5c479b2e95c4d6be3dc05b5daf3a87305afdc0700f63a0887304d541f7f3b76d

Sharing

Copy URL Twitter E-mail

General

Target

5c479b2e95c4d6be3dc05b5daf3a87305afdc0700f63a0887304d541f7f3b76d
Size

72KB
MD5

22a6491247c99a1d73eca1f1ca1f65b0
SHA1

11c04c5f78c7562a9463939fe2bbf5dafd0a7e26
SHA256

5c479b2e95c4d6be3dc05b5daf3a87305afdc0700f63a0887304d541f7f3b76d
SHA512

2cb51511fa9a38741e0d13e5eab9faaa686117985e7694884d7e46beb638be242b4f0b7631d519c7eb08cffbf4b1163dd1263359973e57f967fe8be8fdb4a1f5
SSDEEP

1536:37iz1czktcPqZmtEwGAPRlv33TasWDKfEBsL:riz1czktMqc/GoRx33T9pfEBsL

Score

N/A

Malware Config

Signatures

Files

5c479b2e95c4d6be3dc05b5daf3a87305afdc0700f63a0887304d541f7f3b76d
.exe windows x86

3de7c8df1092db1e74de057d63502c1e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalAlloc
CreateEventA
CreateMutexA
InitializeCriticalSection
RegisterServiceProcess
GetCurrentProcessId
LocalFree
OpenMutexA
Sleep
WaitForSingleObject
SetEvent
ReleaseMutex
WriteProfileStringA
lstrcatA
lstrcpyA
EnterCriticalSection
IsBadReadPtr
GetProcAddress
LoadLibraryA
GetProfileStringA
SetFilePointer
SetStdHandle
FlushFileBuffers
HeapAlloc
HeapFree
WriteFile
HeapCreate
GetStdHandle
GetFileType
SetHandleCount
lstrcmpiA
CloseHandle
LeaveCriticalSection
CreateThread
lstrcmpA
FreeLibrary
GetACP
GetEnvironmentStringsW
FreeEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsA
GetEnvironmentStrings
UnhandledExceptionFilter
RtlUnwind
GetModuleFileNameA
GetVersion
GetCPInfo
GetOEMCP
ExitProcess
GetStartupInfoA
GetModuleHandleA
GetLastError
GetCommandLineA

user32

CreateWindowExA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
GetWindowLongA
RegisterSystemThread
RegisterClassA
PostQuitMessage
DestroyWindow
DefWindowProcA

gdi32

ord104

advapi32

RegOpenKeyA
RegQueryValueExA
RegCloseKey
RegSetValueExA

spoolss

ReadPrinter
EnumPrintProcessorDatatypesA
GetPrintProcessorDirectoryA
EnumPrintProcessorsA
AddPrintProcessorA
ScheduleJob
DeletePrinterDriverA
GetPrinterDriverDirectoryA
GetPrinterDriverA
EnumPrinterDriversA
AddPrinterDriverA
GetPrinterA
SetPrinterA
DeletePrinterConnectionA
AddPrinterConnectionA
WaitForPrinterChange
SetPrinterDataA
GetPrinterDataA
GetJobA
SetJobA
EnumPrintersA
CallVSpoolerSignal
EndDocPrinter
EndPagePrinter
WritePrinter
StartPagePrinter
StartDocPrinterA
OpenPrinterA
ChangeDefaultPrinter
ShutDownSpoolss
CheckNetAvailability
PrintShadowJobs
RespondToConfigChange
CheckNotSplSem
InitializeRouter
EnumPortsA
EnumJobsA
AddMonitorA
ConfigurePortA
PrinterMessageBoxA
AddPrintProvidorA
DeleteMonitorA
DeletePrintProcessorA
AbortPrinter
DeletePrintProvidorA
DeletePortA
DeletePrinter
ClosePrinter
AddPrinterA
AddPortA
EnumMonitorsA
AddJobA

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3de7c8df1092db1e74de057d63502c1e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

spoolss

Sections

.text Size: 48KB - Virtual size: 48KB

.data Size: 12KB - Virtual size: 56KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 48KB - Virtual size: 48KB

.data
Size: 12KB - Virtual size: 56KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 4KB