e9d042a8814c8b87bc727b708553f11a8621ad5178a3c17ebe54a9a22ee24dce

General

Target

e9d042a8814c8b87bc727b708553f11a8621ad5178a3c17ebe54a9a22ee24dce
Size

626KB
MD5

fb62e200f8442793ebcf62a7d07cc534
SHA1

a724b7bc304ed48519dbc1f319249ae7ac527b90
SHA256

e9d042a8814c8b87bc727b708553f11a8621ad5178a3c17ebe54a9a22ee24dce
SHA512

a7d070252cce3c41174bf4b779a34ef1da07a28835a03146ec8afbd0d8483879b54f98760de8629fc2873786ff19ab25841823eafe766d86946052a17c919e6c
SSDEEP

12288:5Tsi+QKSVDBdCqyveWl3rfg3Sd8uLEm9A0M2:Wi+QHD/Cqyv13k3w4f2

Score

N/A

Malware Config

Signatures

Files

e9d042a8814c8b87bc727b708553f11a8621ad5178a3c17ebe54a9a22ee24dce
.exe windows x86

0da36053a60c2ccb2dcbffb37c014091

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
IsValidLocale
HeapWalk
FreeLibrary
GetProcAddress
SetNamedPipeHandleState
ReadFile
GetModuleHandleA
DosDateTimeToFileTime
GetHandleInformation
GetLocalTime
LoadLibraryA
PurgeComm
MapViewOfFileEx
GetVersion
OpenSemaphoreW
FindNextVolumeMountPointW
GetSystemTime
SetConsoleKeyShortcuts

user32

DrawStateA
CascadeWindows
TileChildWindows

winspool.drv

ConfigurePortA
ord209
EnumPrintProcessorDatatypesW
ClosePrinter
DeleteFormW
DeletePrintProcessorA
EnumJobsW
ord207
EnumJobsA
AddPrinterDriverExW
DocumentPropertiesA
EnumPrintProcessorsA
DeletePortW
DeletePrinterDataA
AddMonitorA
DeletePrinterDataExW
EnumPrintProcessorDatatypesA
AddPortA
AddJobA
EnumFormsA
OpenPrinterA
GetPrintProcessorDirectoryA
SetPrinterDataA
EnumPortsW
ord256
DeleteMonitorA

msvcrt

memset
_unlink
fsetpos
ferror
fwprintf
_wexecve
fclose
fseek
fopen
sprintf
printf
strrchr
fwrite
_strerror
feof
fread
fputs
fprintf
ftell
fputc
getenv

Sections

.text
Size: 604KB - Virtual size: 602KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0da36053a60c2ccb2dcbffb37c014091

Headers

File Characteristics

Imports

kernel32

user32

winspool.drv

msvcrt

Sections

.text Size: 604KB - Virtual size: 602KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 12KB - Virtual size: 8KB

.text
Size: 604KB - Virtual size: 602KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 12KB - Virtual size: 8KB