c92650a6bbdf0337441213747ebaa9c34db7e077333d0dd40bc78034ee71037e

Sharing

Copy URL Twitter E-mail

General

Target

c92650a6bbdf0337441213747ebaa9c34db7e077333d0dd40bc78034ee71037e
Size

823KB
MD5

4a898a4155a7e6db776d74a6981a63c5
SHA1

4127cee1b734a8b0328bc8109ba113e1becc7d11
SHA256

c92650a6bbdf0337441213747ebaa9c34db7e077333d0dd40bc78034ee71037e
SHA512

7da22edc2121ec6d360c9e0ca2f4efb7ad0e8eda2e941c9f1cb3d6922930b6e0869762f9ffeec4ab65c27a65cdf1ff07b8feec0b8fb31389939affdeb852ef2e
SSDEEP

24576:GYJ5bccDLreCxDdOhFVYVpGI1C3LHIbl:GKbccD3KhTUG8C7H

Score

N/A

Malware Config

Signatures

Files

c92650a6bbdf0337441213747ebaa9c34db7e077333d0dd40bc78034ee71037e
.exe windows x86

093b82cdb98997ecaa18ef0c9b6f8501

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueueUserWorkItem
ProcessIdToSessionId
LockResource
GetComputerNameW
FindFirstFileA
SetTapePosition
GetConsoleFontInfo
ReleaseActCtx
DeleteAtom
GetLongPathNameA
GetExitCodeThread
WriteProfileStringA
PostQueuedCompletionStatus
UnregisterWait
WritePrivateProfileSectionW
Module32NextW
DebugBreak
QueryInformationJobObject
GetModuleHandleA
SetLocalTime
GetCompressedFileSizeW
GetConsoleAliasExesA
ReadFileEx
BaseUpdateAppcompatCache
GetDefaultCommConfigA
GetLastError
EnumSystemLanguageGroupsA
QueryPerformanceCounter
LoadLibraryA
QueryDepthSList
GlobalWire
DebugBreakProcess
GetGeoInfoW
GetNumaAvailableMemoryNode
VirtualQueryEx
BuildCommDCBAndTimeoutsA
ExitProcess
SetConsoleCP
CreateHardLinkW
LZCreateFileW
TerminateJobObject
GetFileSize
SetFileAttributesW
EnumResourceLanguagesA
GetVolumePathNamesForVolumeNameW
IsBadStringPtrW
FormatMessageW
ConvertDefaultLocale
GetCalendarInfoA
GetSystemTimeAsFileTime
TlsGetValue
OpenWaitableTimerA
FindAtomA
ReadFile
HeapSetInformation
ReleaseSemaphore
ExpungeConsoleCommandHistoryA
SetThreadUILanguage
SetCommConfig
CreateMutexA
CreateIoCompletionPort
lstrcpynA
VirtualAlloc
FillConsoleOutputAttribute
SetCommState
EnumCalendarInfoExW
CancelTimerQueueTimer
GetConsoleKeyboardLayoutNameW

mscat32

CryptCATAdminAcquireContext
CryptCATPutMemberInfo
CryptCATGetCatAttrInfo
CryptCATEnumerateCatAttr
CryptCATEnumerateAttr
CryptCATPersistStore
CryptCATCDFOpen
MsCatFreeHashTag
CryptCATAdminCalcHashFromFileHandle
CryptCATAdminEnumCatalogFromHash
IsCatalogFile
CryptCATPutCatAttrInfo
CryptCATVerifyMember
CryptCATAdminReleaseCatalogContext
CryptCATCDFEnumAttributes
CryptCATCDFEnumAttributesWithCDFTag
CryptCATGetAttrInfo
CryptCATAdminReleaseContext
CryptCATEnumerateMember
CryptCATStoreFromHandle
CatalogCompactHashDatabase
CryptCATGetMemberInfo
CryptCATCDFEnumMembersByCDFTag
CryptCATClose
MsCatConstructHashTag
CryptCATCDFClose
CryptCATAdminAddCatalog
CryptCATHandleFromStore
CryptCATOpen
CryptCATPutAttrInfo
CryptCATCDFEnumMembers
CryptCATCatalogInfoFromContext
CryptCATCDFEnumMembersByCDFTagEx
CryptCATCDFEnumCatAttributes

