ac9f4c33880f401ea125189d7052e404a34d6796bcade5883b6da8702b4c7e64

General

Target

ac9f4c33880f401ea125189d7052e404a34d6796bcade5883b6da8702b4c7e64
Size

158KB
MD5

0ef8b5b83f300e6cb1f162681d20e9bb
SHA1

e73eca131670c81bb96e23b92cab596a01451546
SHA256

ac9f4c33880f401ea125189d7052e404a34d6796bcade5883b6da8702b4c7e64
SHA512

da47f6a379480499b423310828032aa83d8548cb6e136c8881d2aadc53ece7015451c89e836b5d61dc514b2cab8f1bbe7df21f9f642b6e1d5b8d04657666867d
SSDEEP

3072:i67FaLffwW2PKYLRMsL4KuuMsKLhdNYnAQWO+oh3gLfz0:zabz2/FcFbXdd6nAQWS3gL7

Score

N/A

Malware Config

Signatures

Files

ac9f4c33880f401ea125189d7052e404a34d6796bcade5883b6da8702b4c7e64
.exe windows x86

d5b627872700d68db0c001779c50102c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

setupapi

SetupCancelTemporarySourceList
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailA

msvcrt

malloc
free
atoi
_onexit
_mbscmp
sprintf
_initterm
_except_handler3
_adjust_fdiv
__dllonexit
__CxxFrameHandler
strrchr
strtok
_itoa

kernel32

GetVersionExA
GetSystemDirectoryA
GetProcAddress
LoadLibraryA
GetModuleFileNameA
GetCurrentProcess
GetCurrentDirectoryA
LocalAlloc
LocalFree
SetCurrentDirectoryA
VirtualAlloc
VirtualFree
VirtualProtect
GetModuleHandleA
GetFileAttributesA
lstrlenA
CreateDirectoryA
DeleteFileA
ExitProcess
FindClose
FindFirstFileA
FreeLibrary
lstrcpyA

advapi32

RegCreateKeyExA
RegEnumKeyExA
RegOpenCurrentUser
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegDeleteValueA

shell32

SheSetCurDrive
SHUpdateRecycleBinIcon
SHGetFolderPathW
DuplicateIcon

user32

SetTimer
wsprintfA
MessageBoxA

Exports

Exports

ADeviceStartPlay
CommitTransaction
EndSession
LoadMappedToolbarBitmap
PszDayFromIndex

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d5b627872700d68db0c001779c50102c

Headers

DLL Characteristics

File Characteristics

Imports

winspool.drv

setupapi

msvcrt

kernel32

advapi32

shell32

user32

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 56KB

.rdata Size: 88KB - Virtual size: 87KB

.data Size: 13KB - Virtual size: 14KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 56KB - Virtual size: 56KB

.rdata
Size: 88KB - Virtual size: 87KB

.data
Size: 13KB - Virtual size: 14KB

.rsrc
Size: 1KB - Virtual size: 1KB