deaf9631608cedc7e0c62cf0bb2f702ff023d6330ac8617171414116a4d16bc3

Sharing

Copy URL Twitter E-mail

General

Target

deaf9631608cedc7e0c62cf0bb2f702ff023d6330ac8617171414116a4d16bc3
Size

33KB
MD5

df93763fca8e4ffb8939733816d97350
SHA1

c07d5f0df66a0ddfc6df937db2a6e5010bf01f69
SHA256

deaf9631608cedc7e0c62cf0bb2f702ff023d6330ac8617171414116a4d16bc3
SHA512

20d95f2282e8a7ceced533f9b4c5451643c39cc62d0be64b9f983b03d62631770fb86466437c7fbc7fc6b72cd502caa7d8848a5cd0abb07a7f3a8dae93ad7c77
SSDEEP

768:3RM4K7lEd2w8vq4ahEf7GMRcj1+aBHCE3f2:3Kxkwvq4ahEf7LRhaBHCE3+

Score

N/A

Malware Config

Signatures

Files

deaf9631608cedc7e0c62cf0bb2f702ff023d6330ac8617171414116a4d16bc3
.exe windows x86

b2199f20aeddd794126aba6855017c42

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

PageSetupDlgW
FindTextW
GetOpenFileNameW
CommDlgExtendedError

shell32

DragFinish

winspool.drv

GetPrinterDriverW
ClosePrinter

msvcrt

_XcptFilter
_exit
_cexit
iswctype
_except_handler3
exit
_acmdln
__getmainargs
__p__fmode
_controlfp
wcsncpy

kernel32

GetTickCount
QueryPerformanceCounter
GetUserDefaultLCID
GetDateFormatW
GetTimeFormatW
GetFileInformationByHandle
GetCurrentProcess
SetUnhandledExceptionFilter
GetModuleHandleA
GetStartupInfoA
GlobalFree
LocalAlloc
CompareStringW
lstrcmpiW
GetCurrentProcessId

gdi32

EndPage
AbortDoc
DeleteDC
StartPage
CreateDCW
SetAbortProc
TextOutW
StartDocW
GetStockObject
GetObjectW
CreateFontIndirectW
DeleteObject
SetBkMode
LPtoDP

user32

SetCursor
DialogBoxParamW
GetKeyboardLayout
DefWindowProcW
DestroyWindow
MessageBeep
GetForegroundWindow
IsIconic
LoadAcceleratorsW
LoadCursorW
SetWindowPlacement
CreateWindowExW
GetFocus
SetScrollPos
CharLowerW
PeekMessageW
GetWindowTextW
MoveWindow
WinHelpW
GetDlgCtrlID
SendDlgItemMessageW
SendMessageW
CharNextW
OpenClipboard
GetMenuState
EnableMenuItem
SetWindowLongW
GetWindowLongW
SetFocus
wsprintfW
UnhookWinEvent
DispatchMessageW
TranslateMessage
PostMessageW
SetWinEventHook

Sections

.idata
Size: 14KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b2199f20aeddd794126aba6855017c42

Headers

File Characteristics

Imports

comdlg32

shell32

winspool.drv

msvcrt

kernel32

gdi32

user32

Sections

.idata Size: 14KB - Virtual size: 28KB

.rsrc Size: 1KB - Virtual size: 4KB

.text Size: 13KB - Virtual size: 16KB

.idata Size: 2KB - Virtual size: 4KB

.reloc Size: 44B - Virtual size: 4KB

.idata
Size: 14KB - Virtual size: 28KB

.rsrc
Size: 1KB - Virtual size: 4KB

.text
Size: 13KB - Virtual size: 16KB

.idata
Size: 2KB - Virtual size: 4KB

.reloc
Size: 44B - Virtual size: 4KB