b41a6c38969b19218f646baf9f7bbbdbb52e52de2c0847b37ccfc0cebd0dffa8

Sharing

Copy URL Twitter E-mail

General

Target

b41a6c38969b19218f646baf9f7bbbdbb52e52de2c0847b37ccfc0cebd0dffa8
Size

138KB
MD5

400616f18898a04b2612d90d944d6017
SHA1

0ed58c6af6dbbb2c902b077e2cf727816da1276c
SHA256

b41a6c38969b19218f646baf9f7bbbdbb52e52de2c0847b37ccfc0cebd0dffa8
SHA512

e7bab29a44ec4031a185f6c9b65ed1ccabcf9e95be8f87877f0f3248e2f9272dc94442bed377fd563f20f90494e92af2fd677f9a2de250c512c7d8df637863d7
SSDEEP

3072:bQp6bWOJQkUYwheSdZdLSaOuGrTat49lr36pLZp:MTFxkuCfP9956

Score

N/A

Malware Config

Signatures

Files

b41a6c38969b19218f646baf9f7bbbdbb52e52de2c0847b37ccfc0cebd0dffa8
.exe windows x86

629ca261e388cbdd2c0e439d64a1301a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThread
DuplicateHandle
PeekNamedPipe
GetShortPathNameA
GetEnvironmentVariableA
ResetEvent
FindFirstChangeNotificationA
DeleteFileA
OpenMutexA
CreateMutexA
ReleaseMutex
SetEvent
GetCurrentProcess
LoadLibraryA
GetSystemTimeAsFileTime
GetProcessHeap
GetLocalTime
CreateFileA
SetTapePosition
GetModuleHandleA
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
GetProcAddress
HeapReAlloc
VirtualAlloc
HeapAlloc
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
WriteFile
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
SetEnvironmentVariableA
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
TerminateProcess
ExitProcess
GetTimeZoneInformation
GetSystemTime
GetStartupInfoA
GetCommandLineA
GetVersion

user32

RegisterWindowMessageA
TranslateMessage
LoadCursorA
UnregisterHotKey
LoadStringA
LoadIconA
SetMenuItemInfoA
IsWindow
SetScrollInfo
DialogBoxIndirectParamA
MessageBoxA
GetSysColor
CreateWindowExA
CheckMenuRadioItem
LoadImageA
DrawIcon
DispatchMessageA
IsWindowEnabled
GetClassNameA
BeginDeferWindowPos
DeferWindowPos
CreateMenu

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA
EnumPrintersA

shlwapi

PathIsUNCA
wnsprintfA
UrlGetPartA
StrCmpNA
StrDupA

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

629ca261e388cbdd2c0e439d64a1301a

Headers

File Characteristics

Imports

kernel32

user32

winspool.drv

shlwapi

Sections

.text Size: 36KB - Virtual size: 35KB

.rdata Size: 48KB - Virtual size: 44KB

.data Size: 44KB - Virtual size: 135KB

.rsrc Size: 4KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 36KB - Virtual size: 35KB

.rdata
Size: 48KB - Virtual size: 44KB

.data
Size: 44KB - Virtual size: 135KB

.rsrc
Size: 4KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 1KB