3d9998a5ba4e7d3c6c0dc0461215b1d0da121a797674ca2d33dc68b100dc5c60

Sharing

Copy URL

Twitter E-mail

General

Target

3d9998a5ba4e7d3c6c0dc0461215b1d0da121a797674ca2d33dc68b100dc5c60
Size

123KB
MD5

a0f28d440c45cd9d52cde80ced161f9a
SHA1

0d5efd6fcdb5790c36f215c029aaa1f8f3ce713d
SHA256

3d9998a5ba4e7d3c6c0dc0461215b1d0da121a797674ca2d33dc68b100dc5c60
SHA512

dc4c030e718c2b355e1e9967b7dc2bc19c32d6eec31d9362919bef8232bec70d1397cae4dc5222335cee89428f8ccd7381d6b155347a8f6616cb7bdb800cefc2
SSDEEP

3072:o5Im8gb854DD980BIbZAOnxln5M04Q6QxyfCD+6s+SEz:m00B+ZhnjMQ6aw2+6s+SE

Score

N/A

Malware Config

Signatures

Files

3d9998a5ba4e7d3c6c0dc0461215b1d0da121a797674ca2d33dc68b100dc5c60
.exe windows x86

5cf330a47d208423f48a31ffac9e240b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

perfnet

CloseNetSvcsObject

cabview

Uninstall
DllGetClassObject
DllCanUnloadNow

kernel32

GetTapeParameters
SetConsoleInputExeNameW
IsProcessorFeaturePresent
SetConsoleCursorMode
GetConsoleCharType
SetWaitableTimer
GetWindowsDirectoryA
LoadModule
DnsHostnameToComputerNameW
FreeLibraryAndExitThread
SetHandleCount
lstrcpynA
OpenJobObjectW
GetStringTypeA
EnumResourceTypesA
InterlockedExchange
NlsGetCacheUpdateCount
Process32FirstW
EnumResourceTypesW
PulseEvent
SetTermsrvAppInstallMode
lstrcpyA
RegisterConsoleOS2
GetTimeFormatA
WaitForMultipleObjects
FillConsoleOutputCharacterW
GetConsoleInputWaitHandle
GetCommandLineA
SetProcessAffinityMask
MoveFileWithProgressW
CreateWaitableTimerA
GetDefaultCommConfigA
SetConsoleTitleA
OpenWaitableTimerA
Module32NextW
VirtualAlloc
GetCalendarInfoW

lz32

CopyLZFile
LZOpenFileA
LZCopy
LZClose
LZOpenFileW
LZCloseFile
LZRead
GetExpandedNameA
LZDone
LZStart
LZCreateFileW
LZInit
LZSeek
GetExpandedNameW

rtm

RtmGetNextHopPointer
RtmUpdateAndUnlockRoute
RtmGetNextHopInfo
MgmInitialize
RtmReleaseDestInfo
MgmGetMfe
RtmFindNextHop
RtmInvokeMethod
RtmGetInstanceInfo
RtmReleaseRoutes
RtmGetRouteAge
DeleteFromTable
RtmGetFirstRoute
RtmLookupIPDestination
RtmGetChangeStatus
RtmCreateRouteList
RtmGetAddressFamilyInfo
RtmEnumerateGetNextRoute
RtmGetNetworkCount
RtmWriteInstanceConfig
RtmDeleteRouteList
RtmGetEnumDests
RtmCloseEnumerationHandle
DumpTable

advpack

GetVersionFromFile

sqlwid

_ttof
_lopen_
GetProcAddress_
OpenFile_
wstrlen
strerror_
_lwrite_
_lcreat_
_hwrite_
GetEnvironmentStrings_

htui

HTUI_ColorAdjustment
HTUI_DeviceColorAdjustmentA
HTUI_DeviceColorAdjustment
HTUI_ColorAdjustmentA
HTUI_ColorAdjustmentW
HTUI_DeviceColorAdjustmentW

d3d9

D3DPERF_SetRegion
D3DPERF_QueryRepeatFrame
PSGPSampleTexture
D3DPERF_GetStatus
D3DPERF_SetOptions
DebugSetLevel
Direct3DCreate9
DebugSetMute
D3DPERF_BeginEvent
D3DPERF_SetMarker
PSGPError
Direct3DShaderValidatorCreate9
D3DPERF_EndEvent

msvcrt20

_CIasin

Sections

.data
Size: - Virtual size: 496KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1024B - Virtual size: 604B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 76B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rdata
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5cf330a47d208423f48a31ffac9e240b

Headers

DLL Characteristics

File Characteristics

Imports

perfnet

cabview

kernel32

lz32

rtm

advpack

sqlwid

htui

d3d9

msvcrt20

Sections

.data Size: - Virtual size: 496KB

.text Size: 1024B - Virtual size: 604B

.reloc Size: 512B - Virtual size: 76B

.rdata Size: 119KB - Virtual size: 119KB

.rsrc Size: 1024B - Virtual size: 724B

.data
Size: - Virtual size: 496KB

.text
Size: 1024B - Virtual size: 604B

.reloc
Size: 512B - Virtual size: 76B

.rdata
Size: 119KB - Virtual size: 119KB

.rsrc
Size: 1024B - Virtual size: 724B