ea34d20d0be019e14b68453053851d6ee815368769cd0c09bd2e896da453d23d

Sharing

Copy URL Twitter E-mail

General

Target

ea34d20d0be019e14b68453053851d6ee815368769cd0c09bd2e896da453d23d
Size

238KB
MD5

8471a9dbaae874a8c19e0462b362f5a0
SHA1

405c9556f23183b2f3a9a3f04501daf3ba51f74c
SHA256

ea34d20d0be019e14b68453053851d6ee815368769cd0c09bd2e896da453d23d
SHA512

c791b1d0e05ad4d0991e5c79e1d4813a3204e8d72ea9d61b477e36c1b8e718a59df483e36862d74aa03b4f0b81f6a9828f1e2cca2d00dad0e948092427615140
SSDEEP

6144:lj/F2jev1hXmWd5ttjq8zLozB/XEeLtnSzJb/zBAf/fu7:hd2iDXz5jpQ1Ztqb9Af/Q

Score

N/A

Malware Config

Signatures

Files

ea34d20d0be019e14b68453053851d6ee815368769cd0c09bd2e896da453d23d
.exe windows x86

3b7bd8757d6679c0657a1845d7c4b902

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStringsA
SetSystemPowerState
LocalShrink
GetTempPathW
RegisterWowExec
GetLocaleInfoA
GetProcessId
ChangeTimerQueueTimer
LoadLibraryW
EnumCalendarInfoExW
SetConsoleScreenBufferSize
GetWindowsDirectoryA
CreateConsoleScreenBuffer
EnterCriticalSection

mscat32

CryptCATGetCatAttrInfo
CryptCATAdminAddCatalog
CryptCATGetMemberInfo
CryptCATCDFEnumAttributesWithCDFTag
CryptCATAdminEnumCatalogFromHash
CryptCATAdminAcquireContext
CryptCATAdminReleaseContext
CryptCATCDFEnumCatAttributes
CatalogCompactHashDatabase
CryptCATCDFEnumMembers
CryptCATGetAttrInfo
CryptCATCDFEnumMembersByCDFTagEx
CryptCATEnumerateCatAttr
CryptCATCatalogInfoFromContext
CryptCATCDFEnumMembersByCDFTag
DllUnregisterServer
CryptCATAdminCalcHashFromFileHandle
CryptCATOpen
CryptCATCDFClose
DllRegisterServer
CryptCATPersistStore

t2embed

_TTEmbedFontFromFileA@52
_TTRunValidationTests@8
_TTIsEmbeddingEnabledForFacename@8
_TTCharToUnicode@24
TTRunValidationTests
_TTGetEmbeddingType@8
TTGetEmbeddingType
TTGetNewFontName
TTEmbedFont
_TTGetEmbeddedFontInfo@28
_TTLoadEmbeddedFont@40
TTIsEmbeddingEnabled
_TTIsEmbeddingEnabled@8
TTRunValidationTestsEx
_TTDeleteEmbeddedFont@12
TTEmbedFontEx
TTLoadEmbeddedFont
_TTEmbedFont@44
TTDeleteEmbeddedFont
TTEmbedFontFromFileA
TTCharToUnicode
_TTEnableEmbeddingForFacename@8
TTGetEmbeddedFontInfo
TTEnableEmbeddingForFacename
TTIsEmbeddingEnabledForFacename

sqlunirl

_RegLoadKey_@12
_PostMessage@16
_PolyTextOut_@12
_DrawText@20
AllocConvertMultiSZNameToA
_EnumDependentServices_@24
_Shell_NotifyIcon_@8
_BroadcastSystemMessage_@20
_GetVolumeInformation_@32
_EnumResourceLanguages_@20
_OpenFileMapping_@12
_MoveFile@8
_FatalAppExit_@8

crypt32

CertGetValidUsages
CertSetCRLContextProperty
CertFindCertificateInStore
CryptSignAndEncodeCertificate
CryptInstallDefaultContext
I_CryptInstallOssGlobal
CertGetPublicKeyLength
CertFreeCertificateContext
CertFreeCertificateChain
CertGetCTLContextProperty

crtdll

atan2
_mbctype
_getdiskfree
_stricmp
_clearfp
isxdigit
mbtowc
_wtol
_lrotr
modf
wcschr
_c_exit
strspn
_mbsnicmp
_kbhit

Sections

.text
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b7bd8757d6679c0657a1845d7c4b902

Headers

File Characteristics

Imports

kernel32

mscat32

t2embed

sqlunirl

crypt32

crtdll

Sections

.text Size: 113KB - Virtual size: 112KB

.rdata Size: 29KB - Virtual size: 28KB

.data Size: 84KB - Virtual size: 83KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 113KB - Virtual size: 112KB

.rdata
Size: 29KB - Virtual size: 28KB

.data
Size: 84KB - Virtual size: 83KB

.rsrc
Size: 10KB - Virtual size: 9KB