fd2c2055cd8559d29da06c65283b30296e83487e3fdf1eef3eff32b327b9b6cf

Sharing

Copy URL Twitter E-mail

General

Target

fd2c2055cd8559d29da06c65283b30296e83487e3fdf1eef3eff32b327b9b6cf
Size

227KB
MD5

a19c1be41a27bb4c0703a2fb46acd240
SHA1

c46f42c77f938c949fef6ec75ad6d46b990b59b5
SHA256

fd2c2055cd8559d29da06c65283b30296e83487e3fdf1eef3eff32b327b9b6cf
SHA512

e066a35b1b7d214de383cb0da2e6d2e4381d066c4c47ab30d4d6323189dd3a99e37bbfa91a46dcda7e5a5a67a8ca31a663f89deb85602fb42521ef08709331b7
SSDEEP

3072:uDL2pZFSeSyJeyyPYpSVidBjNP8OILacmGWq3pFvUX157vRCj2+k5y8nHN+sJeTI:dpHIyow0idRtt0aca8Clgk5y8l8Tgdj

Score

N/A

Malware Config

Signatures

Files

fd2c2055cd8559d29da06c65283b30296e83487e3fdf1eef3eff32b327b9b6cf
.exe windows x86

3705a2dcdde7a74d5c544a7916987d29

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
StartServiceCtrlDispatcherW
RegisterServiceCtrlHandlerW
SetServiceStatus
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegisterEventSourceW
ReportEventW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegDeleteKeyW

esent

JetTerm
JetUpdate
JetSetColumn
JetPrepareUpdate
JetDelete
JetMove
JetMakeKey
JetRetrieveColumn
JetSetSystemParameter
JetCloseTable
JetGetColumnInfo
JetOpenTable
JetRollback
JetCommitTransaction
JetCreateIndex
JetAddColumn
JetCreateTable
JetBeginTransaction
JetOpenDatabase
JetCloseDatabase
JetCreateDatabase
JetSetCurrentIndex
JetAttachDatabase
JetBeginSession
JetInit
JetDetachDatabase
JetEndSession
JetSeek

snmpapi

SnmpUtilOidFree
SnmpUtilOidCpy
SnmpUtilOidAppend
SnmpUtilOidCmp

winscard

SCardDisconnect
g_rgSCardT0Pci
SCardTransmit
SCardReconnect
SCardEndTransaction
SCardBeginTransaction
SCardConnectA
SCardStatusA
SCardEstablishContext
SCardListReadersA
SCardReleaseContext

dnsapi

DnsDhcpSrvRegisterTerm
DnsDhcpSrvRegisterInit

kernel32

DeleteFileA
GetModuleHandleA
DeleteFileW
FormatMessageA
FormatMessageW
LoadLibraryW
LoadLibraryA
GetLocaleInfoW
GetLocaleInfoA
GetModuleFileNameW
GetModuleFileNameA
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
CompareStringW
CompareStringA
GetTickCount
GetUserDefaultLCID
LocalFree
GetProcAddress
FreeLibrary
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
DebugBreak

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 165KB - Virtual size: 273KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3705a2dcdde7a74d5c544a7916987d29

Headers

File Characteristics

Imports

advapi32

esent

snmpapi

winscard

dnsapi

kernel32

Sections

.text Size: 43KB - Virtual size: 42KB

.data Size: 165KB - Virtual size: 273KB

.idata Size: 3KB - Virtual size: 2KB

.rsrc Size: 13KB - Virtual size: 13KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 43KB - Virtual size: 42KB

.data
Size: 165KB - Virtual size: 273KB

.idata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 13KB - Virtual size: 13KB

.reloc
Size: 2KB - Virtual size: 1KB