e5cf6d712b112477edf46343558b52ac5376cc03fd6006752c05105f4f264e40

Sharing

Copy URL Twitter E-mail

General

Target

e5cf6d712b112477edf46343558b52ac5376cc03fd6006752c05105f4f264e40
Size

711KB
MD5

908ab608e50b5267968eefd06bca2400
SHA1

f51ad8ac9801cb34e223cc4e406bca5ced67d978
SHA256

e5cf6d712b112477edf46343558b52ac5376cc03fd6006752c05105f4f264e40
SHA512

57dc7a1d91819c2013b20175798be40c3a548aeb7b75cde97707227774c4c05b22f8f8f01012eec373a06c7c0b313df9674e3857d99cbd88415be17f92496fc3
SSDEEP

12288:enPsd7EKtjZovdwZu8hKYzgStfUstLMK/0SEl81:8EP1Gq4wBUStfU6L0SElq

Score

N/A

Malware Config

Signatures

Files

e5cf6d712b112477edf46343558b52ac5376cc03fd6006752c05105f4f264e40
.exe windows x86

5358c64e3185180ed9d504fbd81124ef

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

RaiseException
IsDBCSLeadByteEx
GetBinaryTypeW
GetAtomNameW
PeekConsoleInputW
VirtualAlloc
SetConsoleTextAttribute
EnumResourceNamesA
GetPrivateProfileIntA
CreateMutexW
CreateDirectoryA
InitializeCriticalSection
AssignProcessToJobObject
GetACP
GetConsoleMode
CreateSemaphoreW
InterlockedDecrement
CreateDirectoryW
GlobalCompact
SetCommState
WTSGetActiveConsoleSessionId
DeleteTimerQueueEx
SetHandleInformation
WriteConsoleInputA
GetShortPathNameA
RegisterWaitForSingleObject
SetPriorityClass

mprapi

MprAdminServerConnect
MprConfigGetGuidName
MprAdminInterfaceGetHandle
MprInfoDelete
MprAdminUserGetInfo
MprConfigTransportDelete
MprInfoBlockFind
MprConfigTransportGetInfo
MprAdminInterfaceDelete
MprConfigInterfaceDelete
MprConfigInterfaceCreate
MprConfigInterfaceGetHandle
MprConfigInterfaceTransportGetHandle
MprAdminGetErrorString
MprConfigTransportSetInfo
MprConfigInterfaceTransportEnum
MprAdminMIBEntrySet
MprAdminMIBEntryGet
MprConfigTransportCreate
MprConfigInterfaceTransportGetInfo
MprAdminIsServiceRunning
MprAdminUserClose
MprConfigServerConnect
MprAdminMIBServerDisconnect
MprAdminServerDisconnect
MprConfigTransportGetHandle
MprConfigInterfaceTransportRemove
MprConfigBufferFree
MprAdminConnectionGetInfo
MprInfoCreate
MprAdminInterfaceGetInfo
MprAdminInterfaceCreate

tapi32

lineTranslateDialogW
lineDrop
lineNegotiateAPIVersion
lineTranslateAddressW
lineGetIDA
lineGetDevCaps
lineOpenW
lineSetDevConfigA
lineOpenA
lineInitializeExW
lineMakeCall
lineSetStatusMessages
lineNegotiateExtVersion

odbc32

SearchStatusCode
CursorLibTransact
CursorLibLockStmt
PostODBCComponentError
VFreeErrors
ValidateErrorQueue
SQLDriversA
CursorLibLockDbc
VRetrieveDriverErrorsRowCol
PostODBCError
LockHandle
CursorLibLockDesc

mscms

GetColorProfileElement
EnumColorProfilesA
InternalGetPS2ColorSpaceArray
CreateColorTransformW
TranslateBitmapBits
GetStandardColorSpaceProfileW
InternalGetPS2PreviewCRD
GetColorDirectoryA
InstallColorProfileW
GetColorDirectoryW
InternalGetPS2ColorRenderingDictionary
CloseColorProfile
IsColorProfileValid
TranslateColors
OpenColorProfileW
UninstallColorProfileW
GetColorProfileHeader
EnumColorProfilesW
OpenColorProfileA
InternalGetPS2CSAFromLCS
CreateColorTransformA
DeleteColorTransform

mpr

WNetGetUserW
WNetGetResourceInformationW
WNetGetUserA
WNetCancelConnection2W
WNetOpenEnumW
WNetGetProviderNameW
WNetGetLastErrorW
WNetGetConnectionA
WNetOpenEnumA
WNetCloseEnum
WNetEnumResourceW
WNetUseConnectionW
WNetAddConnection3W
WNetGetConnectionW
WNetGetUniversalNameW
WNetGetUniversalNameA
WNetAddConnection2W
WNetEnumResourceA

advapi32

GetTokenInformation
OpenSCManagerA
RegSaveKeyW
AllocateAndInitializeSid
RegCreateKeyExA
OpenServiceA
SetFileSecurityA
UnlockServiceDatabase
EnumDependentServicesW
ImpersonateLoggedOnUser
GetSidSubAuthority
RegDeleteKeyA
GetFileSecurityW
GetTraceLoggerHandle
RegUnLoadKeyW
CopySid
RegEnumKeyExW

Sections

.edata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 14KB - Virtual size: 272KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 206KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 434KB - Virtual size: 623KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5358c64e3185180ed9d504fbd81124ef

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

mprapi

tapi32

odbc32

mscms

mpr

advapi32

Sections

.edata Size: 6KB - Virtual size: 6KB

.edata Size: 5KB - Virtual size: 5KB

.text Size: 14KB - Virtual size: 272KB

.data Size: 206KB - Virtual size: 274KB

.bss Size: 434KB - Virtual size: 623KB

.rsrc Size: 43KB - Virtual size: 42KB

.reloc Size: 512B - Virtual size: 48B

.edata
Size: 6KB - Virtual size: 6KB

.edata
Size: 5KB - Virtual size: 5KB

.text
Size: 14KB - Virtual size: 272KB

.data
Size: 206KB - Virtual size: 274KB

.bss
Size: 434KB - Virtual size: 623KB

.rsrc
Size: 43KB - Virtual size: 42KB

.reloc
Size: 512B - Virtual size: 48B