87181ba168f4941217ff5f6b71c2db08fe8be1c6e09dbe534bb5f5a37e179fc1

Sharing

Copy URL

Twitter E-mail

General

Target

87181ba168f4941217ff5f6b71c2db08fe8be1c6e09dbe534bb5f5a37e179fc1
Size

142KB
MD5

6e4ec9371d4bbb40d10bc4e7ef1e0e40
SHA1

125ca1b33d36f214cd284685215108c4049e3c24
SHA256

87181ba168f4941217ff5f6b71c2db08fe8be1c6e09dbe534bb5f5a37e179fc1
SHA512

3a959bfa03480994c798333b2e5c94d3d3bf3792b3141154810f88fac124f22471beb1e47850e5f32eed3a9307f5ee6fcf8e469fde8dff392bb00dda8bd987b0
SSDEEP

3072:SFqDRzwQdRE1iX/Z9KciAULX7IC6utc4QKZq/He4R48RaXst2/m3/o3:fFwsBXDULLIC6uyqwfeQpAS/G

Score

N/A

Malware Config

Signatures

Files

87181ba168f4941217ff5f6b71c2db08fe8be1c6e09dbe534bb5f5a37e179fc1
.exe windows x86

98eca88b54565fac2eeae930554e0c9e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscat32

CryptCATCDFEnumAttributes
MsCatFreeHashTag
CryptCATAdminReleaseCatalogContext
CryptCATGetCatAttrInfo
CryptCATAdminEnumCatalogFromHash
CryptCATOpen
CryptCATCDFEnumMembersByCDFTagEx
CryptCATCDFEnumAttributesWithCDFTag
CryptCATStoreFromHandle

msvcirt

?rdbuf@ifstream@@QBEPAVfilebuf@@XZ
??6ostream@@QAEAAV0@PBE@Z
?xalloc@ios@@SAHXZ
?ends@@YAAAVostream@@AAV1@@Z
?setbuf@strstreambuf@@UAEPAVstreambuf@@PADH@Z
?setf@ios@@QAEJJJ@Z
?ipfx@istream@@QAEHH@Z
?fd@ifstream@@QBEHXZ
??_Diostream@@QAEXXZ
?get@istream@@QAEAAV1@PACHD@Z
?setmode@ifstream@@QAEHH@Z
??_Dostream@@QAEXXZ
?bad@ios@@QBEHXZ
??_Gistream@@UAEPAXI@Z
?sh_read@filebuf@@2HB
?str@strstreambuf@@QAEPADXZ
?sync@istream@@QAEHXZ
??0ostream_withassign@@QAE@ABV0@@Z
?hex@@YAAAVios@@AAV1@@Z
?write@ostream@@QAEAAV1@PBDH@Z
?seekoff@filebuf@@UAEJJW4seek_dir@ios@@H@Z
?flush@ostream@@QAEAAV1@XZ
??_Dofstream@@QAEXXZ
?fill@ios@@QAEDD@Z
??0streambuf@@IAE@PADH@Z
??0ofstream@@QAE@PBDHH@Z
??_8ostrstream@@7B@
??_Estreambuf@@UAEPAXI@Z
??1exception@@UAE@XZ
?unbuffered@streambuf@@IBEHXZ

regapi

RegWinStationEnumerateW
RegFreeUtilityCommandList
RegWinStationQueryA
RegWinStationSetSecurityW
RegGetMachinePolicy
RegWinStationQueryW
RegConsoleShadowQueryW
RegBuildNumberQuery
RegWdDeleteA
RegPdCreateA
RegPdEnumerateA
RegWinStationAccessCheck
RegWdEnumerateA
RegWinStationSetSecurityA
RegIsMachinePolicyAllowHelp
RegWinStationDeleteA
RegOpenServerA
RegOpenServerW
RegGetMachinePolicyEx
RegIsTServer
RegWdCreateA
RegWinStationCreateA
RegPdCreateW
RegPdDeleteA
WaitForTSConnectionsPolicyChanges
RegCdDeleteW
RegCloseServer
RegWinStationCreateW
RegGetTServerVersion
RegDenyTSConnectionsPolicy

serialui

drvSetDefaultCommConfigA
drvSetDefaultCommConfigW
drvCommConfigDialogA
drvGetDefaultCommConfigA
drvGetDefaultCommConfigW
drvCommConfigDialogW

kernel32

SetMailslotInfo
RemoveDirectoryA
GlobalGetAtomNameA
CreateSemaphoreA
GetSystemWow64DirectoryA
SetFileAttributesA
FreeLibrary
GetTimeZoneInformation
ReadConsoleOutputAttribute
EnumSystemLanguageGroupsA
BeginUpdateResourceA
GetVolumePathNameA
SetFileShortNameW
GlobalAlloc
GetConsoleInputExeNameA
MapViewOfFile
LoadLibraryW
GetThreadPriority
SetConsoleMenuClose
InitializeSListHead
OutputDebugStringW
EnumDateFormatsA
AddRefActCtx
GetCommMask

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

98eca88b54565fac2eeae930554e0c9e

Headers

File Characteristics

Imports

mscat32

msvcirt

regapi

serialui

kernel32

Sections

.text Size: 30KB - Virtual size: 30KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 104KB - Virtual size: 103KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 30KB - Virtual size: 30KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 104KB - Virtual size: 103KB

.rsrc
Size: 2KB - Virtual size: 1KB