d642a45830cb9294818b4a8033831e442cf816af973d5cd774b5e4ddc5a76b5c

Sharing

Copy URL

Twitter E-mail

General

Target

d642a45830cb9294818b4a8033831e442cf816af973d5cd774b5e4ddc5a76b5c
Size

868KB
MD5

7690f11a53640e5e3b4830f4470a7100
SHA1

2a148c662a93cef719f16105f25323861879db94
SHA256

d642a45830cb9294818b4a8033831e442cf816af973d5cd774b5e4ddc5a76b5c
SHA512

1895358598f8fd3977ce6774bbfddbe0038400e6c705458f0e44589fca24349c54095274ef285f0ec40787c3c0a6805edec8bc91cfab4a60000ad1ffe5445e9c
SSDEEP

12288:uwzmgzDkpfPH2Ztbxw+uyEIjs6v6LPPIQRNbuoJCIjUGAMXif48t7jNmJHQMt3TO:3mgQgRam56LH1SoPc48aJHQY3zwp

Score

N/A

Malware Config

Signatures

Files

d642a45830cb9294818b4a8033831e442cf816af973d5cd774b5e4ddc5a76b5c
.exe windows x86

313e6f1c99af9978c472770ac5ef5860

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

duser

SetGadgetCenterPoint
GetGadgetStyle
UnregisterGadgetProperty
DUserGetGutsData
EnumGadgets
InitGadgets
DrawGadgetTree
DUserSendEvent
DUserFindClass
DUserDeleteGadget
SetGadgetRect
GetGadgetScale
CreateGadget
DUserRegisterGuts
GetStdColorPenF
GetGadgetCenterPoint
DUserBuildGadget
GetGadget
PeekMessageExW
SetGadgetRootInfo
SetGadgetMessageFilter
GetStdColorPenI
GetGadgetBufferInfo
DUserRegisterStub
FindGadgetMessages

gdi32

PtVisible
ResetDCA
CreateScalableFontResourceW
RestoreDC
EngMultiByteToWideChar
OffsetClipRgn
EnumICMProfilesW
GdiEndDocEMF
SetPolyFillMode
SetDIBColorTable
DdEntry15
GdiQueryTable
GetSystemPaletteUse
GdiEntry5
GdiSetBatchLimit
DdEntry45
ExtCreatePen
DrawEscape
BeginPath
EngFindResource
EnumMetaFile
EngLockSurface
GetGraphicsMode
GetDCPenColor
GetPixelFormat
ExtSelectClipRgn
GdiPlayEMF
CreateHatchBrush
CopyMetaFileW
FONTOBJ_pfdg
PolyPolygon
GdiGetLocalBrush
EngDeleteSurface
EngMarkBandingSurface
GetCharABCWidthsI
DdEntry29
SetROP2
TextOutA
RemoveFontResourceW
EngEraseSurface

kernel32

GetDateFormatA
FindNextVolumeA
WriteFileGather
GetWriteWatch
ExpungeConsoleCommandHistoryW
ReadDirectoryChangesW
HeapCreate
GetConsoleAliasExesLengthA
LoadLibraryA
SetFirmwareEnvironmentVariableW
FreeEnvironmentStringsA
LocalAlloc
SwitchToThread
ResumeThread
SetTimeZoneInformation
CreateSocketHandle
GetLocalTime
LZStart
SetStdHandle
WaitForMultipleObjects
EnumDateFormatsA
GetSystemTimeAsFileTime
GetConsoleCursorInfo
GetDiskFreeSpaceA
FindResourceExA
GetStringTypeExW
EnumSystemLanguageGroupsW
GlobalHandle
lstrcpyn
VirtualAlloc
SetTapePosition
VirtualQuery
OpenMutexA
VerifyConsoleIoHandle
WritePrivateProfileStringW

