8a2658e06fc72eaacbb54ba6743e6192affeaeb1b53be41084de2616b14602f4

Sharing

Copy URL Twitter E-mail

General

Target

8a2658e06fc72eaacbb54ba6743e6192affeaeb1b53be41084de2616b14602f4
Size

98KB
MD5

02838800752629229c7f543e4b708890
SHA1

18fee35f8790e8cc7b23bc36493c16103cf823c9
SHA256

8a2658e06fc72eaacbb54ba6743e6192affeaeb1b53be41084de2616b14602f4
SHA512

1eb276db856949f541add6afa821de96fb26302f44261bc2307370a70c4b6623fc6e61ac0548c776e62491bcb496c6ac7d804b41f6bd5713fb0d28a40cdaa663
SSDEEP

1536:5PHJ2yTrQAFO8+z1hqsMCOoNlXGPbuNaQQybmJLeoQQ0aIFRe:lpQAvYi3COoLXGPbzJLeoQphR

Score

N/A

Malware Config

Signatures

Files

8a2658e06fc72eaacbb54ba6743e6192affeaeb1b53be41084de2616b14602f4
.exe windows x86

d1f43ec2b7a7a31a4c1f4393df4550fe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

ClearEventLogW
RegQueryValueA
AccessCheck
RegSetValueExA

kernel32

HeapSize
GetUserDefaultLangID
GlobalLock
GlobalMemoryStatus
LocalFree
VirtualUnlock
GlobalAlloc
HeapLock
DeleteCriticalSection
HeapAlloc
WritePrivateProfileSectionA
GetModuleHandleA
GetProcAddress
GetEnvironmentStrings
GetCurrentProcessId
GetExitCodeThread
GetStdHandle
ResumeThread
GetHandleInformation
FreeEnvironmentStringsA
GetModuleFileNameA
VirtualAlloc
CreateSemaphoreA
GetLastError
GetFullPathNameA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetCurrentDirectoryA
GetDriveTypeA
HeapFree
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetFileType
SetFilePointer
WriteFile
ReadFile
InitializeCriticalSection
FlushFileBuffers
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
HeapReAlloc
SetStdHandle
CloseHandle
CreateFileA
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
SetEndOfFile
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

winspool.drv

AbortPrinter
DeletePrinterDataA
EnumPrinterDriversA
EnumJobsA
DeletePrinterConnectionA
GetJobW

netapi32

NetGetDCName
NetFileEnum

uxtheme

GetThemeBackgroundExtent

wsnmp32

ord903

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d1f43ec2b7a7a31a4c1f4393df4550fe

Headers

File Characteristics

Imports

advapi32

kernel32

winspool.drv

netapi32

uxtheme

wsnmp32

Sections

.text Size: 34KB - Virtual size: 34KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 3KB - Virtual size: 13KB

.rsrc Size: 48KB - Virtual size: 47KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 34KB - Virtual size: 34KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 3KB - Virtual size: 13KB

.rsrc
Size: 48KB - Virtual size: 47KB

.reloc
Size: 4KB - Virtual size: 3KB