bf56a5da890d0c7512151b757b6bb21abf2eab581621fa4b7e41de1035cb0a9c

Sharing

Copy URL Twitter E-mail

General

Target

bf56a5da890d0c7512151b757b6bb21abf2eab581621fa4b7e41de1035cb0a9c
Size

216KB
MD5

a7c591ec49519bed2446dc4e006b0ce4
SHA1

5b781f1e6b3d18105822113c744bae7f1bc569ea
SHA256

bf56a5da890d0c7512151b757b6bb21abf2eab581621fa4b7e41de1035cb0a9c
SHA512

74c5fb3f15a81330a5dc224246dcddedcff98f36c646d3127aaab410a4fde40f4a5620b69e22faf79b366aa672b6c538d606286d90768037a213332a0bbc3334
SSDEEP

3072:OfQmiI33QX4uLw92oX2xI6r9W3ax2kI6sUYzhOOrQDJGTJl7Mf+QBnMg8x:uQo8E927I6Jl/I6sUYF7IJGNlQrBb

Score

N/A

Malware Config

Signatures

Files

bf56a5da890d0c7512151b757b6bb21abf2eab581621fa4b7e41de1035cb0a9c
.exe windows x86

b265b286657edcc144ded6ffdaab6beb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winspool.drv

GetPrinterA
OpenPrinterA
ClosePrinter
DocumentPropertiesA
DeletePrinterConnectionA
GetJobA

secur32

ImpersonateSecurityContext
DeleteSecurityContext
InitializeSecurityContextA
FreeCredentialsHandle
AcquireCredentialsHandleA
FreeContextBuffer

comdlg32

ChooseFontA
CommDlgExtendedError
GetSaveFileNameA
GetOpenFileNameA
GetFileTitleA

kernel32

LeaveCriticalSection
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
GetFileAttributesA
GetTempFileNameA
CopyFileA
GetShortPathNameA
GetEnvironmentVariableA
WaitForMultipleObjects
InterlockedCompareExchange
InterlockedDecrement
QueryPerformanceCounter
CreateFileA
GetWindowsDirectoryA
GetSystemTime
OpenProcess
GetVersionExA
GetDateFormatA
LoadResource
GetModuleHandleA
InitializeCriticalSection
EnterCriticalSection
Sleep
FreeLibrary
LoadLibraryA
GetProcAddress
SetTapePosition
VirtualProtect
AddAtomA
GetSystemInfo
GetVolumeInformationA
ExitProcess
TerminateProcess
GetCurrentProcess
HeapFree
HeapReAlloc
HeapAlloc
GetCommandLineA
GetLastError
CloseHandle
ReadFile
DeleteCriticalSection
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
TlsAlloc
SetLastError
GetCurrentThreadId
TlsFree
TlsSetValue
TlsGetValue
SetStdHandle
FlushFileBuffers
RtlUnwind
InterlockedExchange
VirtualQuery
SetFilePointer
HeapSize
GetACP
GetOEMCP
GetCPInfo
SetEndOfFile

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 333KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b265b286657edcc144ded6ffdaab6beb

Headers

File Characteristics

Imports

winspool.drv

secur32

comdlg32

kernel32

Sections

.text Size: 40KB - Virtual size: 36KB

.rdata Size: 88KB - Virtual size: 86KB

.data Size: 80KB - Virtual size: 333KB

.rsrc Size: 4KB - Virtual size: 264B

.text
Size: 40KB - Virtual size: 36KB

.rdata
Size: 88KB - Virtual size: 86KB

.data
Size: 80KB - Virtual size: 333KB

.rsrc
Size: 4KB - Virtual size: 264B