4171a5b3bf4e65055bfd8e682b9fe62163e93caf7216f94d6441c88bf184f9bf

Sharing

Copy URL Twitter E-mail

General

Target

4171a5b3bf4e65055bfd8e682b9fe62163e93caf7216f94d6441c88bf184f9bf
Size

227KB
MD5

46f8ddb5b514f2411365df95c527fe9f
SHA1

e39aacff81e1b9bec7e406f1dfa01ed98edee726
SHA256

4171a5b3bf4e65055bfd8e682b9fe62163e93caf7216f94d6441c88bf184f9bf
SHA512

380a5ebca0ad4ee5ac90f8edda021f53d2c94fc61650e5ece2b9eb6b639a0015c6e963112f153b7dc0fc712dc206b8346051ec4ebcfb6e3479d079741cfdc7cd
SSDEEP

3072:cqN+U/ClXn9mT1Uc6IokaAMm26bzkd7Z/FPTrU21JMtS5zq:3+U/eaBuAxrW7tN

Score

N/A

Malware Config

Signatures

Files

4171a5b3bf4e65055bfd8e682b9fe62163e93caf7216f94d6441c88bf184f9bf
.dll windows x86

bdfb8eb6b08a3214c1945c78a74734bd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

wcschr
sprintf
strncmp
wcsstr
mbstowcs
wcsrchr
_ftol
_wtoi
wcscmp
??2@YAPAXI@Z
wcstombs
wcscat
wcsncat
??3@YAXPAX@Z
wcslen
_adjust_fdiv
malloc
_initterm
free
wcscpy

user32

InvalidateRect
wsprintfW
MessageBoxW
LoadStringW
SetDlgItemTextW
GetDlgItemTextW
SendDlgItemMessageW
SetWindowTextW
GetDlgItem
ReleaseDC
GetDC
GetDialogBaseUnits
LoadImageW
ShowWindow
SetWindowPos
EndDialog
DialogBoxParamW
LoadBitmapW
GetDlgCtrlID
UpdateWindow
EnableWindow
GetParent
FillRect

kernel32

InterlockedIncrement
SetLastError
DeleteFileW
GetSystemDirectoryW
lstrcpynW
InterlockedDecrement
ReadFile
CloseHandle
GlobalFree
CreateFileW
GetLastError
GlobalAlloc
CreateProcessW
FindClose
FindFirstFileW

winspool.drv

WritePrinter
EndDocPrinter
EndPagePrinter
GetPrinterDataW
SetPrinterDataW
GetPrinterDriverDirectoryW
GetPrinterW
OpenPrinterW
DocumentPropertiesW
ClosePrinter
StartDocPrinterW
GetJobW
SetJobW
StartPagePrinter

advapi32

RegCloseKey
RegDeleteKeyW
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW

gdi32

DeleteDC
DeleteObject
TextOutW
SetBkColor
CreateFontW
StretchBlt
GetStockObject
SelectObject
GetObjectW
CreateCompatibleDC
BitBlt
CreateBitmap
SetTextColor

Exports

Exports

DllCanUnloadNow
DllGetClassObject
GetColorDataDLLPath
GetOEMPrefix
OEMEjectPageCmd
OEMEndPrintJobCmd
OEMGetNumAlignValues
OEMStartVendorSetup
PopupBannerDialog
PopupManualDialog
PreInstall
StartPostInstall

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bdfb8eb6b08a3214c1945c78a74734bd

Headers

File Characteristics

Imports

msvcrt

user32

kernel32

winspool.drv

advapi32

gdi32

Exports

Exports

Sections

.text Size: 26KB - Virtual size: 25KB

.data Size: 61KB - Virtual size: 62KB

.rsrc Size: 136KB - Virtual size: 136KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 26KB - Virtual size: 25KB

.data
Size: 61KB - Virtual size: 62KB

.rsrc
Size: 136KB - Virtual size: 136KB

.reloc
Size: 2KB - Virtual size: 2KB