c8c5e6276737aadfe804f1ce31af9108f493b4a3d3cb9a939a7a1bd012ab8a42

Sharing

Copy URL Twitter E-mail

General

Target

c8c5e6276737aadfe804f1ce31af9108f493b4a3d3cb9a939a7a1bd012ab8a42
Size

51KB
MD5

69bcef978d919d04877c054cc044a7f7
SHA1

5143627dca290f66b1477cfad07af2466d4169b3
SHA256

c8c5e6276737aadfe804f1ce31af9108f493b4a3d3cb9a939a7a1bd012ab8a42
SHA512

a5930f4f0c9137cca0fb8f9ca4b1775585a48979bf04494e0bcd37845db7675753a560f72074837ebe2c1e8133cc8583668ea10d9e895b2c81e90b72c3aca903
SSDEEP

1536:AJ+LQUHA2Zogntos2Way0vi2Wz16G8hVrvffqOLFw4IOR:AJsQ92/VHay0vi2WsjX/O4P

Score

N/A

Malware Config

Signatures

Files

c8c5e6276737aadfe804f1ce31af9108f493b4a3d3cb9a939a7a1bd012ab8a42
.dll windows x86

81f31c1ef155ce455fb0888243b128b1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

exit
_wcsicmp
__getmainargs
fgets
iscntrl
_mbsncpy
_controlfp
_cexit
_snwprintf
wctomb
_wcsicoll
_wspawnvp
memcpy
_callnewh
_control87
_eof
_spawnve
_wutime64
getc
??0__non_rtti_object@@QAE@PBD@Z
_mbctohira
??_Fbad_typeid@@QAEXXZ
_wcsnset
_wrmdir
__lconv_init
_sleep
_mbsicoll
_osplatform
sqrt
__set_app_type
_fgetwchar
vswprintf
_wstrdate
_wunlink
_osver
?set_terminate@@YAP6AXXZP6AXXZ@Z
__p__commode

advpack

RegisterOCX
DoInfInstall
RebootCheckOnInstall
FileSaveRestoreOnINF
TranslateInfString
SetPerUserSecValues
FileSaveRestore
NeedRebootInit
LaunchINFSection
ExecuteCab
GetVersionFromFile
RegInstall
AddDelBackupEntry
UserUnInstStubWrapper
RunSetupCommand
FileSaveMarkNotExist
RegRestoreAll
TranslateInfStringEx
LaunchINFSectionEx
AdvInstallFile
GetVersionFromFileEx
ExtractFiles
CloseINFEngine
DelNodeRunDLL32
IsNTAdmin
DelNode
OpenINFEngine
NeedReboot
RegSaveRestore
RegSaveRestoreOnINF

kernel32

IsDebuggerPresent
GetConsoleInputExeNameA
ProcessIdToSessionId
LZStart
SetStdHandle
GetTempFileNameA
WritePrivateProfileStructA
HeapUnlock
GetFullPathNameA
GetDiskFreeSpaceA
IsBadWritePtr
CallNamedPipeW
GetNumberOfConsoleFonts
VirtualAlloc
GetProfileIntW
GetLogicalDriveStringsW
SetCurrentDirectoryW
GetEnvironmentStringsA
AddAtomW
CreateHardLinkW
SetClientTimeZoneInformation
ReadProcessMemory
LoadLibraryA
GetDefaultCommConfigA
GetConsoleCommandHistoryA
DebugActiveProcess
GlobalAlloc
GetComputerNameA
DuplicateHandle
ConvertFiberToThread
IsBadCodePtr
WriteFileGather
GetTimeFormatA

unimdmat

UmGetDiagnostics
UmCloseModem
UmSetSpeakerPhoneState
UmInitModem
UmIssueCommand
UmLogStringA
UmDialModem
UmGenerateDigit
UmAbortCurrentModemCommand
UmOpenModem
UmDeinitializeModemDriver
UmLogDiagnostics
UmAnswerModem
UmWaveAction
UmMonitorModem
UmInitializeModemDriver
UmSetPassthroughMode
UmDuplicateDeviceHandle
UmHangupModem

user32

MessageBoxA
EndDialog

shell32

SHGetMalloc

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

81f31c1ef155ce455fb0888243b128b1

Headers

File Characteristics

Imports

msvcrt

advpack

kernel32

unimdmat

user32

shell32

Sections

.text Size: 41KB - Virtual size: 41KB

.rdata Size: 6KB - Virtual size: 13KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 41KB - Virtual size: 41KB

.rdata
Size: 6KB - Virtual size: 13KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB