3e04dfb7e765d0a6ae7287b2fc180a995bbbc17f2159cae59d24cde6ec39beb7

Sharing

Copy URL Twitter E-mail

General

Target

3e04dfb7e765d0a6ae7287b2fc180a995bbbc17f2159cae59d24cde6ec39beb7
Size

338KB
MD5

ec69c281fe131a91b3023d93422bda6c
SHA1

0172cf298edaf0985d3a9558babb6514f7d1c07b
SHA256

3e04dfb7e765d0a6ae7287b2fc180a995bbbc17f2159cae59d24cde6ec39beb7
SHA512

5f492e61b52255d4fefcc8ff46939a4b489b43606d5a78e7d6d3ff85f76e939d62b33263a39bd324396907c25b4e9bd1cd927dc31e52da5fa9467a9e8b89f676
SSDEEP

3072:XbgT469TYJK9TBfvEQG6Dd6WeaQVJRWYfcNHls6OzsP5vxUKXP33uV6:cTXTYJK9TBsZSYfklCzsP8u

Score

N/A

Malware Config

Signatures

Files

3e04dfb7e765d0a6ae7287b2fc180a995bbbc17f2159cae59d24cde6ec39beb7
.dll windows x86

6d4d3d6e763b5035f03b87548d8eb20a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winspool.drv

PrinterProperties
GetPrinterDriverDirectoryW
GetPrinterW
OpenPrinterW
DocumentPropertiesW
GetPrinterDataW
DeletePrinterDataW
SetPrinterDataW
ClosePrinter

kernel32

GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapReAlloc
HeapSize
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
WriteFile
OutputDebugStringA
FreeLibrary
GetFileType
LoadLibraryA
InitializeCriticalSection
GetModuleHandleW
GetCPInfo
GetACP
GetOEMCP
Sleep
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
VirtualProtect
GetSystemInfo
VirtualQuery
GetStdHandle
SetHandleCount
GetCurrentThreadId
InterlockedDecrement
SetLastError
LocalFree
OutputDebugStringW
LoadLibraryW
SetFilePointer
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
CloseHandle
FlushFileBuffers
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
ExitProcess
GetModuleHandleA
GetProcAddress
GetCommandLineA
GetVersionExA
RtlUnwind
GetLastError
HeapFree
RaiseException
HeapAlloc
GlobalFree
GlobalAlloc
LocalAlloc
GetModuleFileNameW

ole32

CoCreateGuid
StringFromGUID2

advapi32

RegCloseKey
RegEnumValueW
RegDeleteValueW
RegDeleteKeyW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW

Exports

Exports

ConvertDevModeEx
ConvertDevmode
ConvertTicket
ConvertTicketEx
GetConvertAPIVersion
GetConvertAPIVersionEx
InitializeConvertAPI
KillConvertAPI
ReadTicket

Sections

.text
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 160KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6d4d3d6e763b5035f03b87548d8eb20a

Headers

DLL Characteristics

File Characteristics

Imports

winspool.drv

kernel32

ole32

advapi32

Exports

Exports

Sections

.text Size: 160KB - Virtual size: 159KB

.data Size: 160KB - Virtual size: 168KB

.rsrc Size: 1024B - Virtual size: 1000B

.reloc Size: 15KB - Virtual size: 15KB

.text
Size: 160KB - Virtual size: 159KB

.data
Size: 160KB - Virtual size: 168KB

.rsrc
Size: 1024B - Virtual size: 1000B

.reloc
Size: 15KB - Virtual size: 15KB