ba86eedd07977893505d98d05a4b4d7990c9293eea911e371601bfedc6f3472b

Sharing

Copy URL Twitter E-mail

General

Target

ba86eedd07977893505d98d05a4b4d7990c9293eea911e371601bfedc6f3472b
Size

845KB
MD5

80a93d12d6c47c20b3ea809c9a0f62f0
SHA1

1e433cee6f87b334c483a96ce5ea4a914c1985a1
SHA256

ba86eedd07977893505d98d05a4b4d7990c9293eea911e371601bfedc6f3472b
SHA512

19626bba1fba651ea0a76a177bd19f350778047db1e6226d1d04906c5616c965ef8946ae1d225e7d2aa03f74179642089a2f717364ec0306920511c005b9f60f
SSDEEP

24576:VkzoJhtQOAvLEQzTR/k+Rg+X9zeMc3mn:yktl5QPR4c9Nn

Score

N/A

Malware Config

Signatures

Files

ba86eedd07977893505d98d05a4b4d7990c9293eea911e371601bfedc6f3472b
.exe windows x86

21c1c7caee91f0d1b7223a77d48c9656

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

cfgmgr32

CM_Get_Device_ID_List_ExA
CM_Set_HW_Prof_Flags_ExW
CM_Get_Class_Name_ExA
CM_Get_Res_Des_Data_Size
CMP_UnregisterNotification
CM_Set_DevNode_Problem
CM_Get_Device_Interface_AliasW
CM_Get_Device_Interface_List_SizeA
CM_Get_Version_Ex
CM_Is_Dock_Station_Present
CM_Get_First_Log_Conf_Ex
CM_Set_DevNode_Registry_Property_ExA
CM_Delete_Class_Key
CM_Unregister_Device_InterfaceW
CM_Get_Child_Ex
CM_Set_DevNode_Registry_PropertyW
CM_Query_Arbitrator_Free_Data
CM_Get_Resource_Conflict_DetailsA
CM_Add_Range
CM_Is_Dock_Station_Present_Ex
CM_Get_Parent_Ex
CM_Query_And_Remove_SubTree_ExA
CM_Get_Device_Interface_List_SizeW
CM_Enumerate_Classes_Ex

oleaut32

VarUI2FromUI4
VarRound
VarDecFromI4
VarUI2FromR4
VarI4FromDisp
OleLoadPictureFileEx
VarDecDiv
DosDateTimeToVariantTime
OACreateTypeLib2
VarCyFromI8
VarAdd
VarCyFromUI1
VarI8FromCy
SafeArrayGetElemsize
LPSAFEARRAY_UserSize
VarXor
SysFreeString
VarUI2FromI2
VarBoolFromDec
BSTR_UserUnmarshal
VarUI1FromStr
VarBstrFromDate
SysReAllocString
VarBstrFromR8
SysAllocString

wininet

InternetGetPerSiteCookieDecisionA
InternetGetLastResponseInfoW
InternetErrorDlg
HttpAddRequestHeadersW
InternetCrackUrlW
FreeUrlCacheSpaceW
GetUrlCacheEntryInfoA
FtpRemoveDirectoryW
InternetSetStatusCallbackA
IsUrlCacheEntryExpiredW
InternetSetDialState
InternetSetFilePointer
RetrieveUrlCacheEntryStreamW
HttpOpenRequestW
InternetCanonicalizeUrlW
FtpCommandW
HttpOpenRequestA
InternetCrackUrlA
DeleteUrlCacheGroup
InternetAlgIdToStringA
InternetConfirmZoneCrossingA
UnlockUrlCacheEntryStream
InternetCloseHandle
HttpSendRequestW

dsquery

DllInstall
OpenSavedDsQuery
OpenQueryWindow
OpenSavedDsQueryW

ntdll

NtTraceEvent
RtlSubAuthoritySid
wcsstr
cos
NtMakeTemporaryObject
RtlFreeHandle
NtPlugPlayControl
RtlGetNtVersionNumbers
DbgUiStopDebugging
ZwAccessCheck
NtRequestPort
RtlDeleteSecurityObject
NtReadVirtualMemory
NtRequestWaitReplyPort
RtlZeroHeap
RtlRandomEx
RtlEnlargedIntegerMultiply
NtOpenSymbolicLinkObject
NtQueryIoCompletion
NtStopProfile
NtRaiseException
NtDeleteObjectAuditAlarm

kernel32

SetFileShortNameW
BuildCommDCBAndTimeoutsW
FileTimeToDosDateTime
EnumDateFormatsExW
OutputDebugStringA
GetTempPathW
SetLastError
FindFirstFileExW
GetModuleHandleA
VirtualAlloc
FlushViewOfFile
UTUnRegister
DosDateTimeToFileTime
GetCurrentThreadId
LoadLibraryA
FindNextVolumeMountPointA
SetEvent
GetProcessHeaps
QueueUserAPC
FindFirstFileA

Sections

.text
Size: 482KB - Virtual size: 482KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 356KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 364B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

21c1c7caee91f0d1b7223a77d48c9656

Headers

DLL Characteristics

File Characteristics

Imports

cfgmgr32

oleaut32

wininet

dsquery

ntdll

kernel32

Sections

.text Size: 482KB - Virtual size: 482KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 356KB - Virtual size: 1.8MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 364B

.text
Size: 482KB - Virtual size: 482KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 356KB - Virtual size: 1.8MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 364B