a6d014d72db7ac3cf46b3c0b3591aeb57c45f5871aa5d27ca5cbc4ed02f614c0

Sharing

Copy URL

Twitter E-mail

General

Target

a6d014d72db7ac3cf46b3c0b3591aeb57c45f5871aa5d27ca5cbc4ed02f614c0
Size

254KB
MD5

e9755915a48a726115d289802c1eee13
SHA1

4aeb8e9fdfd9825f850c9a133525e19a4b796b7e
SHA256

a6d014d72db7ac3cf46b3c0b3591aeb57c45f5871aa5d27ca5cbc4ed02f614c0
SHA512

4ef4b40e98f8e4ecb1405e801240fb8152c192220c14048ea688f1380e3fe969f2855dd4790774d0cbb93d7b8f09b1e6d85bf7f9bf7afe0b00008475742341cd
SSDEEP

6144:7oRAgaL8J0IN95ccRQPXNBjv6D17F23nS:7oCgn0INT3y/NBbW6

Score

N/A

Malware Config

Signatures

Files

a6d014d72db7ac3cf46b3c0b3591aeb57c45f5871aa5d27ca5cbc4ed02f614c0
.exe windows x86

f5a3262b2bb212ba74bdda1d7369080b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

inet_addr
ioctlsocket

shell32

SHGetFileInfoA

comdlg32

GetOpenFileNameW

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

kernel32

WideCharToMultiByte
lstrcmpiA
HeapAlloc
OutputDebugStringA
FormatMessageA
GetCommandLineW
SetLastError
GetSystemDirectoryA
SystemTimeToTzSpecificLocalTime
CloseHandle
GetTimeZoneInformation
GetWindowsDirectoryA
HeapFree
GetProcessHeap
GetCurrentThreadId
DeleteCriticalSection
LoadLibraryExA
LocalFree
GetModuleHandleA
FreeLibrary
FileTimeToSystemTime
GetCurrentDirectoryA
VirtualAllocEx

oleaut32

SysAllocStringLen
SysFreeString

user32

LockWindowUpdate
EnumThreadWindows
LoadIconA
DestroyIcon
SetFocus
PostMessageA
GetSystemMetrics
DrawIconEx

ole32

CoInitialize
CoUninitialize
CoCreateInstance

advapi32

RegCloseKey
EqualSid
AllocateAndInitializeSid
RegOpenKeyExA
GetTokenInformation
FreeSid
RegQueryValueExA
OpenProcessToken

winspool.drv

OpenPrinterW
AddJobA
AddPrintProvidorW
DeletePrintProcessorW
FindFirstPrinterChangeNotification
GetJobA
EnumPrinterKeyW
StartPagePrinter
AddFormA
GetFormA
EnumPrinterDataA
EnumPrinterDataExA
AddPrintProcessorW
DeleteMonitorW
AddPortExW
DeletePrinterDataW
EnumPrinterDriversW

fontsub

MergeFontPackage

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.lwHPvdw
Size: 1024B - Virtual size: 851B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qAbmC
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idEvcM
Size: 1024B - Virtual size: 986B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jHmBHBG
Size: 512B - Virtual size: 311B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.olCwoL
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zkTVbsE
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pUzBO
Size: 104KB - Virtual size: 947KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.HuyUpSi
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bVHo
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.VmJzep
Size: 512B - Virtual size: 251B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.TDJw
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f5a3262b2bb212ba74bdda1d7369080b

Headers

DLL Characteristics

File Characteristics

Imports

wsock32

shell32

comdlg32

version

kernel32

oleaut32

user32

ole32

advapi32

winspool.drv

fontsub

Sections

.text Size: 19KB - Virtual size: 18KB

.lwHPvdw Size: 1024B - Virtual size: 851B

.qAbmC Size: 1KB - Virtual size: 1KB

.idEvcM Size: 1024B - Virtual size: 986B

.jHmBHBG Size: 512B - Virtual size: 311B

.rdata Size: 2KB - Virtual size: 2KB

.olCwoL Size: 2KB - Virtual size: 1KB

.zkTVbsE Size: 2KB - Virtual size: 1KB

.pUzBO Size: 104KB - Virtual size: 947KB

.data Size: 110KB - Virtual size: 1.3MB

.HuyUpSi Size: 2KB - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 1KB

.bVHo Size: 3KB - Virtual size: 2KB

.VmJzep Size: 512B - Virtual size: 251B

.TDJw Size: 2KB - Virtual size: 1KB

.text
Size: 19KB - Virtual size: 18KB

.lwHPvdw
Size: 1024B - Virtual size: 851B

.qAbmC
Size: 1KB - Virtual size: 1KB

.idEvcM
Size: 1024B - Virtual size: 986B

.jHmBHBG
Size: 512B - Virtual size: 311B

.rdata
Size: 2KB - Virtual size: 2KB

.olCwoL
Size: 2KB - Virtual size: 1KB

.zkTVbsE
Size: 2KB - Virtual size: 1KB

.pUzBO
Size: 104KB - Virtual size: 947KB

.data
Size: 110KB - Virtual size: 1.3MB

.HuyUpSi
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 1KB

.bVHo
Size: 3KB - Virtual size: 2KB

.VmJzep
Size: 512B - Virtual size: 251B

.TDJw
Size: 2KB - Virtual size: 1KB