32855471a8010dbd08922dfa4c84859923f7f3b271c9c196a1771e82cdb264ea

General

Target

32855471a8010dbd08922dfa4c84859923f7f3b271c9c196a1771e82cdb264ea
Size

4.0MB
MD5

fa4cfb619097b7cb71652cffd0b78d22
SHA1

32d76c0f9b610cc4444196014b51a0a46366fa51
SHA256

32855471a8010dbd08922dfa4c84859923f7f3b271c9c196a1771e82cdb264ea
SHA512

fb3b592bf9f40ae83a25678ae0213fca7de64e5806409a6d7fa5b4855ae424710e65646c8bcb142860aecdb92ce0a4f2821abae09e3ac7b8b02584ce64a1404b
SSDEEP

98304:DspMsbKDZDQF0hT/9R0hE1fDGfH6z18LEqlACe+wKULw:RDxdSCvqWCdUM

Score

N/A

Malware Config

Signatures

Files

32855471a8010dbd08922dfa4c84859923f7f3b271c9c196a1771e82cdb264ea
.exe windows x86

7c4a9bc24bd00e720a4d061d9487d5d6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
strncpy
_exit

winspool.drv

DevQueryPrintEx
AddPortA
ord213
ConvertUnicodeDevModeToAnsiDevmode

clusapi

ClusterGroupCloseEnum

kernel32

OpenWaitableTimerW
SetUnhandledExceptionFilter
_lread
FindAtomA
GetLogicalDriveStringsA
GlobalUnWire
FindCloseChangeNotification
LocalFlags
CreateThread
GetLastError
WriteProfileSectionA
SetThreadContext
GetThreadContext
VirtualProtect
ReadFile
GetStartupInfoA
GetPriorityClass
CreateFiber
FindNextVolumeA
GetModuleHandleA
InterlockedExchange
GetProcAddress
GetThreadPriority

mgmtapi

SnmpMgrGetTrapEx

msi

ord91
ord130
ord85

wintrust

WinVerifyTrust

user32

SetTimer
DispatchMessageA
GetMessageA
PeekMessageA
PaintDesktop
GetWindowRgn

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 24.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SELIGER
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7c4a9bc24bd00e720a4d061d9487d5d6

Headers

File Characteristics

Imports

msvcrt

winspool.drv

clusapi

kernel32

mgmtapi

msi

wintrust

user32

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 44KB - Virtual size: 24.1MB

SELIGER Size: 2.1MB - Virtual size: 2.1MB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 44KB - Virtual size: 24.1MB

SELIGER
Size: 2.1MB - Virtual size: 2.1MB

.rsrc
Size: 16KB - Virtual size: 15KB