980eeb89ae631ea781ae8f08285dd867d50051408a8c8c13ae2ce353a7b449b5

Sharing

Copy URL Twitter E-mail

General

Target

980eeb89ae631ea781ae8f08285dd867d50051408a8c8c13ae2ce353a7b449b5
Size

253KB
MD5

780012212b63f45f46ce887cb5063a02
SHA1

e35f2919d6c14e024d1fdc007d1dff5a95ac2633
SHA256

980eeb89ae631ea781ae8f08285dd867d50051408a8c8c13ae2ce353a7b449b5
SHA512

b04da79021d178895ffe033c72faa7afafc2cf6230862250319be34dd1ec3b7cf7765a65d8b65d014a439b78ecfd1f641a3b4aedf62b1513ae9a77a63e4c5431
SSDEEP

6144:gyji2naDCwnPrcyP6APk5wCCzoGIPdMWCkituu:gd2vwnoAHCnnFMWgsu

Score

N/A

Malware Config

Signatures

Files

980eeb89ae631ea781ae8f08285dd867d50051408a8c8c13ae2ce353a7b449b5
.dll windows x86

89ff038781996ff0038dba31ddc5d196

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryW
FreeLibrary
GlobalFree
GetCommandLineW
GlobalAlloc
GetDiskFreeSpaceExW
lstrlenW
ReadFile
GetProcAddress
LoadLibraryW
lstrcpynW
CloseHandle
CreateFileW
TransactNamedPipe
CancelIo
GetOverlappedResult
WaitForSingleObject
ResetEvent
SetNamedPipeHandleState
Sleep
GetLastError
CreateEventW
SetEvent
CreateThread
lstrcpyW
LocalFree
LocalAlloc
MulDiv
lstrcmpW
GetProfileStringW
InterlockedExchange
InterlockedCompareExchange
RtlUnwind
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetVersion
GetFileAttributesW
GetUserDefaultUILanguage
ExpandEnvironmentStringsA
LoadLibraryA
GetSystemDefaultUILanguage
SetLastError
GetModuleFileNameW
IsBadWritePtr
WideCharToMultiByte
GetSystemWindowsDirectoryW
SetFileAttributesW
SetFilePointer

advapi32

RegOpenKeyExA
RegQueryValueExA
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegCloseKey
ConvertStringSecurityDescriptorToSecurityDescriptorW

winspool.drv

GetJobW
GetPrinterDriverW
OpenPrinterW
ClosePrinter
GetPrinterW
DeviceCapabilitiesW
DocumentPropertiesW
SetJobW

gdi32

SaveDC
TextOutW
RestoreDC
SetTextColor
SetTextAlign
CreatePen
DeleteObject
CreatePatternBrush
CreateHalftonePalette
FillRgn
SelectObject
GetStockObject
CreateSolidBrush
SetROP2
PatBlt
ExtSelectClipRgn
CombineRgn
CreateEllipticRgnIndirect
StretchDIBits
RectVisible
SetPixel
LineTo
SetBkMode
MoveToEx
GetTextExtentPoint32W
GetObjectW
SetMapMode
GetDeviceCaps
SelectPalette
RealizePalette
SetStretchBltMode
SetICMMode
SetWindowOrgEx
CreateRectRgn
OffsetRgn
SetBrushOrgEx
SelectClipRgn

comctl32

ord17
CreateToolbarEx
CreateStatusWindowW

shell32

SHGetFolderPathW

Exports

Exports

PreviewEntryPoint

Sections

.text
Size: 222KB - Virtual size: 524KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 556KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 79B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

89ff038781996ff0038dba31ddc5d196

Headers

File Characteristics

Imports

kernel32

advapi32

winspool.drv

gdi32

comctl32

shell32

Exports

Exports

Sections

.text Size: 222KB - Virtual size: 524KB

.bss Size: - Virtual size: 556KB

.pdata Size: 4KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 79B

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 10KB - Virtual size: 9KB

.reloc Size: 4KB - Virtual size: 248B

.text
Size: 222KB - Virtual size: 524KB

.bss
Size: - Virtual size: 556KB

.pdata
Size: 4KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 79B

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 10KB - Virtual size: 9KB

.reloc
Size: 4KB - Virtual size: 248B