msdart

??4CReaderWriterLock@@QAEAAV0@ABV0@@Z
?IsMillnm@CMdVersionInfo@@SAHXZ
?_RemoveThisFromGlobalList@CLKRHashTable@@AAEXXZ
?BucketIndex@CLKRHashTableStats@@SGJJ@Z
??0CSingleList@@QAE@XZ
?SetDefaultSpinCount@CSpinLock@@SGXG@Z
??1CLKRLinearHashTable@@QAE@XZ
?IsReadLocked@CLKRHashTable@@QBE_NXZ
?Lock@CLockedDoubleList@@QAEXXZ
?_Unlock@CSpinLock@@AAEXXZ
?sm_wDefaultSpinCount@CReaderWriterLock@@1GA
?ConvertSharedToExclusive@CReaderWriterLock2@@QAEXXZ
?SetDefaultSpinCount@CReaderWriterLock2@@SGXG@Z
?_H0@CLKRLinearHashTable@@CGKKK@Z
??1CReaderWriterLock2@@QAE@XZ
?GetDefaultSpinCount@CReaderWriterLock2@@SGGXZ
?Pop@CLockedSingleList@@QAEQAVCSingleListEntry@@XZ
?ReadUnlock@CCritSec@@QAEXXZ
?InsertTail@CDoubleList@@QAEXQAVCListEntry@@@Z
?RemoveEntry@CDoubleList@@SGXQAVCListEntry@@@Z
?InitializeVersionInfo@CMdVersionInfo@@CAHXZ
?ReadOrWriteUnlock@CCritSec@@QAEX_N@Z
?_Lock@CSpinLock@@AAEXXZ
??1CSpinLock@@QAE@XZ
?ConvertSharedToExclusive@CReaderWriterLock3@@QAEXXZ
?_CurrentThreadId@CSpinLock@@CGJXZ
?IsWinNT@CMdVersionInfo@@SAHXZ
??4CMdVersionInfo@@QAEAAV0@ABV0@@Z
?sm_llGlobalList@CLKRHashTable@@0VCLockedDoubleList@@A
?sm_dblDfltSpinAdjFctr@CFakeLock@@1NA
?First@CDoubleList@@QBEQAVCListEntry@@XZ
?Unlock@CLockedDoubleList@@QAEXXZ
??1CCritSec@@QAE@XZ
?SetBucketLockSpinCount@CLKRLinearHashTable@@QAEXG@Z
?sm_wDefaultSpinCount@CSmallSpinLock@@1GA
?InsertTail@CLockedDoubleList@@QAEXQAVCListEntry@@@Z
?_Clear@CLKRLinearHashTable@@AAEX_N@Z
?GetDefaultSpinCount@CReaderWriterLock@@SGGXZ
?TryWriteLock@CCritSec@@QAE_NXZ
?ReadUnlock@CSmallSpinLock@@QAEXXZ
?ConvertSharedToExclusive@CLKRLinearHashTable@@QBEXXZ
?ReadLock@CReaderWriterLock2@@QAEXXZ

olecli32

GetTaskVisibleWindow
OleRenameClientDoc
LeShow
LeGetUpdateOptions
OleDelete
LeSetData
ErrClose
OleCreateLinkFromFile
OleQueryOutOfDate
OleRelease
GenEnumFormat
OleSavedClientDoc
ConnectDlgProc
OleObjectConvert
GenQueryBounds
GenCopy
OleQueryCreateFromClip
MfChangeData
OleRequestData
DibDraw
ErrGetUpdateOptions
DefCreateFromTemplate
OleExecute
OleRegisterClientDoc
OleDraw
ErrExecute
OleIsDcMeta
WEP
PbCreateLinkFromClip
GenGetData
PbCreateLinkFromFile
ErrSetBounds
ObjQueryName
GenDraw

msvcrt40

$I10_OUTPUT
??_8ofstream@@7B@
?freeze@strstreambuf@@QAEXH@Z
_mbscat
_wutime
_wtoi
strcat
_environ
??6ostream@@QAEAAV0@E@Z
strcmp
??_8strstream@@7Bostream@@@
_fpreset
pow
isprint
_ismbblead
ferror
_ismbbkpunct
swscanf
?unbuffered@streambuf@@IBEHXZ
??5istream@@QAEAAV0@AAC@Z
?lockc@ios@@KAXXZ
__p__osver
?setbuf@ifstream@@QAEPAVstreambuf@@PADH@Z
?hex@@YAAAVios@@AAV1@@Z
?write@ostream@@QAEAAV1@PBEH@Z
_global_unwind2
?fill@ios@@QBEDXZ
_CIsqrt
?put@ostream@@QAEAAV1@C@Z
_wcslwr
?write@ostream@@QAEAAV1@PBCH@Z
fseek
_CIsinh

Sections

.text
Size: 314KB - Virtual size: 314KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 294KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 257KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

313e6f1c99af9978c472770ac5ef5860

Headers

DLL Characteristics

File Characteristics

Imports

duser

gdi32

kernel32

msdart

olecli32

msvcrt40

Sections

.text Size: 314KB - Virtual size: 314KB

.rdata Size: 294KB - Virtual size: 294KB

.data Size: 1024B - Virtual size: 1.7MB

.rsrc Size: 257KB - Virtual size: 257KB

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 314KB - Virtual size: 314KB

.rdata
Size: 294KB - Virtual size: 294KB

.data
Size: 1024B - Virtual size: 1.7MB

.rsrc
Size: 257KB - Virtual size: 257KB

.reloc
Size: 1024B - Virtual size: 1024B