0708bccd05d335a10fa2dac53fb7cecec72da0cc47a3fa0ae7435dcfdceee281

Sharing

Copy URL Twitter E-mail

General

Target

0708bccd05d335a10fa2dac53fb7cecec72da0cc47a3fa0ae7435dcfdceee281
Size

868KB
MD5

6346231536d374e86af27e8a3c01736d
SHA1

1f7a9dcc3f4b35b62fa2e1085cb427507844b2a6
SHA256

0708bccd05d335a10fa2dac53fb7cecec72da0cc47a3fa0ae7435dcfdceee281
SHA512

a13a26f84d935f0fb7890e2dd4147d8e00be1dfbe2312645afd1c247679f316479c52d101fc18d70317c8cc8ba43e9086208af7b2aea4ad365f27adc97978191
SSDEEP

24576:YiMPDJrZUWXzF75doGmBV5cPDgvHG9T4Hpi3FBoW:vMPDsiZ7/q6DgfyMo1D

Score

N/A

Malware Config

Signatures

Files

0708bccd05d335a10fa2dac53fb7cecec72da0cc47a3fa0ae7435dcfdceee281
.exe windows x86

2351f7da0df18004b030747c40f93dfd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumDateFormatsA
GlobalHandle
GetStringTypeW
VerifyConsoleIoHandle
FreeLibrary
GetVersion
EnumSystemCodePagesA
SetMessageWaitingIndicator
GlobalSize
WriteConsoleInputVDMW
WriteProfileStringA
GetLocalTime
GlobalUnlock
SetSystemPowerState
CreateHardLinkA
BindIoCompletionCallback
DisconnectNamedPipe
FindFirstFileExW
VirtualFree
GetProcessPriorityBoost
LoadLibraryA
DefineDosDeviceA
ReadFileEx
CreateMutexA
HeapDestroy
ReadFileScatter
GetSystemTimeAsFileTime
DebugActiveProcessStop
GetThreadSelectorEntry
SetProcessWorkingSetSize
GetConsoleProcessList
DeleteFiber
SetComputerNameA
GetDiskFreeSpaceExW
AddConsoleAliasW
FatalAppExitA
GetAtomNameW
WriteConsoleOutputW
LZInit
EnumSystemCodePagesW
GetVolumePathNameA
GetFileType
GetNamedPipeHandleStateW
lstrcpyW
LoadLibraryExW
GetStdHandle
GetComputerNameExW
GetConsoleCommandHistoryLengthA
EnumCalendarInfoExW
GetThreadPriorityBoost
GetTimeZoneInformation
InitializeCriticalSection
HeapAlloc
ReleaseSemaphore
FlushInstructionCache
TermsrvAppInstallMode
FillConsoleOutputCharacterA
CommConfigDialogW
LocalCompact
PrivCopyFileExW
GetStringTypeExA
GetVolumeInformationA
GetConsoleInputExeNameW
ReadProcessMemory
GetTapeParameters
GlobalFindAtomW
GetSystemWow64DirectoryW
SetConsoleNlsMode
CreateWaitableTimerW
GetConsoleCommandHistoryA
EnumCalendarInfoA
MulDiv
GetConsoleMode
ClearCommError
GetQueuedCompletionStatus
ConvertDefaultLocale
VirtualAlloc
GetModuleHandleExW
GetFileSize
OpenSemaphoreA
ResetWriteWatch
GetNumaAvailableMemoryNode
GetLocaleInfoA

ntdll

RtlImageNtHeader
RtlDllShutdownInProgress
LdrProcessRelocationBlock
ZwQueryDebugFilterState
NtAddAtom
ZwGetWriteWatch
RtlSetThreadPoolStartFunc
NtSignalAndWaitForSingleObject
cos
strtol
ZwSetInformationKey
DbgBreakPoint
NtUnloadDriver
memset
NtAcceptConnectPort
DbgUiGetThreadDebugObject
ZwMapViewOfSection
ZwQueryEvent
RtlIpv4StringToAddressW
NtSetSystemPowerState
_CIpow
NtIsProcessInJob
RtlEqualSid
LdrAccessResource
NtClose
RtlDeleteAtomFromAtomTable
ZwAllocateUuids
NtLockFile
RtlCreateHeap
ZwPrivilegeCheck
RtlFreeUnicodeString
RtlPcToFileHeader
CsrCaptureMessageString
ZwNotifyChangeDirectoryFile
CsrCaptureMessageMultiUnicodeStringsInPlace
ZwSetSystemTime
NtSetSystemInformation
NtResumeThread
ZwLockProductActivationKeys
RtlSetLastWin32ErrorAndNtStatusFromNtStatus
ZwQueryPerformanceCounter
_ui64toa
ZwDeleteAtom