inetcomm

MimeOleGetFileExtension
HrGetAttachIconByFile
MimeOleConvertEnrichedToHTML
MimeEditCreateMimeDocument
MimeOleGetAllocator
MimeOleFileTimeToInetDate
HrGetAttachIcon
MimeOleGetPropW
HrAttachDataFromFile
CreateNNTPTransport
EssMLHistoryDecodeEx
HrGetLastOpenFileDirectoryW
HrGetLastOpenFileDirectory
CreateIMAPTransport
MimeOleSetPropA
EssKeyExchPreferenceDecodeEx
MimeEditIsSafeToRun
MimeOleGetCertsFromThumbprints
MimeOleOpenFileStream
MimeOleAlgNameFromSMimeCap
MimeOleGetCodePageInfo
MimeOleAlgStrengthFromSMimeCap
MimeOleDecodeHeader
MimeEditViewSource
EssReceiptRequestDecodeEx

msvcrt

_unlink
??1bad_typeid@@UAE@XZ
_set_SSE2_enable
_Strftime
_aexit_rtn
strncmp
?_query_new_mode@@YAHXZ
_wcsdup
_loaddll
_safe_fprem1
sscanf
__CxxQueryExceptionSize
__dllonexit
_jn
_mbslen
perror
_strnicoll
_CIacos
??0exception@@QAE@XZ
__p__fileinfo
_snprintf
_mbsncat
??_Ebad_typeid@@UAEPAXI@Z
gets
exit
_wcsset
_ismbcspace
_wstrdate
__p__commode
__getmainargs
__set_app_type
__p__dstbias
isupper
??_7exception@@6B@
_eof
feof
_setmaxstdio
_wfindnext64

cfgmgr32

CM_Set_DevNode_Registry_PropertyA
CM_Is_Dock_Station_Present
CM_Reenumerate_DevNode
CM_Get_Device_ID_List_ExA
CM_Delete_Range
CM_Enable_DevNode_Ex
CM_Enumerate_Enumerators_ExA
CM_Get_Global_State_Ex
CM_Get_Device_Interface_AliasW
CM_Query_Arbitrator_Free_Data
CMP_WaitNoPendingInstallEvents
CM_Set_HW_Prof_FlagsA
CM_Query_Resource_Conflict_List
CM_Get_Device_ID_List_ExW
CM_Get_Hardware_Profile_Info_ExA
CM_Set_HW_Prof_FlagsW
CM_Get_Hardware_Profile_Info_ExW
CM_Register_Device_Interface_ExA
CM_Get_Next_Log_Conf_Ex
CM_Free_Log_Conf_Handle
CMP_WaitServicesAvailable
CM_Get_First_Log_Conf_Ex
CM_Get_HW_Prof_FlagsA
CM_Free_Range_List
CM_Free_Res_Des
CM_Open_Class_KeyA
CM_Disable_DevNode
CM_Add_Empty_Log_Conf_Ex
CM_Next_Range
CM_Query_Remove_SubTree
CM_Connect_MachineA
CM_Unregister_Device_Interface_ExW
CM_Get_Sibling_Ex

user32

EndDialog

Sections

.text
Size: 382KB - Virtual size: 382KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 180KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 151KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 996B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

093b82cdb98997ecaa18ef0c9b6f8501

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

mscat32

inetcomm

msvcrt

cfgmgr32

user32

Sections

.text Size: 382KB - Virtual size: 382KB

.rdata Size: 108KB - Virtual size: 107KB

.data Size: 180KB - Virtual size: 1.6MB

.rsrc Size: 151KB - Virtual size: 150KB

.reloc Size: 1024B - Virtual size: 996B

.text
Size: 382KB - Virtual size: 382KB

.rdata
Size: 108KB - Virtual size: 107KB

.data
Size: 180KB - Virtual size: 1.6MB

.rsrc
Size: 151KB - Virtual size: 150KB

.reloc
Size: 1024B - Virtual size: 996B