b0029b8cf259079da3ca29a16eaf3b1f547e3f0f5d7b481569799c26b0041292

Sharing

Copy URL Twitter E-mail

General

Target

b0029b8cf259079da3ca29a16eaf3b1f547e3f0f5d7b481569799c26b0041292
Size

428KB
MD5

39a258c9d27deb0778289cf50f379009
SHA1

8621c572818edeb13b6b9999a27a78cfffe023ac
SHA256

b0029b8cf259079da3ca29a16eaf3b1f547e3f0f5d7b481569799c26b0041292
SHA512

059af32628bddf516993fd8a1c33102df1d5caa49d69eb275d9e563ef741a34d47935b41996a9a070912ae8eb13d976892bc53ed10eec8b941558f9283f5ffc1
SSDEEP

6144:FfQt0y/+yWqA/eRlp0yN90vEvrxhAGOoHOgX3jOflbQDSf5:eN/g/eKy90sthAGOougDU7

Score

N/A

Malware Config

Signatures

Files

b0029b8cf259079da3ca29a16eaf3b1f547e3f0f5d7b481569799c26b0041292
.exe windows x86

f89ad2d55de283c7f597ac00cb24689f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime

kernel32

InterlockedExchange
GetACP
GetLocaleInfoA
GetVersionExA
RaiseException
InitializeCriticalSection
CompareStringW
GetTickCount
GetCurrentProcessId
GetProcAddress
LoadLibraryA
Sleep
CompareStringA
SetEndOfFile
DeleteCriticalSection
HeapDestroy
GetLocaleInfoW
ReadFile
SetStdHandle
InterlockedIncrement
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
ExitProcess
RtlUnwind
GetLocalTime
GetLastError
HeapAlloc
HeapFree
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetCPInfo
HeapReAlloc
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
GetModuleFileNameA
VirtualQuery
SetEnvironmentVariableA
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
TerminateProcess
GetCurrentProcess
HeapSize
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
FlushFileBuffers
SetFilePointer
CloseHandle
VirtualProtect
GetSystemInfo
GetTimeZoneInformation
GetOEMCP
CreateFileA

gdi32

StartPage

winspool.drv

AddPrinterA
OpenPrinterA

Sections

.text
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.d1
Size: - Virtual size: 41KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 332KB - Virtual size: 335KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.d3
Size: 4KB - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f89ad2d55de283c7f597ac00cb24689f

Headers

File Characteristics

Imports

winmm

kernel32

gdi32

winspool.drv

Sections

.text Size: 68KB - Virtual size: 65KB

.d1 Size: - Virtual size: 41KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 332KB - Virtual size: 335KB

.d3 Size: 4KB - Virtual size: 52B

.rsrc Size: 4KB - Virtual size: 496B

.text
Size: 68KB - Virtual size: 65KB

.d1
Size: - Virtual size: 41KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 332KB - Virtual size: 335KB

.d3
Size: 4KB - Virtual size: 52B

.rsrc
Size: 4KB - Virtual size: 496B