b9681991cd388efb331e682d5d2619907a3b8b8f70ae494ce0c2967534745bf1

General

Target

b9681991cd388efb331e682d5d2619907a3b8b8f70ae494ce0c2967534745bf1
Size

16KB
MD5

0ed20fc92c672fc880d2adfac1c54d60
SHA1

935d1403d6bc76d8799632a31a9313d819b8a6cf
SHA256

b9681991cd388efb331e682d5d2619907a3b8b8f70ae494ce0c2967534745bf1
SHA512

3de18ec47ac678cf1bb439d8a75251fe7cdea98327ec675363716a6e9a5f17b7289d46517d2384fac0267c0528130669fc2bd07a9af01f8781a98943e7c2da09
SSDEEP

384:V1LCtNOxpLkHughzpqpPA2R5PmUqZKsGWJYu4u8w:VstNUyVhzpyR5mhcZWJP8w

Score

N/A

Malware Config

Signatures

Files

b9681991cd388efb331e682d5d2619907a3b8b8f70ae494ce0c2967534745bf1
.exe windows x86

40ea8d40a7a5bd8195192c6d445b87fa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
lstrcpyW
ResumeThread
CheckRemoteDebuggerPresent
OutputDebugStringA
GetProcAddress
lstrcatA
ExitProcess
GetProcessHeap
HeapAlloc
SetErrorMode
lstrlenA
lstrcpyA

ntdll

ZwAllocateVirtualMemory
NtAllocateVirtualMemory
memset
memcpy

user32

RegisterClassExW
TranslateMessage
BeginPaint
KillTimer
GetMessageW
SetTimer
EndPaint
ShowWindow
CreateWindowExW
UpdateWindow
ValidateRect
DefWindowProcW
DispatchMessageW

gdi32

Rectangle
CreatePen
SetTextColor
LineTo
SelectObject
Ellipse
CreateFontIndirectA
TextOutW

comctl32

ord17

winmm

mciSendStringW
mciSendStringA

winspool.drv

ClosePrinter
OpenPrinterA
EndDocPrinter
WritePrinter
ord201
EndPagePrinter
StartPagePrinter
StartDocPrinterW

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.osg
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 768B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

40ea8d40a7a5bd8195192c6d445b87fa

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ntdll

user32

gdi32

comctl32

winmm

winspool.drv

Sections

.text Size: 12KB - Virtual size: 12KB

.data Size: 512B - Virtual size: 1KB

.tls Size: 512B - Virtual size: 24B

.osg Size: 512B - Virtual size: 284B

.rsrc Size: 1024B - Virtual size: 768B

.text
Size: 12KB - Virtual size: 12KB

.data
Size: 512B - Virtual size: 1KB

.tls
Size: 512B - Virtual size: 24B

.osg
Size: 512B - Virtual size: 284B

.rsrc
Size: 1024B - Virtual size: 768B