f3580876881304f48804976977345318aca4f7791e8abef094127d3ca12a4ccb

Sharing

Copy URL Twitter E-mail

General

Target

f3580876881304f48804976977345318aca4f7791e8abef094127d3ca12a4ccb
Size

846KB
MD5

6b8d39f4d2cee7ce67070592833e52f3
SHA1

5f3ca332acb5edac05d5a9a6ca44e28d58bd389a
SHA256

f3580876881304f48804976977345318aca4f7791e8abef094127d3ca12a4ccb
SHA512

d9b70259b079834b05ea44deebf3899e40ee8787767df01622835d96f278f981587d3258667ceaeae0d986bbb4db8133470295ead9ec8582cbf71ebf38128068
SSDEEP

24576:hB5b8GN0DxBlWojBBry648aDsUbu6oIl:f/cxBl9lS8aDZbu3O

Score

N/A

Malware Config

Signatures

Files

f3580876881304f48804976977345318aca4f7791e8abef094127d3ca12a4ccb
.exe windows x86

0044e832b6b22c17666d937199cef437

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumResourceLanguagesW
GetCommState
EnumLanguageGroupLocalesW
SetConsoleCursorMode
RemoveLocalAlternateComputerNameA
LoadLibraryA
InitializeCriticalSection
GetConsoleWindow
GlobalFree
HeapCompact
GetStringTypeExA
IsValidCodePage
SetFirmwareEnvironmentVariableW
SetConsoleKeyShortcuts
MultiByteToWideChar
VirtualAlloc
BackupSeek
ReadDirectoryChangesW
GetNamedPipeInfo
FindCloseChangeNotification

wintrust

mscat32DllRegisterServer
CryptCATGetAttrInfo
CryptCATAdminEnumCatalogFromHash
WVTAsn1SpcIndirectDataContentEncode
DriverFinalPolicy
SoftpubCheckCert
WintrustRemoveActionID
TrustFreeDecode
GenericChainCertificateTrust
WTHelperGetProvSignerFromChain
CryptCATStoreFromHandle
WintrustGetRegPolicyFlags
CryptCATCDFEnumMembersByCDFTagEx
CatalogCompactHashDatabase
AddPersonalTrustDBPages
TrustOpenStores
WTHelperCheckCertUsage
SoftpubFreeDefUsageCallData

msvcrt

putchar
_tzset
_lseeki64
_local_unwind2
_wfsopen
_mbsncat
_logb
_ui64tow
__unguarded_readlc_active
_tzname
_gcvt
_getmaxstdio
_getdiskfree
_ismbbprint
??_Eexception@@UAEPAXI@Z
_safe_fdiv
_CxxThrowException
wcsstr
_wexecve
_nextafter
??0bad_typeid@@QAE@ABV0@@Z
??0bad_typeid@@QAE@PBD@Z
_i64tow
_futime

msvcirt

??_Gstrstreambuf@@UAEPAXI@Z
?clrlock@streambuf@@QAEXXZ
??4ostream@@IAEAAV0@ABV0@@Z
?setbuf@fstream@@QAEPAVstreambuf@@PADH@Z
?setlock@streambuf@@QAEXXZ
??0filebuf@@QAE@XZ
??_8fstream@@7Bostream@@@
?get@istream@@QAEAAV1@AAD@Z
??_7ostrstream@@6B@
?clear@ios@@QAEXH@Z
?stdiofile@stdiobuf@@QAEPAU_iobuf@@XZ
??1filebuf@@UAE@XZ
??0logic_error@@QAE@ABQBD@Z
?attach@ifstream@@QAEXH@Z
?dec@@YAAAVios@@AAV1@@Z
?x_lockc@ios@@0U_CRT_CRITICAL_SECTION@@A
?eatwhite@istream@@QAEXXZ
??0ios@@IAE@XZ
?setmode@fstream@@QAEHH@Z
??5istream@@QAEAAV0@AAH@Z
??0strstreambuf@@QAE@P6APAXJ@ZP6AXPAX@Z@Z
?endl@@YAAAVostream@@AAV1@@Z
?fd@filebuf@@QBEHXZ
??_Dstrstream@@QAEXXZ

wsnmp32

SnmpStrToOid
SnmpDecodeMsg
SnmpGetRetry
SnmpCleanup
SnmpFreePdu
SnmpFreeEntity
SnmpSetTranslateMode
SnmpClose
SnmpSendMsg
SnmpStartup
SnmpFreeContext
_SnmpConveyAgentAddress@4
SnmpCountVbl
SnmpGetVendorInfo
SnmpGetLastError
SnmpGetTimeout
SnmpCreateSession
SnmpEntityToStr
SnmpSetPduData
SnmpGetPduData
SnmpCreatePdu
SnmpGetRetransmitMode
SnmpOidCompare
SnmpFreeVbl
SnmpOpen

rtm

RtmGetEnumRoutes
MgmGroupEnumerationStart
RtmGetNextHopInfo
CreateTable
MgmTakeInterfaceOwnership
RtmCreateEnumerationHandle
BestMatchInTable
RtmGetExactMatchRoute
MgmAddGroupMembershipEntry
RtmGetAddressFamilyInfo
RtmBlockDeleteRoutes
RtmDeregisterEntity
RtmLockNextHop
MgmGetFirstMfeStats
RtmReferenceHandles
RtmGetEnumNextHops
InsertIntoTable
RtmGetOpaqueInformationPointer
RtmDeleteRouteTable
RtmCreateRouteEnum
RtmGetRoutePointer
RtmCreateNextHopEnum
RtmDeleteNextHop

user32

EndDialog
MessageBoxA

shell32

SHGetMalloc

Sections

.text
Size: 746KB - Virtual size: 745KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 916B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0044e832b6b22c17666d937199cef437

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

wintrust

msvcrt

msvcirt

wsnmp32

rtm

user32

shell32

Sections

.text Size: 746KB - Virtual size: 745KB

.rdata Size: 91KB - Virtual size: 90KB

.data Size: 5KB - Virtual size: 1.5MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 916B

.text
Size: 746KB - Virtual size: 745KB

.rdata
Size: 91KB - Virtual size: 90KB

.data
Size: 5KB - Virtual size: 1.5MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 916B