d9be9b893bab3653a431e7903eadf54e10f8cb66be00463cd1c6d41ce912a112

Sharing

Copy URL Twitter E-mail

General

Target

d9be9b893bab3653a431e7903eadf54e10f8cb66be00463cd1c6d41ce912a112
Size

141KB
MD5

a198287df7df0496cf64f98c36bb4a88
SHA1

574e7edd094f78edc83d2cde4a600104bbf3cbb9
SHA256

d9be9b893bab3653a431e7903eadf54e10f8cb66be00463cd1c6d41ce912a112
SHA512

e7a916eb5b960f65802a44a79cd3057942d0ede6751f05b9d7709c5d76a253a093e794c30c5168d56b90a0c6c53cb9bb8907b48de2a6f25e9799f494ca700f48
SSDEEP

3072:O0jJkpGTIZ11yi3kuvxTDh5CCfiaUaBqhV1G+4TVjLhQYXdC9an:ZJKGTKd3ku1h5qzhVsxjLhvXdbn

Score

N/A

Malware Config

Signatures

Files

d9be9b893bab3653a431e7903eadf54e10f8cb66be00463cd1c6d41ce912a112
.exe windows x86

8a498ec1c470a825c70fb8dc816f78f8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

wcsftime
_ismbblead
_ctype
_ismbbpunct
_osplatform
_cputws
feof
system
tan
__p__commode
__getmainargs
??_V@YAXPAX@Z
wcsspn
_lsearch
__set_app_type
exit
_adj_fptan
_mbsnbicmp
__pxcptinfoptrs
_lock
_mbctype

wshrm

WSHGetSockaddrType
WSHOpenSocket2
WSHSetSocketInformation
WSHGetBroadcastSockaddr
WSHNotify
WSHGetProviderGuid
WSHGetWSAProtocolInfo
WSHGetWinsockMapping
WSHStringToAddress
WSHOpenSocket
WSHJoinLeaf
WSHIoctl

kernel32

SetComputerNameExW
IsValidLanguageGroup
GetModuleHandleW
GetBinaryTypeW
lstrcatW
GetOverlappedResult
GetCurrentDirectoryW
EnumerateLocalComputerNamesA
TerminateJobObject
SetEvent
GetLocaleInfoA
LoadLibraryW
GetCurrentThread

shlwapi

StrRChrIA
PathCompactPathExA
SHRegEnumUSKeyA
PathIsRootW
StrNCatW
PathStripPathW
PathIsNetworkPathW
SHRegSetPathW
PathCommonPrefixW
SHOpenRegStream2A
StrTrimA

msacm32

acmStreamPrepareHeader
acmFilterTagDetailsW
acmGetVersion
acmFormatTagDetailsW
acmFormatTagEnumA
acmStreamMessage
acmFilterTagEnumW
acmFormatTagDetailsA
acmDriverClose
acmDriverDetailsA
acmDriverPriority
acmFormatChooseA
acmStreamSize
acmDriverID
acmDriverAddA
acmStreamReset
acmFilterTagEnumA
acmFormatDetailsA
acmDriverOpen
acmDriverDetailsW

hhsetup

?SetLanguage@CFolder@@QAEXG@Z
?SetId@CLocation@@QAEXPBG@Z
?AddTitle@CCollection@@QAEPAVCTitle@@PBD0000GIPAVCLocation@@PAKH0@Z
?HandleCollection@CCollection@@AAEKPAVCParseXML@@PAD@Z
?AddFolder@CCollection@@QAEPAVCFolder@@PBGKPAKG@Z
??0CPointerList@@QAE@XZ
?Dirty@CCollection@@QAEXXZ
?bIsVisable@CFolder@@QAEHXZ
?GetVisableRootFolder@CCollection@@QAEPAVCFolder@@XZ
?DeleteTitle@CCollection@@AAEKPAVCTitle@@@Z
?HandleLocation@CCollection@@AAEKPAVCParseXML@@PAD@Z
?SetLanguage@CTitle@@QAEXG@Z
?WriteFolders@CCollection@@AAEHPAPAVCFolder@@@Z
?GetSampleLocation@CCollection@@QAEPADXZ
?CheckTitleRef@CCollection@@AAEKPBGG@Z
??1CPointerList@@QAE@XZ
?SetId@CLocation@@QAEXPBD@Z
?SetFindMergedCHMS@CCollection@@QAEXH@Z
?Close@CCollection@@QAEKXZ
?GetTitleW@CLocation@@QAEPBGXZ
?GetLanguage@CFolder@@QAEGXZ
?SetVolume@CLocation@@QAEXPBG@Z
?NewLocationHistory@CTitle@@QAEPAULocationHistory@@XZ
?DeleteChildren@CCollection@@AAEXPAPAVCFolder@@@Z
?AddTail@CFIFOString@@QAEKPAD@Z
??0CFolder@@QAE@XZ
?GetIdW@CTitle@@QAEPBGXZ
??4CPointerList@@QAEAAV0@ABV0@@Z

msasn1

ASN1_CreateDecoderEx
ASN1CEREncEndBlk
ASN1BEREncRemoveZeroBits
ASN1char16string_cmp
ASN1BEREoid2DotVal
ASN1intx2int32
ASN1BERDecBitString
ASN1BERDecOpenType

user32

DialogBoxIndirectParamA
CallWindowProcA
UnregisterClassA
UnregisterHotKey
UserRegisterWowHandlers
GetMenuItemInfoA
CheckMenuRadioItem
DrawAnimatedRects
GetCursorInfo
GetClipboardOwner
ReuseDDElParam
DefWindowProcW
PostQuitMessage
DrawMenuBarTemp
SetForegroundWindow
GetUpdateRgn
DlgDirSelectExA
SetDlgItemTextA
IsCharAlphaNumericW
SubtractRect
MessageBoxTimeoutW
RegisterClassW
GetMenu
OpenDesktopA

Sections

.code
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a498ec1c470a825c70fb8dc816f78f8

Headers

File Characteristics

Imports

msvcrt

wshrm

kernel32

shlwapi

msacm32

hhsetup

msasn1

user32

Sections

.code Size: 83KB - Virtual size: 82KB

.rdata Size: 43KB - Virtual size: 43KB

.data Size: 5KB - Virtual size: 4KB

.rsrc Size: 8KB - Virtual size: 7KB

.code
Size: 83KB - Virtual size: 82KB

.rdata
Size: 43KB - Virtual size: 43KB

.data
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 7KB