2422404d7b56bbdd22b29332e7e37c6d24e1c0ec8a09248cd44728b1213f226f

Sharing

Copy URL Twitter E-mail

General

Target

2422404d7b56bbdd22b29332e7e37c6d24e1c0ec8a09248cd44728b1213f226f
Size

80KB
MD5

609de3e43791a6a33f3bbfb8cc8acce0
SHA1

fa517935fa2021954e1ab4ea48ac72450de41625
SHA256

2422404d7b56bbdd22b29332e7e37c6d24e1c0ec8a09248cd44728b1213f226f
SHA512

18df14921cc707fdc6fc031aa560ccf8efc14a658c835572dfb521ec4185875bcfbfea79cc51acd942e59d43a973141cb7cc4ce33727473ef6d4f478de2924ea
SSDEEP

1536:jzPnVSOXwY2d21pYU5s6fipwmGDlnCyLhPGhTwk1k:3Pn8OGdtUm6KWbVCyLt2V1

Score

N/A

Malware Config

Signatures

Files

2422404d7b56bbdd22b29332e7e37c6d24e1c0ec8a09248cd44728b1213f226f
.exe windows x86

837fe0e1019a8dc1dce497b8939ed089

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_NET_RUN_FROM_SWAP

Imports

kernel32

GetCurrentProcessId
QueryPerformanceCounter
VirtualAlloc
FlushViewOfFile
FindResourceW
GetCurrentThreadId
GetSystemTimeAsFileTime
GetVersionExA
MoveFileA

olecli32

LeCopy
ErrSetBounds
ErrSetData
LeChangeData
LeClose
DibChangeData
MfQueryBounds
OleIsDcMeta
GenGetData
BmGetData
OleSetColorScheme
GetTaskVisibleWindow
OleSavedClientDoc
GenSaveToStream
OleEnumObjects
LeUpdate
OleQueryType
OleCopyFromLink
MfGetData
BmCopy
OleCreateInvisible
OleLoadFromStream
LeObjectLong
LeQueryOutOfDate
DibEnumFormat
ObjQueryType
GenRelease
ErrClose
DibSaveToStream
DefCreateFromFile
OleQueryOutOfDate
LeShow
MfEnumFormat
GenEqual
LeQueryProtocol
OleCreate
BmEnumFormat
ErrQueryOutOfDate
LeDraw
LeSaveToStream
OleGetData

user32

SetMessageQueue
GrayStringW
DdeInitializeW
CharToOemW
SwitchToThisWindow
GetWindowTextLengthA
GetMenuItemInfoW
GetTaskmanWindow
ActivateKeyboardLayout
GetSystemMenu
GetClassWord
SendIMEMessageExA
BeginPaint
IsCharLowerW
SystemParametersInfoA
DispatchMessageW
WaitMessage
DrawEdge
SetScrollRange
EnumPropsExA
CharNextA
GetAltTabInfoW
ShowWindowAsync
GetUpdateRgn
CreateWindowStationW
IsDlgButtonChecked
GetMessageExtraInfo
MessageBoxA
ValidateRgn
ChangeDisplaySettingsExW
MapVirtualKeyExA
DrawTextW
GetSysColorBrush
GetWindowPlacement
RegisterClipboardFormatW
ChildWindowFromPoint
ToAsciiEx

msvcrt

floor
_CIatan
iswxdigit
__p__commode
strcoll
_wmkdir
__p__acmdln
_mbscmp
ceil
_isctype
__setlc_active
fgetws
signal
_wstat
__set_app_type
__lc_collate_cp
_tell
ferror
_CIsinh
__fpecode
_wsystem

rtm

RtmAddNextHop
MgmGetProtocolOnInterface
RtmIsRoute
RtmDeleteRouteToDest
MgmGetMfeStats
RtmFindNextHop
RtmBlockMethods
RtmInvokeMethod
MgmGroupEnumerationEnd
DestroyTable
RtmGetDestInfo
RtmDequeueRouteChangeMessage
RtmReleaseRouteInfo
MgmGetFirstMfeStats
RtmIgnoreChangedDests
RtmReleaseDests
RtmGetAddressFamilyInfo
RtmRegisterForChangeNotification
MgmGetFirstMfe
MgmDeleteGroupMembershipEntry
RtmUpdateAndUnlockRoute
MgmGroupEnumerationStart
RtmGetFirstRoute
RtmReleaseDestInfo
RtmGetNextRoute
RtmGetChangeStatus
RtmDeleteRouteList
RtmDeregisterFromChangeNotification
RtmGetNextHopPointer
MgmTakeInterfaceOwnership
RtmRegisterEntity
RtmAddRouteToDest
RtmReleaseChangedDests
DeleteFromTable
RtmReleaseEntities

Sections

.text
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 820B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

837fe0e1019a8dc1dce497b8939ed089

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

olecli32

user32

msvcrt

rtm

Sections

.text Size: 74KB - Virtual size: 73KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 1024B - Virtual size: 820B

.text
Size: 74KB - Virtual size: 73KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 1024B - Virtual size: 820B