8789dfc188cf91c5a0f41048620685b2f5cf478b3bec6334ba55129ef7e993cb

Sharing

Copy URL Twitter E-mail

General

Target

8789dfc188cf91c5a0f41048620685b2f5cf478b3bec6334ba55129ef7e993cb
Size

2.8MB
MD5

8497594ae4eb789b9b22048adbb1fbbf
SHA1

c8d6d817bb480193ec4a22a87d3c674901b39188
SHA256

8789dfc188cf91c5a0f41048620685b2f5cf478b3bec6334ba55129ef7e993cb
SHA512

59ddca4a0cd4cc7fa44032434fe60ae543d81587c1deda20fe612284f649f3b7d537571d8789b3c23aff8c6bca2a0d6ef6ded53d9533282a9460530fa6ad905d
SSDEEP

49152:dXsCcLYrkztJ6M/EdzlTZL/oRsu5ZxeaGzALbEO2H9tXFXMqvio3/5BbCXSMhYAQ:dXsCcLY4tJ6M/czlTZL/Qsu5ZEaG0UOW

Score

N/A

Malware Config

Signatures

Files

8789dfc188cf91c5a0f41048620685b2f5cf478b3bec6334ba55129ef7e993cb
.exe windows x86

7801c3cf8dc8cc622bf478c0d2362a08

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_adjust_fdiv
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
strncpy
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit

winspool.drv

ord210
DeletePrinterDriverExA
StartDocDlgW

clusapi

ClusterRegGetKeySecurity
ClusterNetworkCloseEnum

ddraw

DDInternalUnlock

hlink

ord26

kernel32

GetProcessPriorityBoost
WaitForSingleObject
HeapUnlock
CreateJobObjectW
DisableThreadLibraryCalls
FatalAppExitW
GetModuleHandleA
SetThreadContext
GetStartupInfoA
GetThreadContext
GetProcAddress
ReadFile
VirtualProtect
GetLastError

mapi32

ord75

msi

ord160

oleacc

CreateStdAccessibleObject

oledlg

ord6

opengl32

glIndexfv
glNormal3s
glPixelMapfv

rtm

MgmRegisterMProtocol
MgmGetMfe

shlwapi

StrFormatByteSizeA
IntlStrEqWorkerW
StrRStrIA
PathCombineA

snmpapi

SnmpUtilOidCpy

user32

GetUpdateRgn
DeleteMenu
LoadMenuW
CallMsgFilterA
LoadCursorA
DispatchMessageA
GetMessageA
PeekMessageA
SetTimer
PaintDesktop
GetWindowRgn

vdmdbg

VDMBreakThread

winmm

mmioAscend
mmioOpenW
mixerGetLineControlsW

winscard

SCardForgetReaderGroupA
SCardForgetReaderW

wow32

WOWGetVDMPointer

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 24.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SELIGER
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 208KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7801c3cf8dc8cc622bf478c0d2362a08

Headers

File Characteristics

Imports

msvcrt

winspool.drv

clusapi

ddraw

hlink

kernel32

mapi32

msi

oleacc

oledlg

opengl32

rtm

shlwapi

snmpapi

user32

vdmdbg

winmm

winscard

wow32

Sections

.text Size: 8KB - Virtual size: 5KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 52KB - Virtual size: 24.1MB

SELIGER Size: 2.1MB - Virtual size: 2.1MB

.rsrc Size: 208KB - Virtual size: 204KB

.text
Size: 8KB - Virtual size: 5KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 52KB - Virtual size: 24.1MB

SELIGER
Size: 2.1MB - Virtual size: 2.1MB

.rsrc
Size: 208KB - Virtual size: 204KB