3ec30115955bb608bbfc667cb524e395f98c68ba5f2a5f29c6315640868f1ca4

Sharing

Copy URL Twitter E-mail

General

Target

3ec30115955bb608bbfc667cb524e395f98c68ba5f2a5f29c6315640868f1ca4
Size

156KB
MD5

723b5ee4086a60c4240a031ddfaf97e0
SHA1

e05441233f106ed26706a518341a0c22d0379087
SHA256

3ec30115955bb608bbfc667cb524e395f98c68ba5f2a5f29c6315640868f1ca4
SHA512

d12b4b64f532b5797c9a2d325c064ad67513be7019b42f4fbc49645ca6d8c36dae3a39455e4a04766f537e97e73ce8edd4d8db0cbf397f5b8ec2f1ee821c89ac
SSDEEP

3072:OpG6baKO7hWi2moP6/doifTzw5pq75uwuXzwjrDJqwfYRqiqQNLdh:OFj8SmoP6u3y55uyDJqwfYEiBR3

Score

N/A

Malware Config

Signatures

Files

3ec30115955bb608bbfc667cb524e395f98c68ba5f2a5f29c6315640868f1ca4
.exe windows x86

8641c9e01e352fba0fa065dfe6fb4c6b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExpungeConsoleCommandHistoryA
FreeUserPhysicalPages
VerLanguageNameW
VirtualLock
_hread
SearchPathW
CancelWaitableTimer
CreateSemaphoreW
GetLocaleInfoW
AddConsoleAliasA
GetSystemInfo
RegisterConsoleIME
OpenSemaphoreW
RemoveDirectoryA
SetEndOfFile
GetNamedPipeInfo
GetCurrentThread
GetConsoleCursorInfo
LoadLibraryW
GetLargestConsoleWindowSize
GetUserDefaultLCID
GetProfileSectionW
LocalLock
SwitchToThread

d3d8thk

OsThunkDdGetAvailDriverMemory
OsThunkDdAttachSurface
OsThunkDdQueryMoCompStatus
OsThunkDdCanCreateD3DBuffer
OsThunkDdQueryDirectDrawObject
OsThunkDdDeleteSurfaceObject
OsThunkDdGetDriverState
OsThunkDdDestroyD3DBuffer
OsThunkDdSetColorKey
OsThunkDdAddAttachedSurface
OsThunkDdResetVisrgn
OsThunkDdSetOverlayPosition
OsThunkDdGetScanLine
OsThunkDdDestroySurface
OsThunkDdCreateD3DBuffer
OsThunkDdSetGammaRamp
OsThunkDdSetExclusiveMode
OsThunkDdBeginMoCompFrame
OsThunkDdUnlock

cfgmgr32

CM_Delete_DevNode_Key
CM_Register_Device_Driver
CM_Enumerate_Classes_Ex
CM_Enumerate_EnumeratorsA
CMP_Report_LogOn
CM_Set_DevNode_Registry_PropertyA
CM_Add_ID_ExA
CM_Get_Child_Ex
CM_Get_Device_Interface_AliasW
CM_Intersect_Range_List
CM_Set_HW_Prof_FlagsW
CM_Get_Res_Des_Data
CM_Move_DevNode

msvcirt

?ws@@YAAAVistream@@AAV1@@Z
?rdbuf@fstream@@QBEPAVfilebuf@@XZ
??_Eexception@@UAEPAXI@Z
??_8strstream@@7Bostream@@@
??_7strstream@@6B@
??1filebuf@@UAE@XZ
_mtlock
?read@istream@@QAEAAV1@PACH@Z
??4exception@@QAEAAV0@ABV0@@Z
?unlockbuf@ios@@QAAXXZ
??_Difstream@@QAEXXZ
?overflow@filebuf@@UAEHH@Z
??4ostream_withassign@@QAEAAVostream@@PAVstreambuf@@@Z
?xsputn@streambuf@@UAEHPBDH@Z
?isfx@istream@@QAEXXZ
?fLockcInit@ios@@0HA
?xalloc@ios@@SAHXZ
??4streambuf@@QAEAAV0@ABV0@@Z
??4ios@@IAEAAV0@ABV0@@Z
?writepad@ostream@@AAEAAV1@PBD0@Z

scarddlg

SCardDlgExtendedError
SCardUIDlgSelectCardW
SCardUIDlgSelectCardA
GetOpenCardNameA
GetOpenCardNameW

olesvr32

OleRegisterServerDoc
OleRegisterServer
OleRenameServerDoc
WEP
EnumForTerminate
OleSavedServerDoc
SendDataMsg
FindItemWnd
TerminateDocClients
OleBlockServer
OleRevokeServerDoc
DeleteClientInfo
OleUnblockServer
DocWndProc
ItemWndProc
SrvrWndProc
OleQueryServerVersion
ItemCallBack
TerminateClients
OleRevokeObject
OleRevokeServer
OleRevertServerDoc
SendRenameMsg

Sections

.text
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8641c9e01e352fba0fa065dfe6fb4c6b

Headers

File Characteristics

Imports

kernel32

d3d8thk

cfgmgr32

msvcirt

scarddlg

olesvr32

Sections

.text Size: 49KB - Virtual size: 49KB

.rdata Size: 51KB - Virtual size: 51KB

.data Size: 52KB - Virtual size: 51KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 49KB - Virtual size: 49KB

.rdata
Size: 51KB - Virtual size: 51KB

.data
Size: 52KB - Virtual size: 51KB

.rsrc
Size: 1KB - Virtual size: 1KB