e82aadf83f7e053dd0b9b0e0aaa69c69b6730b67232e434d9b08a03140125a25

Sharing

Copy URL Twitter E-mail

General

Target

e82aadf83f7e053dd0b9b0e0aaa69c69b6730b67232e434d9b08a03140125a25
Size

253KB
MD5

6d0087bdc2256d61322e022aa6f660b0
SHA1

57f7afd45c76093201031206a94f1829bda97bcd
SHA256

e82aadf83f7e053dd0b9b0e0aaa69c69b6730b67232e434d9b08a03140125a25
SHA512

d05129cb53320d7c53ecc4ff960c01125d8d979808c70be55fa37501c4d64b3317dabc7887dae8359b7245362cd4224455801101492836ef70522414276c3d31
SSDEEP

3072:I+Q7Q0MaJSdgsqieRBuoH0B+oYIYwG8oESxL62RH2XbQORMXrmeGobQG/ixa93RP:IHM5yskuxEL8XALpR2+XrOo8y3N

Score

N/A

Malware Config

Signatures

Files

e82aadf83f7e053dd0b9b0e0aaa69c69b6730b67232e434d9b08a03140125a25
.exe windows x86

a2684cfbdec0a1bc814cdbf79fa68025

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

urlmon

RegisterMediaTypes
RegisterFormatEnumerator
CopyBindInfo
URLDownloadToFileW
FaultInIEFeature
HlinkSimpleNavigateToMoniker
URLOpenBlockingStreamW
URLDownloadToCacheFileW
CoGetClassObjectFromURL
URLOpenStreamW
SetSoftwareUpdateAdvertisementState
UrlMkBuildVersion
URLDownloadA
URLDownloadToFileA
URLOpenBlockingStreamA
IsAsyncMoniker
FindMediaTypeClass
CreateURLMoniker
BindAsyncMoniker
GetComponentIDFromCLSSPEC
CoInternetCompareUrl
IsLoggingEnabledA
URLOpenStreamA
CoInternetParseUrl
Extract
HlinkSimpleNavigateToString

imm32

ImmSetCompositionFontW

version

VerInstallFileA
GetFileVersionInfoSizeW

clusapi

GetClusterKey

shlwapi

UrlApplySchemeA

samlib

SamRemoveMemberFromGroup
SamOpenDomain

mswsock

rcmd
GetAddressByNameA
GetTypeByNameA
MigrateWinsockConfiguration
SetServiceA
s_perror
WSARecvEx
TransmitFile
sethostname
GetNameByTypeA
inet_network
SetServiceW
rresvport
NPLoadNameSpaces
rexec
EnumProtocolsW

vdmdbg

VDMGetThreadSelectorEntry

advapi32

DestroyPrivateObjectSecurity

shell32

SHPathPrepareForWriteW

crypt32

CertIsRDNAttrsInCertificateName
CryptEncryptMessage

kernel32

FlushInstructionCache
GetModuleFileNameA
RemoveDirectoryA
lstrcmpW
CreateDirectoryExA
LocalLock
GetSystemWindowsDirectoryA

resutils

ResUtilGetResourceDependencyByName

tapi32

lineSetCurrentLocation

userenv

FreeGPOListA

wintrust

WVTAsn1CatNameValueEncode

advpack

NeedRebootInit

setupapi

CM_Modify_Res_Des_Ex

user32

ToUnicode
ShowWindow
GetCursorPos
GetFocus

comdlg32

ChooseFontA
GetFileTitleA
WantArrows

oledlg

OleUIChangeSourceA

pdh

PdhBrowseCountersA
PdhEnumMachinesA
PdhVbGetCounterPathElements
PdhComputeCounterStatistics
PdhUpdateLogA
PdhVbOpenQuery
PdhOpenQueryA
PdhVbUpdateLog
PdhUpdateLogW
PdhEnumMachinesW
PdhOpenLogW
PdhExpandWildCardPathA
PdhExpandWildCardPathW
PdhSelectDataSourceW
PdhParseInstanceNameW
PdhRemoveCounter

