db59f8e518dc904b4171cb1140635bc7414f675f198cdc02cf860821665b0638

Sharing

Copy URL Twitter E-mail

General

Target

db59f8e518dc904b4171cb1140635bc7414f675f198cdc02cf860821665b0638
Size

156KB
MD5

405ff2244dfb146bac365d7145ddf3a0
SHA1

2a3a28a120ee6afc8fb1fb5be614705b960916a0
SHA256

db59f8e518dc904b4171cb1140635bc7414f675f198cdc02cf860821665b0638
SHA512

784cdca2781d5630064de4300133278dda2008d6076cf308233432f32391fff097a42d01c72d1ee69fe94be71630b87bd8fe7eed745428482bd3226683a1756d
SSDEEP

3072:OpG6baKO7hWi2moP6/doifTzw5pq75uwuXzwjrDJqwfYRqiqQNb:OFj8SmoP6u3y55uyDJqwfYEiBd

Score

N/A

Malware Config

Signatures

Files

db59f8e518dc904b4171cb1140635bc7414f675f198cdc02cf860821665b0638
.exe windows x86

8641c9e01e352fba0fa065dfe6fb4c6b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExpungeConsoleCommandHistoryA
FreeUserPhysicalPages
VerLanguageNameW
VirtualLock
_hread
SearchPathW
CancelWaitableTimer
CreateSemaphoreW
GetLocaleInfoW
AddConsoleAliasA
GetSystemInfo
RegisterConsoleIME
OpenSemaphoreW
RemoveDirectoryA
SetEndOfFile
GetNamedPipeInfo
GetCurrentThread
GetConsoleCursorInfo
LoadLibraryW
GetLargestConsoleWindowSize
GetUserDefaultLCID
GetProfileSectionW
LocalLock
SwitchToThread

d3d8thk

OsThunkDdGetAvailDriverMemory
OsThunkDdAttachSurface
OsThunkDdQueryMoCompStatus
OsThunkDdCanCreateD3DBuffer
OsThunkDdQueryDirectDrawObject
OsThunkDdDeleteSurfaceObject
OsThunkDdGetDriverState
OsThunkDdDestroyD3DBuffer
OsThunkDdSetColorKey
OsThunkDdAddAttachedSurface
OsThunkDdResetVisrgn
OsThunkDdSetOverlayPosition
OsThunkDdGetScanLine
OsThunkDdDestroySurface
OsThunkDdCreateD3DBuffer
OsThunkDdSetGammaRamp
OsThunkDdSetExclusiveMode
OsThunkDdBeginMoCompFrame
OsThunkDdUnlock

cfgmgr32

CM_Delete_DevNode_Key
CM_Register_Device_Driver
CM_Enumerate_Classes_Ex
CM_Enumerate_EnumeratorsA
CMP_Report_LogOn
CM_Set_DevNode_Registry_PropertyA
CM_Add_ID_ExA
CM_Get_Child_Ex
CM_Get_Device_Interface_AliasW
CM_Intersect_Range_List
CM_Set_HW_Prof_FlagsW
CM_Get_Res_Des_Data
CM_Move_DevNode

msvcirt

?ws@@YAAAVistream@@AAV1@@Z
?rdbuf@fstream@@QBEPAVfilebuf@@XZ
??_Eexception@@UAEPAXI@Z
??_8strstream@@7Bostream@@@
??_7strstream@@6B@
??1filebuf@@UAE@XZ
_mtlock
?read@istream@@QAEAAV1@PACH@Z
??4exception@@QAEAAV0@ABV0@@Z
?unlockbuf@ios@@QAAXXZ
??_Difstream@@QAEXXZ
?overflow@filebuf@@UAEHH@Z
??4ostream_withassign@@QAEAAVostream@@PAVstreambuf@@@Z
?xsputn@streambuf@@UAEHPBDH@Z
?isfx@istream@@QAEXXZ
?fLockcInit@ios@@0HA
?xalloc@ios@@SAHXZ
??4streambuf@@QAEAAV0@ABV0@@Z
??4ios@@IAEAAV0@ABV0@@Z
?writepad@ostream@@AAEAAV1@PBD0@Z

scarddlg

SCardDlgExtendedError
SCardUIDlgSelectCardW
SCardUIDlgSelectCardA
GetOpenCardNameA
GetOpenCardNameW

olesvr32

OleRegisterServerDoc
OleRegisterServer
OleRenameServerDoc
WEP
EnumForTerminate
OleSavedServerDoc
SendDataMsg
FindItemWnd
TerminateDocClients
OleBlockServer
OleRevokeServerDoc
DeleteClientInfo
OleUnblockServer
DocWndProc
ItemWndProc
SrvrWndProc
OleQueryServerVersion
ItemCallBack
TerminateClients
OleRevokeObject
OleRevokeServer
OleRevertServerDoc
SendRenameMsg

Sections

.text
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8641c9e01e352fba0fa065dfe6fb4c6b

Headers

File Characteristics

Imports

kernel32

d3d8thk

cfgmgr32

msvcirt

scarddlg

olesvr32

Sections

.text Size: 49KB - Virtual size: 49KB

.rdata Size: 51KB - Virtual size: 51KB

.data Size: 52KB - Virtual size: 51KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 49KB - Virtual size: 49KB

.rdata
Size: 51KB - Virtual size: 51KB

.data
Size: 52KB - Virtual size: 51KB

.rsrc
Size: 1KB - Virtual size: 1KB