ca3ad2c715800c033cacee6e2d1c492c127749c6966bd1b7e7dfe7e586b5a324

General

Target

ca3ad2c715800c033cacee6e2d1c492c127749c6966bd1b7e7dfe7e586b5a324
Size

332KB
MD5

915f9877a81ba0877a413ff678925603
SHA1

6488e9a7fa3ed92cc53758988ef5e545fee0ef4e
SHA256

ca3ad2c715800c033cacee6e2d1c492c127749c6966bd1b7e7dfe7e586b5a324
SHA512

4a2be00bdf5093b58881d35caea4f05b23ec14e9ab46309a7e773222e5f196fe03354e997e9ff0682f14b21ced9a11ac7c613190593d5c3798960ab6f8bc686a
SSDEEP

6144:CGM29irEtvj0DzxtFzLqAn9DjTr+ZLKDJyybi6cuhPQLRpQa1x:CTE9gx/LqgJmg5bVcEmRian

Score

N/A

Malware Config

Signatures

Files

ca3ad2c715800c033cacee6e2d1c492c127749c6966bd1b7e7dfe7e586b5a324
.exe windows x86

140d1cfdd7d997770f277d569e8adf0f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoRegisterSurrogate
StgOpenPropStg

advapi32

RegSaveKeyA
RegQueryMultipleValuesA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegOpenKeyA
RegOverridePredefKey

kernel32

GetModuleHandleA
GetProcessHeap
GetProfileIntA
GetPrivateProfileSectionA
GetPrivateProfileStructA
GetProcAddress
OpenSemaphoreA
GetLastError
VirtualAlloc
ReleaseMutex
ReleaseSemaphore
LocalLock
GetACP
SetEvent
ResetEvent
FreeEnvironmentStringsA
GetCommandLineA
PulseEvent
LCMapStringA
SuspendThread
TlsGetValue
LocalHandle
GetStdHandle
GetStartupInfoA
CloseHandle

winspool.drv

ConfigurePortA
DeletePrinterConnectionA
AbortPrinter
DeletePrinterDataA
DeletePrinter
AdvancedDocumentPropertiesA
ConnectToPrinterDlg
DeleteFormA
AddPrinterConnectionA
DeletePrinterKeyA
AddJobA

msvcrt

exit
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_exit
_XcptFilter

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 314KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

140d1cfdd7d997770f277d569e8adf0f

Headers

File Characteristics

Imports

ole32

advapi32

kernel32

winspool.drv

msvcrt

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 314KB - Virtual size: 313KB

.data Size: 512B - Virtual size: 94KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 314KB - Virtual size: 313KB

.data
Size: 512B - Virtual size: 94KB

.rsrc
Size: 5KB - Virtual size: 5KB