02aa5d0a329eccc017af508eb8b605ffd88f4255494b88a23c54e20d1d6bee5c

Sharing

Copy URL Twitter E-mail

General

Target

02aa5d0a329eccc017af508eb8b605ffd88f4255494b88a23c54e20d1d6bee5c
Size

3.0MB
MD5

0886b4c80393511e2dd0c33b8e8f3ab2
SHA1

ea85f7f0c7e19886ab69faf809f9905ff964d22d
SHA256

02aa5d0a329eccc017af508eb8b605ffd88f4255494b88a23c54e20d1d6bee5c
SHA512

bf3d41e56ef1aae016f42acc11ea1dd1c88b5ad63f7cadcd13f7e2c3e3cf6ffc551899b6c4e56a5f4aed2550fa6e6e35055673a4ff718c824b371dfb3b911c37
SSDEEP

49152:H0oT0VdLbx5OrJyJWBnCpUI47Ah6R32fwHfshJwtrZFkd+OB:UoYLbbC4WBC6ImJR3fHfshJUDAB

Score

1^/10

Malware Config

Signatures

Files

02aa5d0a329eccc017af508eb8b605ffd88f4255494b88a23c54e20d1d6bee5c
.exe windows x86

bd40654bfdcbe2ac949ed01dfb70996b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegEnumKeyExW

kernel32

GetFileAttributesA
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

version

VerQueryValueW

winspool.drv

EnumPrintersW

comctl32

ImageList_Replace

gdi32

UnrealizeObject

msimg32

AlphaBlend

user32

DrawEdge

ole32

OleInitialize

oleaut32

GetErrorInfo

Exports

Exports

@@Unit1@Finalize
@@Unit1@Initialize
_Form1
__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 227KB - Virtual size: 226KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bd40654bfdcbe2ac949ed01dfb70996b

Headers

File Characteristics

Imports

advapi32

kernel32

version

winspool.drv

comctl32

gdi32

msimg32

user32

ole32

oleaut32

Exports

Exports

Sections

.text Size: - Virtual size: 1.2MB

.data Size: - Virtual size: 92KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: - Virtual size: 4KB

.idata Size: - Virtual size: 12KB

.didata Size: - Virtual size: 4KB

.edata Size: - Virtual size: 4KB

.vmp0 Size: - Virtual size: 2.5MB

.vmp1 Size: 2.8MB - Virtual size: 2.8MB

.reloc Size: 512B - Virtual size: 248B

.rsrc Size: 227KB - Virtual size: 226KB

.text
Size: - Virtual size: 1.2MB

.data
Size: - Virtual size: 92KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: - Virtual size: 4KB

.idata
Size: - Virtual size: 12KB

.didata
Size: - Virtual size: 4KB

.edata
Size: - Virtual size: 4KB

.vmp0
Size: - Virtual size: 2.5MB

.vmp1
Size: 2.8MB - Virtual size: 2.8MB

.reloc
Size: 512B - Virtual size: 248B

.rsrc
Size: 227KB - Virtual size: 226KB