e7f200b95e0e7d7276a3f6bbfda1b27f14a5dd89cc36d414819197866df63dc1

Sharing

Copy URL Twitter E-mail

General

Target

e7f200b95e0e7d7276a3f6bbfda1b27f14a5dd89cc36d414819197866df63dc1
Size

267KB
MD5

482256f61042530722f057269600a69a
SHA1

a88cff3841c84fa03d2090ff50d24d8116cb10e8
SHA256

e7f200b95e0e7d7276a3f6bbfda1b27f14a5dd89cc36d414819197866df63dc1
SHA512

67528ced715162443f5c914020d040699de782e4326469068472b6e98877b848f4d615ff150d282cd0f882c33629b09bd8cfd26de4670cb4a2a2a5e3c075bfea
SSDEEP

6144:2bHcUQ7Fco1aqMOIXpcIb9lRwDrLq04IsXOpduODCV6Dp:2IZ7Fco1aqMOIZcIb9gDrHduOD9Dp

Score

N/A

Malware Config

Signatures

Files

e7f200b95e0e7d7276a3f6bbfda1b27f14a5dd89cc36d414819197866df63dc1
.exe windows x86

2d40d22ca309f6d6fcb48dc3c68e2a5c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
CreateFileW
GetFileSize
ReadFile
WriteFile
HeapAlloc
HeapFree
GetProcessHeap
VirtualAlloc
GetModuleHandleW
FormatMessageW
lstrcmpW
lstrlenW
MultiByteToWideChar
WideCharToMultiByte
GetOEMCP
EnumSystemCodePagesW
WriteConsoleW
GetConsoleWindow
DecodePointer
ReadConsoleW
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
HeapReAlloc
HeapSize
SetFilePointerEx
GetFileSizeEx
SetConsoleCtrlHandler
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
GetStringTypeW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetCurrentProcess
TerminateProcess
InterlockedPushEntrySList
InterlockedFlushSList
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
EncodePointer
RaiseException
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
GetCommandLineA
GetCommandLineW
GetCurrentThread
GetFileType
OutputDebugStringW
FindClose
CloseHandle

wsnmp32

ord400
ord206
ord501
ord999

winspool.drv

StartDocPrinterW
ord100
ConnectToPrinterDlg

setupapi

SetupRemoveFromSourceListW
SetupGetLineCountW
SetupInitializeFileLogA

pdh

PdhVbIsGoodStatus
PdhGetCounterInfoW
PdhGetDataSourceTimeRangeW
PdhGetDefaultPerfObjectA
PdhGetDllVersion
PdhParseInstanceNameW

ole32

HMETAFILE_UserUnmarshal
OleDraw
HBITMAP_UserUnmarshal

user32

ShowWindow
LoadStringW

Sections

.text
Size: 216KB - Virtual size: 215KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2d40d22ca309f6d6fcb48dc3c68e2a5c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

wsnmp32

winspool.drv

setupapi

pdh

ole32

user32

Sections

.text Size: 216KB - Virtual size: 215KB

.rdata Size: 38KB - Virtual size: 37KB

.data Size: 3KB - Virtual size: 7KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 216KB - Virtual size: 215KB

.rdata
Size: 38KB - Virtual size: 37KB

.data
Size: 3KB - Virtual size: 7KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 8KB - Virtual size: 8KB