wininet

InternetSetFilePointer
FtpGetFileW
FtpDeleteFileA
CreateUrlCacheGroup
FtpCreateDirectoryA
HttpSendRequestExW
InternetSetStatusCallbackW
InternetCloseHandle
InternetQueryFortezzaStatus
FtpPutFileEx
InternetWriteFileExW
InternetUnlockRequestFile
InternetClearAllPerSiteCookieDecisions
SetUrlCacheHeaderData
InternetGetPerSiteCookieDecisionA
DeleteUrlCacheContainerA
InternetDialA
InternetAlgIdToStringW
InternetGetCookieExA
FindCloseUrlCache
InternetSetCookieExW
InternetDial
InternetFindNextFileW
InternetSetCookieA
InternetSetOptionW
InternetHangUp
DeleteUrlCacheEntryA
InternetCrackUrlW
InternetDialW
InternetGetPerSiteCookieDecisionW
RetrieveUrlCacheEntryStreamA
HttpQueryInfoW
FindFirstUrlCacheContainerA
ParseX509EncodedCertificateForListBoxEntry
GetUrlCacheEntryInfoA
CommitUrlCacheEntryA
GetUrlCacheEntryInfoExW
InternetOpenW
FindNextUrlCacheGroup

olecli32

DocWndProc
ConnectDlgProc
MfEnumFormat
BmEnumFormat
PbDraw
OleQueryLinkFromClip
DefCreateInvisible
ErrUpdate
OleReconnect
OleQueryReleaseMethod
DefCreateLinkFromFile
DibQueryBounds
OleSetLinkUpdateOptions
CheckNetDrive
OleQueryCreateFromClip
ErrSetHostNames
ObjRename
OleCreateLinkFromClip
LeUpdate
OleSetBounds
OleExecute
OleQueryOutOfDate
ErrExecute
OleSetColorScheme
OleDraw
OleRelease
DibEnumFormat
BmGetData
LeSetBounds
LeShow
ErrSetBounds
PbCreateLinkFromClip
PbCreateFromClip
MfClone
OleCreate
OleSetHostNames
OleGetData
MfEqual
DibClone
PbCreateFromFile
LeCopy
WEP
OleSaveToStream

mmcbase

?SCODEFromSc@@YGJABVSC@mmcerror@@@Z
?GetHelpID@SC@mmcerror@@QAEKXZ
?MMCErrorBox@@YGHIVSC@mmcerror@@I@Z
??8SC@mmcerror@@QBE_NABV01@@Z
?MMCErrorBox@@YGHVSC@mmcerror@@I@Z
??4?$CEventLock@UAppEvents@@@@QAEAAV0@ABV0@@Z
??4SC@mmcerror@@QAEAAV01@J@Z
??1CEventBuffer@@QAE@XZ
?Unlock@CEventBuffer@@QAEXXZ
??0SC@mmcerror@@QAE@J@Z
?AddRef@CMMCStrongReferences@@SGKXZ
?GetCode@SC@mmcerror@@QBEJXZ
??0CMMCStrongReferences@@AAE@XZ
?SetHinst@SC@mmcerror@@SGXPAUHINSTANCE__@@@Z
?FromMMC@SC@mmcerror@@QAEAAV12@J@Z
?Lock@CEventBuffer@@QAEXXZ
?s_pDispatcher@CConsoleEventDispatcherProvider@@0PAVCConsoleEventDispatcher@@A
?InternalLastRefReleased@CMMCStrongReferences@@AAE_NXZ
?GetHinst@SC@mmcerror@@SGPAUHINSTANCE__@@XZ
?s_hWnd@SC@mmcerror@@0PAUHWND__@@A
?MakeSc@SC@mmcerror@@AAEXW4facility_type@12@J@Z
?TraceAndClear@SC@mmcerror@@QAEXXZ
?IsError@SC@mmcerror@@QBE_NXZ
?SetHWnd@SC@mmcerror@@SGXPAUHWND__@@@Z
?Clear@SC@mmcerror@@QAEXXZ
?MMCErrorBox@@YGHII@Z
?GetSingletonObject@CMMCStrongReferences@@CGAAV1@XZ
??1?$CEventLock@UAppEvents@@@@QAE@XZ
??4CMMCStrongReferences@@QAEAAV0@ABV0@@Z
??0CEventBuffer@@QAE@XZ
?ToHr@SC@mmcerror@@QBEJXZ
??7SC@mmcerror@@QBEHXZ
?MMCErrorBox@@YGHPBGI@Z
?Throw@SC@mmcerror@@QAEXJ@Z
??8SC@mmcerror@@QBE_NJ@Z
?HrFromSc@@YGJABVSC@mmcerror@@@Z

Sections

.text
Size: 322KB - Virtual size: 322KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 312KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 231KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2351f7da0df18004b030747c40f93dfd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ntdll

wininet

olecli32

mmcbase

Sections

.text Size: 322KB - Virtual size: 322KB

.rdata Size: 312KB - Virtual size: 312KB

.data Size: 231KB - Virtual size: 1.6MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 322KB - Virtual size: 322KB

.rdata
Size: 312KB - Virtual size: 312KB

.data
Size: 231KB - Virtual size: 1.6MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 1024B