9119058424ddb4db9ebf41564b204dec93c4d0d2bc5f24c2f412b7f0402ba91a

Sharing

Copy URL

Twitter E-mail

General

Target

9119058424ddb4db9ebf41564b204dec93c4d0d2bc5f24c2f412b7f0402ba91a
Size

356KB
MD5

0b09554a4de83dc1bb9efc23cc8a46c0
SHA1

30fd6a0b43bd0aa6f3ab17a2d7df5f9e46f21a8c
SHA256

9119058424ddb4db9ebf41564b204dec93c4d0d2bc5f24c2f412b7f0402ba91a
SHA512

3c70b8f914311172248c68c126b0717ce766e79c7c884ae3fe625a35ce4e369f760ea748df85d99cf1360435a41d9f640a9b6390840c02ea4a39598f5beb4706
SSDEEP

6144:WTtzl8JSsNXuePjlrXS6ElQaVLbfkjyA7LaYt8:WNl8zjlrXvElQUbgLM

Score

N/A

Malware Config

Signatures

Files

9119058424ddb4db9ebf41564b204dec93c4d0d2bc5f24c2f412b7f0402ba91a
.exe windows x86

86d35c72ada69250812a0536ada9bd6b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyA
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
Sleep
GetComputerNameA
DeleteCriticalSection
SetLastError
FormatMessageA
WideCharToMultiByte
DeleteFileA
GetWindowsDirectoryA
GetCurrentThreadId
GetTickCount
WriteFile
SetFilePointer
GetFileSize
GetCurrentProcessId
GetCurrentProcess
GetModuleHandleA
GetVersionExA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetModuleFileNameW
ReleaseMutex
CreateMutexA
SetThreadPriority
SetEvent
CreateEventA
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
RtlUnwind
HeapFree
HeapAlloc
lstrcatA
GetStartupInfoA
ExitThread
CreateThread
LCMapStringA
LCMapStringW
GetCPInfo
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetACP
GetOEMCP
HeapSize
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
VirtualAlloc
HeapReAlloc
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
ReadFile
GetLocaleInfoW
CreateFileW
SetEndOfFile
MultiByteToWideChar
lstrcpynA
CreateFileA
CloseHandle
ExpandEnvironmentStringsA
GetLocalTime
GetModuleFileNameA
GetCommandLineA
GetSystemDirectoryA
FreeLibrary
WritePrivateProfileStringA
GetLastError
LoadLibraryA
GetProcessHeap
GetProcAddress

winspool.drv

OpenPrinterA
GetPrinterDriverDirectoryA
GetPrinterA
SetPrinterA
EnumPrintersA
ClosePrinter

advapi32

InitializeSecurityDescriptor
RegEnumValueA
RegCreateKeyExA
RegDeleteKeyA
RegSetValueExA
RegDeleteValueA
RegQueryValueExA
SetKernelObjectSecurity
GetSecurityDescriptorDacl
SetSecurityInfo
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
RegOpenKeyExA
RegEnumKeyExA
RegCloseKey
AllocateAndInitializeSid
GetAce
GetLengthSid
IsValidSid
FreeSid

ole32

CoInitializeEx
CoCreateInstance
CoUninitialize

oleaut32

SysFreeString
SysStringLen
SysAllocString

Sections

.text
Size: 228KB - Virtual size: 226KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

86d35c72ada69250812a0536ada9bd6b

Headers

File Characteristics

Imports

kernel32

winspool.drv

advapi32

ole32

oleaut32

Sections

.text Size: 228KB - Virtual size: 226KB

.rdata Size: 56KB - Virtual size: 54KB

.data Size: 16KB - Virtual size: 20KB

.rsrc Size: 52KB - Virtual size: 52KB

.text
Size: 228KB - Virtual size: 226KB

.rdata
Size: 56KB - Virtual size: 54KB

.data
Size: 16KB - Virtual size: 20KB

.rsrc
Size: 52KB - Virtual size: 52KB