36e7e939017910d96e7e36353ebd61b981fd708e369daab740fd1262db5ec2e0

Sharing

Copy URL Twitter E-mail

General

Target

36e7e939017910d96e7e36353ebd61b981fd708e369daab740fd1262db5ec2e0
Size

97KB
MD5

7ab485098523f85a101f999f61c99a18
SHA1

6f11dc210c2b49214c2cd15ed87fa1699e0a7fee
SHA256

36e7e939017910d96e7e36353ebd61b981fd708e369daab740fd1262db5ec2e0
SHA512

9a086e104be96b2ab7b659906dcf661ea3d2c2249240e6ecfa10be6381e57fa099579fc4d122ece496ebc36731ed25d82dddcd9284cb5971dad0b38644c5e18d
SSDEEP

1536:w5LvHdexq1nvqE4zDz5QqYMPIrOSPLWQcxu5I4spgQcxu5I4spcQcxu5I4sp:8Lv9/ICIaXyxu5D8Yxu5D8Uxu5D8

Score

N/A

Malware Config

Signatures

Files

36e7e939017910d96e7e36353ebd61b981fd708e369daab740fd1262db5ec2e0
.exe windows x86

77ce309793850345d5b5ddfc6bf5cccb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord4
ord8
FlatSB_SetScrollRange
ord17
CreatePropertySheetPageW
FlatSB_GetScrollRange
FlatSB_SetScrollProp
DestroyPropertySheetPage
PropertySheetA

advapi32

RegSetValueA
RegisterEventSourceW
RegRestoreKeyA
BackupEventLogW
RegOverridePredefKey
OpenThreadToken
RegNotifyChangeKeyValue
RegCreateKeyExA

kernel32

GetProfileSectionA
WritePrivateProfileStructA
GetPrivateProfileStructA
GetProfileStringA
GetModuleHandleA
GetProcAddress
VirtualAlloc
GetStartupInfoA

winspool.drv

DeletePrinterConnectionW
DeletePrinterKeyA
GetPrinterDriverW
EnumPrinterDriversW
AdvancedDocumentPropertiesA
ConnectToPrinterDlg
GetPrinterDriverA
GetPrinterW
AddFormA
AddPrintProcessorA
EnumJobsW
AddPrinterA
ConfigurePortA

netapi32

NetAuditClear
NetErrorLogWrite
Netbios
NetGetDCName
NetFileClose
NetFileGetInfo
NetGroupAddUser
NetErrorLogRead
NetErrorLogClear
NetGetJoinableOUs
NetConfigGetAll
NetConnectionEnum
NetAuditWrite
NetConfigSet
NetGetAnyDCName

msvfw32

ICClose
GetOpenFileNamePreviewA
DrawDibProfileDisplay
DrawDibStop

avifil32

AVIStreamFindSample
AVIStreamGetFrame
AVIStreamSampleToTime
AVIFileOpenA
AVIStreamStart
AVIStreamInfoA
EditStreamSetNameW
EditStreamCopy
AVIFileExit
AVIStreamSetFormat

avicap32

capCreateCaptureWindowA

usp10

ScriptItemize
ScriptGetProperties
ScriptXtoCP
ScriptIsComplex
ScriptString_pSize
ScriptStringCPtoX
ScriptGetFontProperties
ScriptApplyLogicalWidth
ScriptTextOut
ScriptStringGetOrder
ScriptString_pcOutChars
ScriptGetLogicalWidths

hlink

ord22

msvcrt

_fullpath
fprintf
free
fopen
freopen
asin
acos
atan
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

77ce309793850345d5b5ddfc6bf5cccb

Headers

File Characteristics

Imports

comctl32

advapi32

kernel32

winspool.drv

netapi32

msvfw32

avifil32

avicap32

usp10

hlink

msvcrt

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 14KB - Virtual size: 13KB

.data Size: 14KB - Virtual size: 17KB

.rsrc Size: 64KB - Virtual size: 63KB

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 14KB - Virtual size: 13KB

.data
Size: 14KB - Virtual size: 17KB

.rsrc
Size: 64KB - Virtual size: 63KB