c14c5a1284648171535ee3fc0fc97b5f4ecabd97ced8eda2217648e186fac2fa

Sharing

Copy URL

Twitter E-mail

General

Target

c14c5a1284648171535ee3fc0fc97b5f4ecabd97ced8eda2217648e186fac2fa
Size

826KB
MD5

0c0572b648ee72c11f9a8f4b78b94348
SHA1

738fd696d2665ffba121055a8ba8fa7092cf473a
SHA256

c14c5a1284648171535ee3fc0fc97b5f4ecabd97ced8eda2217648e186fac2fa
SHA512

26644fc0b208eb15638fac30ead4124909e9ff8ae7b90e8d0b715fb4af997971dcb115e51988d3881da5593c1f00aeb1fbe977e363dd963c8778c2dbd8418050
SSDEEP

24576:JnH0+WFIwdkamoA6RxXbW9vNNIcX0VGj1x:BHlSrmoPXuvNq21x

Score

N/A

Malware Config

Signatures

Files

c14c5a1284648171535ee3fc0fc97b5f4ecabd97ced8eda2217648e186fac2fa
.exe windows x86

72f1334ae508c56a83f73b42dc0c9dc0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GdiEntry2
DdEntry35
EnumObjects
GdiFixUpHandle
GetEnhMetaFileHeader
SetBitmapBits
PolyPolyline
XLATEOBJ_hGetColorTransform
CloseMetaFile
SetLayout
GdiEntry7
WidenPath

mmcbase

?MMCErrorBox@@YGHVSC@mmcerror@@I@Z
?ToHr@SC@mmcerror@@QBEJXZ
?MMCErrorBox@@YGHPBGVSC@mmcerror@@I@Z
?GetSingletonObject@CMMCStrongReferences@@CGAAV1@XZ
?GetEventBuffer@@YGAAVCEventBuffer@@XZ
?GetMainThreadID@SC@mmcerror@@SGKXZ
?MakeSc@SC@mmcerror@@AAEXW4facility_type@12@J@Z
?MMCErrorBox@@YGHPBGI@Z
?MMCErrorBox@@YGHII@Z
??0CEventBuffer@@QAE@ABV0@@Z
?FromLastError@SC@mmcerror@@QAEAAV12@XZ
?FromWin32@SC@mmcerror@@QAEAAV12@J@Z
??4CEventBuffer@@QAEAAV0@ABV0@@Z
??1?$CEventLock@UAppEvents@@@@QAE@XZ
??0?$CEventLock@UAppEvents@@@@QAE@XZ
??8SC@mmcerror@@QBE_NJ@Z
?GetComObjectEventSource@@YGAAV?$CEventSource@VCComObjectObserver@@VCVoid@@V2@V2@V2@@@XZ
?Trace_@SC@mmcerror@@QBEXXZ
?HrFromSc@@YGJABVSC@mmcerror@@@Z
??0CEventBuffer@@QAE@XZ
?SCODEFromSc@@YGJABVSC@mmcerror@@@Z
?SetHWnd@SC@mmcerror@@SGXPAUHWND__@@@Z
??_FSC@mmcerror@@QAEXXZ
?TraceAndClear@SC@mmcerror@@QAEXXZ
?AddRef@CMMCStrongReferences@@SGKXZ
?GetHinst@SC@mmcerror@@SGPAUHINSTANCE__@@XZ
?InternalRelease@CMMCStrongReferences@@AAEKXZ
?Lock@CEventBuffer@@QAEXXZ

esent

JetDetachDatabase
JetStopBackupInstance
JetCommitTransaction
JetBeginExternalBackup
JetExternalRestore2
JetCreateIndex2
JetCloseFileInstance
JetCloseDatabase@12
JetEndExternalBackup
JetDelete
JetTerm
JetGrowDatabase
JetCreateTable
JetGetCounter
JetUpgradeDatabase
JetSetCurrentIndex2
JetOSSnapshotThaw
JetOpenFile
JetDeleteIndex
JetDelete@8
JetCreateDatabase2
JetCreateTableColumnIndex
JetGetSystemParameter

kernel32

TzSpecificLocalTimeToSystemTime
SetThreadIdealProcessor
GetUserDefaultLCID
GetConsoleFontSize
GetTickCount
ReadConsoleOutputAttribute
FindVolumeClose
FindActCtxSectionStringW
SetLastError
RequestWakeupLatency
LoadLibraryW
SetHandleInformation
GetNumberOfConsoleMouseButtons
GetModuleFileNameA
GetLocaleInfoA
WriteConsoleInputVDMA

user32

GetNextDlgTabItem
CloseWindow
LoadRemoteFonts
GetWindowRect
UnregisterHotKey
MapVirtualKeyExA
SendNotifyMessageA
GetScrollInfo
PaintMenuBar
SetWindowTextA
MessageBoxA
IMPSetIMEW
EditWndProc
DdeConnect
keybd_event
TranslateMessageEx
SetFocus
UnloadKeyboardLayout
CreateIconFromResourceEx
RealGetWindowClass
GetKeyboardLayout
SetDlgItemTextW
UpdatePerUserSystemParameters
CloseWindowStation

msdart

?GetDefaultSpinCount@CReaderWriterLock@@SGGXZ
??1CDoubleList@@QAE@XZ
?TryReadLock@CReaderWriterLock2@@QAE_NXZ
?_TryReadLock@CReaderWriterLock2@@AAE_NXZ
?IsEmpty@CLockedDoubleList@@QBE_NXZ
?WriteLock@CCritSec@@QAEXXZ
?GetDefaultSpinCount@CFakeLock@@SGGXZ
?Size@CLKRLinearHashTable@@QBEKXZ
?TryReadLock@CSmallSpinLock@@QAE_NXZ

wsnmp32

SnmpRegister
SnmpGetVendorInfo
SnmpOidCopy
SnmpGetRetransmitMode
SnmpGetRetry
SnmpListen
SnmpGetVb
SnmpCancelMsg
SnmpGetLastError
SnmpFreeDescriptor
SnmpStrToEntity
SnmpFreePdu
SnmpGetTranslateMode
SnmpFreeEntity
SnmpGetPduData
SnmpStartup
SnmpStrToOid
SnmpRecvMsg
SnmpStrToContext

Sections

.text
Size: 364KB - Virtual size: 364KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 150KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 189KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 892B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

72f1334ae508c56a83f73b42dc0c9dc0

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

mmcbase

esent

kernel32

user32

msdart

wsnmp32

Sections

.text Size: 364KB - Virtual size: 364KB

.rdata Size: 150KB - Virtual size: 149KB

.data Size: 189KB - Virtual size: 1.6MB

.rsrc Size: 121KB - Virtual size: 120KB

.reloc Size: 1024B - Virtual size: 892B

.text
Size: 364KB - Virtual size: 364KB

.rdata
Size: 150KB - Virtual size: 149KB

.data
Size: 189KB - Virtual size: 1.6MB

.rsrc
Size: 121KB - Virtual size: 120KB

.reloc
Size: 1024B - Virtual size: 892B