirectoryA

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 517KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

669118ff8f2d9034b9037c19c5dbade4

Headers

File Characteristics

Imports

user32

winspool.drv

mprapi

odbc32

kernel32

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 44KB - Virtual size: 43KB

.data Size: 56KB - Virtual size: 517KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 44KB - Virtual size: 43KB

.data
Size: 56KB - Virtual size: 517KB

.reloc
Size: 8KB - Virtual size: 4KB