7a7dadb423db43e0730ff38a5bf93fa5ad02f18607980b39a58b3e5276b3e9ce

Sharing

Copy URL Twitter E-mail

General

Target

7a7dadb423db43e0730ff38a5bf93fa5ad02f18607980b39a58b3e5276b3e9ce
Size

855KB
MD5

6523d5796b167a84ec2c04c4c9fb4bc5
SHA1

a214f5b7e5fe0a94fa69ce363e59fba7c0e900bd
SHA256

7a7dadb423db43e0730ff38a5bf93fa5ad02f18607980b39a58b3e5276b3e9ce
SHA512

d1510137466cf6caffcec0a73bb538d93c37755867cbee668c334e33623c617c64af1becc6a00a58d3bf69a4701b702a61e525f8d5011f532223c20133847c41
SSDEEP

24576:l8EC1sFJK/FE1QQC0sDGj57kzTlYgH7eGv3QwLFqdDiMA:RmgJK/FE1S0sDGjNYe+QwLFW

Score

N/A

Malware Config

Signatures

Files

7a7dadb423db43e0730ff38a5bf93fa5ad02f18607980b39a58b3e5276b3e9ce
.exe windows x86

8fda279bb58bbbd627b18a7ecc6104ea

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

FindNextUrlCacheContainerW
DeleteUrlCacheEntryA
FindFirstUrlCacheEntryW
GetUrlCacheGroupAttributeW
InternetConnectW
FtpGetFileA
FtpGetFileEx
InternetOpenUrlW
FtpCreateDirectoryA
DeleteUrlCacheEntry
InternetGetConnectedState
InternetSetOptionA
FtpFindFirstFileW
InternetCheckConnectionA
InternetCheckConnectionW
InternetSetPerSiteCookieDecisionA
IsUrlCacheEntryExpiredA

mspatcha

ApplyPatchToFileByHandles
ApplyPatchToFileW
GetFilePatchSignatureW
ApplyPatchToFileA
ApplyPatchToFileExW
GetFilePatchSignatureA
TestApplyPatchToFileW
TestApplyPatchToFileA
ApplyPatchToFileByHandlesEx
TestApplyPatchToFileByHandles
GetFilePatchSignatureByHandle
ApplyPatchToFileExA

t2embed

_TTDeleteEmbeddedFont@12
TTEmbedFont
TTGetEmbeddingType
TTIsEmbeddingEnabledForFacename
_TTEmbedFontFromFileA@52
TTEmbedFontEx
TTCharToUnicode
TTIsEmbeddingEnabled
TTLoadEmbeddedFont
_TTCharToUnicode@24
TTRunValidationTestsEx
TTRunValidationTests
TTGetNewFontName
TTDeleteEmbeddedFont
_TTEnableEmbeddingForFacename@8
_TTLoadEmbeddedFont@40
_TTRunValidationTests@8
_TTEmbedFont@44
_TTIsEmbeddingEnabled@8
_TTGetEmbeddingType@8
_TTGetEmbeddedFontInfo@28
TTEmbedFontFromFileA

kernel32

LZCopy
HeapSetInformation
FindCloseChangeNotification
GetDiskFreeSpaceA
GetPrivateProfileStringA
UpdateResourceW
LoadLibraryA
EnumDateFormatsExA
Module32Next
RtlUnwind
LZSeek
InitializeCriticalSection
VirtualAlloc
SetCurrentDirectoryW
SetTimerQueueTimer
GetConsoleKeyboardLayoutNameW
BaseDumpAppcompatCache
ReadFileEx
SetTimeZoneInformation
GetTickCount
IsValidCodePage
EndUpdateResourceA

esent

JetCreateTableColumnIndex
JetDelete@8
JetCloseFileInstance
JetGetCursorInfo
JetGetDatabaseInfo
JetSetLS
JetCreateInstance2
JetMove@16
JetGetLock
JetGetLogInfoInstance2
JetCreateTable
JetSetCurrentIndex4
JetEnableMultiInstance
JetBackupInstance
JetIdle
JetResetTableSequential
JetGetTableIndexInfo
JetSetCurrentIndex
JetRestoreInstance

ws2_32

listen
WSASendTo
gethostbyname
select
inet_ntoa
htons
WSCInstallNameSpace
WSAStartup
getservbyname
WSARemoveServiceClass
WSADuplicateSocketW
WSASend
WSAGetServiceClassInfoA
ntohl
WSARecvFrom
WSASocketA
WSACloseEvent
WSALookupServiceBeginA
WSAConnect
WSCWriteProviderOrder
WSAStringToAddressW
WSALookupServiceNextA
send

Sections

.text
Size: 747KB - Virtual size: 746KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8fda279bb58bbbd627b18a7ecc6104ea

Headers

DLL Characteristics

File Characteristics

Imports

wininet

mspatcha

t2embed

kernel32

esent

ws2_32

Sections

.text Size: 747KB - Virtual size: 746KB

.rdata Size: 99KB - Virtual size: 99KB

.data Size: 5KB - Virtual size: 1.4MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 747KB - Virtual size: 746KB

.rdata
Size: 99KB - Virtual size: 99KB

.data
Size: 5KB - Virtual size: 1.4MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB