308e929a6159837bfd00254a2a0eb4ca5617b23851044f39835a0f73fda18230

Sharing

Copy URL

Twitter E-mail

General

Target

308e929a6159837bfd00254a2a0eb4ca5617b23851044f39835a0f73fda18230
Size

120KB
MD5

b84615094beeac27936f9d8838bba53c
SHA1

03c41583b675686e05c855c2e891387c88df1933
SHA256

308e929a6159837bfd00254a2a0eb4ca5617b23851044f39835a0f73fda18230
SHA512

06e49d5b95e5c601b8813fe21ae3bb0563e5231171b6655eb34a97403fb51d9e0e171d66907958c112cd6b43a61f57e101b6c3a691e8b843a1566c6fd61a621e
SSDEEP

3072:VpG27a9oZMdfHh5jdl2qJjULtTNupQyEC6pxhhfm5OcV:TyRItTNKr2f45

Score

N/A

Malware Config

Signatures

Files

308e929a6159837bfd00254a2a0eb4ca5617b23851044f39835a0f73fda18230
.exe windows x86

2b576ae4b5547da88af6f5017f0c0323

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comsvcs

CoLoadServices
SafeRef
CoCreateActivity

shlwapi

UrlHashA
UrlUnescapeA
PathCombineA
PathIsRootA
UrlGetPartA
PathCommonPrefixA
UrlCreateFromPathA
UrlIsW
UrlCompareA
UrlCanonicalizeW
UrlCombineA
UrlIsNoHistoryA
UrlEscapeA
UrlGetLocationA

shell32

SHGetFileInfoA
SHDefExtractIconA
StrChrW
ShellMessageBoxW
FindExecutableW
DllRegisterServer
StrStrA
SHFileOperationW
StrRChrA
ExtractIconW

crypt32

CertControlStore
CertFindRDNAttr
CertEnumPhysicalStore
CertOpenStore
CertFindChainInStore
CertFindCTLInStore
CertNameToStrA
CryptMsgUpdate
CertDuplicateCTLContext
CryptEnumOIDInfo
CryptMemRealloc
CryptHashMessage
CertFindExtension
CryptMemFree
CertEnumSystemStore

kernel32

LoadLibraryA
LeaveCriticalSection
GetShortPathNameA
lstrcmpiA
OpenFileMappingA
GetEnvironmentVariableA
GetProcessHeap
lstrcmpiA
lstrcmpiA
CreateFileMappingA
LoadLibraryExA
FindFirstFileA
HeapReAlloc
GetStartupInfoW
GetStringTypeA
GetProcAddress
GetModuleHandleA
GetACP
lstrcmpiA

modemui

drvSetDefaultCommConfigA
InvokeControlPanel
drvCommConfigDialogA
drvGetDefaultCommConfigA

Exports

Exports

maki

Sections

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.odata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b576ae4b5547da88af6f5017f0c0323

Headers

DLL Characteristics

File Characteristics

Imports

comsvcs

shlwapi

shell32

crypt32

kernel32

modemui

Exports

Exports

Sections

.text Size: 35KB - Virtual size: 35KB

.tdata Size: 6KB - Virtual size: 6KB

.odata Size: 3KB - Virtual size: 3KB

.rsrc Size: 74KB - Virtual size: 73KB

.text
Size: 35KB - Virtual size: 35KB

.tdata
Size: 6KB - Virtual size: 6KB

.odata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 74KB - Virtual size: 73KB