e995799d460ce90fdfa3d0d767ec839b4ea9bd3bab8fbeaf9c2d2ecedca1839f

Sharing

Copy URL Twitter E-mail

General

Target

e995799d460ce90fdfa3d0d767ec839b4ea9bd3bab8fbeaf9c2d2ecedca1839f
Size

635KB
MD5

6bef6fab6a91c9d6c9eea8426513d6e0
SHA1

cd840c8039b2f618b8a1cb34ad806208f8c47950
SHA256

e995799d460ce90fdfa3d0d767ec839b4ea9bd3bab8fbeaf9c2d2ecedca1839f
SHA512

6c8f0737c2f310a0ca10a104041944ceb48eba96dece4632631ad49348ae9d18dddbd304df1c9d6c483161dc1f4485c0ba3d54114429f07535eba7d866248968
SSDEEP

12288:CO+psH15CrGS4L3bXkEyqhU8F5j1mVdOlEHqbGaTPJup:CxpsjCKS4LrXdC8HJ28CKbXRo

Score

N/A

Malware Config

Signatures

Files

e995799d460ce90fdfa3d0d767ec839b4ea9bd3bab8fbeaf9c2d2ecedca1839f
.exe windows x86

2890cfa308da8494fe6125cd7097bfe4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VariantInit
SafeArrayDestroyData
GetAltMonthNames
VarCyCmp
VarFormatCurrency
SafeArrayAccessData
VarUI4FromR4
VarCyFromR4
VarR4FromI2
VarI1FromI4
VarCyFromDate
VarCyFromI2
VarDecNeg
VarBstrFromR8
DispGetIDsOfNames
VarDecFromUI1
VarR8FromUI4
SafeArrayAllocDescriptorEx
VarUI2FromI2
VarUI2FromR8
VarR4FromUI4
VarR8FromI2
GetRecordInfoFromTypeInfo
VarDecDiv
VarXor
VarCyFromUI1
DispInvoke
VarDateFromI2
VarBoolFromUI4
SafeArrayPutElement
VarDateFromR8
VarI4FromBool
VarDecFromUI4
VarI2FromCy
VarBoolFromUI1
VarBstrFromUI2
VectorFromBstr
VarR4FromDate
VarFix
VarI4FromStr
VarI1FromBool
SafeArrayPtrOfIndex
QueryPathOfRegTypeLi
VarCyFromI1
VarDateFromUI4
VarR8FromStr
VarUI1FromDec
VarDiv
VarCySu
VarNeg
SysReAllocString
VarBoolFromI1
VarEqv
VarCyFromUI4
VarBstrFromDate
VarDateFromUdate
VarR8FromCy
VARIANT_UserUnmarshal
VarDecInt
VarI2FromDate
VarR4FromUI1
VarR8FromDate
VarUI1FromR8
SafeArrayUnlock
BSTR_UserFree
VarUI1FromUI2
VarR8FromDisp
VarFormatNumber
VarCyAbs
VarAnd
VarI4FromDate
VarR8FromI4
VarCyFromBool
VarBstrFromI4
LPSAFEARRAY_UserFree
VarDateFromI4
VarBstrFromI1
VarI2FromBool
VarCyFromR8
VarDecAbs
SafeArrayGetVartype
VarBstrFromR4
VarR4FromI4
SafeArrayCreateVectorEx
VarWeekdayName
VarPow
VarUI1FromBool
VarI1FromI2
GetActiveObject
SystemTimeToVariantTime
VarI4FromUI4
VarR8FromR4
VarBoolFromDisp
SafeArraySetRecordInfo
SysStringByteLen
LPSAFEARRAY_UserSize
VarI1FromUI1
VarCyFix
SafeArrayCreateVector
VarUI1FromI4
VarDecCmpR8
VarI4FromCy
VarDecCmp
VarUI1FromCy
VarR8FromUI1
VarI4FromI1
VarUI4FromDec
SafeArrayGetDim
VarI1FromUI2
VarBstrFromI2
VarDecFromI2
UnRegisterTypeLi
SafeArrayAllocData
GetRecordInfoFromGuids
RevokeActiveObject
VarR4FromStr
VarBoolFromI4
VarI4FromR4
VarR8FromDec
OleSavePictureFile
VarDateFromDisp
VarI2FromStr
VarCyInt
VarI2FromDisp
VarDecFromR4
LPSAFEARRAY_UserUnmarshal
VarBoolFromR8
VarRound
VarDecFromR8
OleLoadPictureFile
VarFormat
VarI1FromUI4
VarBoolFromDate
VarCyMul
VarI1FromR8
VarDecFromBool
VarDecAdd
VarDecSu
VarI4FromI2
VarMul
VarFormatPercent
VarDateFromDec
VarUI2FromI4
VarUI4FromDate
SafeArrayGetLBound
SafeArrayCopyData
OaBuildVersion
VarCyFromDec
VarCyAdd
VarBoolFromR4
VarR4FromDisp
VarDecFromUI2
VarI2FromR4
VarBoolFromUI2
VarSu

comctl32

ImageList_Merge
ImageList_Add
ImageList_DrawEx
ImageList_GetIconSize
ord6
InitializeFlatSB
ord8
ImageList_GetImageCount
ImageList_SetOverlayImage
ImageList_SetDragCursorImage
FlatSB_GetScrollPos
ImageList_BeginDrag
PropertySheetW
FlatSB_SetScrollPos
ImageList_SetImageCount
UninitializeFlatSB

advapi32

LookupSecurityDescriptorPartsA

user32

EnableWindow

msvcrt

_initterm
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
__CxxFrameHandler
exit
_setmbcp
_controlfp

kernel32

GetCPInfoExA
GetStartupInfoA
GetModuleHandleA

mfc42

ord5241
ord4407
ord1775
ord4078
ord6052
ord4998
ord4853
ord4376
ord5265
ord4234
ord641
ord2514
ord561
ord3738
ord4424
ord4622
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord2385
ord4465
ord3259
ord3147
ord2982
ord5714
ord5289
ord5307
ord4698
ord4079
ord2725
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord815
ord4274
ord4673
ord5163
ord6374
ord5280
ord4353
ord1576
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord4425
ord3597
ord324
ord3136
ord1168

Sections

.text
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 376KB - Virtual size: 374KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2890cfa308da8494fe6125cd7097bfe4

Headers

File Characteristics

Imports

oleaut32

comctl32

advapi32

user32

msvcrt

kernel32

mfc42

Sections

.text Size: 76KB - Virtual size: 72KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 5KB

.rsrc Size: 376KB - Virtual size: 374KB

.text
Size: 76KB - Virtual size: 72KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 376KB - Virtual size: 374KB