psapi

GetDeviceDriverFileNameA

scesrv

ScesrvTerminateServer

netapi32

NetDfsGetClientInfo
NetDfsAddFtRoot
NetReplGetInfo
NetServerComputerNameDel
NetScheduleJobGetInfo
NetErrorLogWrite
NetReplImportDirLock
NetScheduleJobEnum
NetShareCheck
NetConnectionEnum
I_BrowserQueryStatistics
NetLocalGroupSetMembers
NetGroupAddUser
DsGetDcSiteCoverageW
NetUseAdd
NetUseEnum
NetServerSetInfo
NetSessionDel
NetDfsAdd
NetReplExportDirDel
NetUserDel
NetServerTransportAdd
DsGetSiteNameA
NetLocalGroupAddMembers
NetUserModalsSet
NetRegisterDomainNameChangeNotification
NetConfigSet
NetUserGetLocalGroups
NetReplExportDirUnlock
NetDfsRemove

winsta

_WinStationBreakPoint

mscms

OpenColorProfileA
CreateDeviceLinkProfile
UninstallColorProfileW
EnumColorProfilesW
SelectCMM
CreateProfileFromLogColorSpaceW
GetPS2ColorRenderingIntent
CreateColorTransformA
GetNamedProfileInfo
IsColorProfileTagPresent
CloseColorProfile
GetColorProfileElementTag
SetColorProfileElement
UninstallColorProfileA
TranslateBitmapBits
InstallColorProfileW
GetCountColorProfileElements
CreateMultiProfileTransform
DisassociateColorProfileFromDeviceA
SetColorProfileElementSize
UnregisterCMMW

ntdll

NtCreatePort

gdi32

CreateDCA
GetCharABCWidthsA
CreateSolidBrush
GetMetaRgn
SetMapMode
GetPath
SetWinMetaFileBits
GetLogColorSpaceW
GetCharWidthFloatA
GetBitmapBits
LineTo
CreateColorSpaceW
ResetDCA
SetICMMode
SetTextAlign
GetTextCharset
ExtSelectClipRgn
GetCharWidth32A
StartDocA
SetTextCharacterExtra
SetRectRgn
CreatePolygonRgn
GetDeviceGammaRamp
PlayEnhMetaFile
SelectClipRgn
GetBitmapDimensionEx
WidenPath
PlayEnhMetaFileRecord
SetBitmapBits
Escape
GetTextCharsetInfo
GetObjectType

ole32

BindMoniker
HENHMETAFILE_UserMarshal
OleCreateEmbeddingHelper
OleCreateFromFileEx
OleCreateMenuDescriptor
HENHMETAFILE_UserFree
OleUninitialize
OleConvertIStorageToOLESTREAMEx
HACCEL_UserMarshal
UtGetDvtd16Info
OleCreateStaticFromData
UtConvertDvtd16toDvtd32
HDC_UserMarshal
HICON_UserSize
OleQueryCreateFromData
OleFlushClipboard
HMENU_UserSize
StgPropertyLengthAsVariant
OleRun
StgCreateDocfileOnILockBytes
CoSuspendClassObjects
CoAddRefServerProcess
CoGetStandardMarshal
CoGetContextToken
OleSetContainedObject
RegisterDragDrop
CoInstall

Sections

.text
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 420KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a2684cfbdec0a1bc814cdbf79fa68025

Headers

File Characteristics

Imports

urlmon

imm32

version

clusapi

shlwapi

samlib

mswsock

vdmdbg

advapi32

shell32

crypt32

kernel32

resutils

tapi32

userenv

wintrust

advpack

setupapi

user32

comdlg32

oledlg

pdh

psapi

scesrv

netapi32

winsta

mscms

ntdll

gdi32

ole32

Sections

.text Size: 77KB - Virtual size: 76KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 33KB - Virtual size: 420KB

.rsrc Size: 122KB - Virtual size: 121KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 77KB - Virtual size: 76KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 33KB - Virtual size: 420KB

.rsrc
Size: 122KB - Virtual size: 121KB

.rsrc
Size: 5KB - Virtual size: 5KB