9602aa9ef4d7b419158ac030af468ef31fc5ee84421d399502ee4ab985fb16ef

Sharing

Copy URL Twitter E-mail

General

Target

9602aa9ef4d7b419158ac030af468ef31fc5ee84421d399502ee4ab985fb16ef
Size

853KB
MD5

82a2d3db41b516f75a9b674c4a031878
SHA1

0e04d6454618ba803d6d8e22f9aa3109c7c8e76d
SHA256

9602aa9ef4d7b419158ac030af468ef31fc5ee84421d399502ee4ab985fb16ef
SHA512

a71c8a8863031a7823424697fd80d450524b0094c66ef650b96a165adeea157ad7a748e7ce64389edb44b2b94a0862dfe569c7a3dda1e29e7c98d80ea2f79bb4
SSDEEP

24576:Ii2gZYgJBCv3FTbw5yjUMKtoxG8AjL0Ibt0X9TlB8+Bygb4p6R1V:5LTmHw5yjkox9A+X8odbk6LV

Score

N/A

Malware Config

Signatures

Files

9602aa9ef4d7b419158ac030af468ef31fc5ee84421d399502ee4ab985fb16ef
.exe windows x86

5510ddfe1089e29b019f945a08ec1825

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetPerformanceInfo
GetModuleBaseNameA
InitializeProcessForWsWatch
EnumProcesses
EnumPageFilesW
GetDeviceDriverFileNameW
GetModuleFileNameExA
EnumDeviceDrivers
EnumProcessModules
GetModuleInformation
GetDeviceDriverBaseNameW
GetProcessMemoryInfo
GetDeviceDriverFileNameA
EmptyWorkingSet
GetWsChanges
GetModuleFileNameExW

mapistub

HrComposeMsgID@24
EncodeID@12
CreateIProp@24
MNLS_lstrlenW@4
CreateTable@36
MNLS_WideCharToMultiByte@32
HrDispatchNotifications@4
ScRelocNotifications@20
ScDupPropset@16
FBadProp@4
UFromSz@4
OpenIMsgOnIStg@44
UlPropSize@4
MNLS_IsBadStringPtrW@8
MAPIInitialize
BMAPIGetReadMail

kernel32

GetEnvironmentStringsA
GetGeoInfoW
HeapWalk
VirtualAlloc
GetModuleHandleA
GetProcessShutdownParameters
GetFileSizeEx
GetLongPathNameA
FillConsoleOutputAttribute
FatalExit
LoadLibraryA
GetLogicalDriveStringsA
GetTimeZoneInformation
FindFirstVolumeMountPointW
WaitForSingleObjectEx
ReadConsoleInputExW
GetFullPathNameW
CommConfigDialogA
CreateFileW
GlobalHandle
RemoveLocalAlternateComputerNameW
SetVolumeMountPointA
UnregisterWait
CreateSemaphoreW
SetVolumeLabelA
GetShortPathNameA
FindNextVolumeW
CreateEventA

d3dim700

FlushD3DDevices
CreateTexture
D3DBreakVBLock
SetPriority
Direct3D_HALCleanUp
Direct3DCreate
SetLOD
Direct3DCreateDevice
DestroyTexture
GetPriority
D3DFree
D3DMalloc
GetLOD
PaletteAssociateNotify
D3DRealloc
SurfaceFlipNotify
D3DTextureUpdate
PaletteUpdateNotify

msdart

?GetSpinCount@CSpinLock@@QBEGXZ
?WriteLock@CReaderWriterLock@@QAEXXZ
?TryWriteLock@CReaderWriterLock@@QAE_NXZ
?sm_dblDfltSpinAdjFctr@CSpinLock@@1NA
?sm_dblDfltSpinAdjFctr@CReaderWriterLock3@@1NA
FXMemDetach
?SetDefaultSpinCount@CReaderWriterLock2@@SGXG@Z
?InitializeVersionInfo@CMdVersionInfo@@CAHXZ
?sm_dblDfltSpinAdjFctr@CReaderWriterLock2@@1NA
?IsReadLocked@CLKRLinearHashTable@@QBE_NXZ
?IsReadLocked@CFakeLock@@QBE_NXZ
?BucketSizes@CLKRHashTableStats@@SGPBJXZ
?GetDefaultSpinCount@CFakeLock@@SGGXZ
?_ReadLockSpin@CReaderWriterLock@@AAEXXZ
?_CalcKeyHash@CLKRHashTable@@ABEKK@Z
?ReadOrWriteLock@CSpinLock@@QAE_NXZ
IrtlTrace

dbghelp

SymCleanup
SymGetModuleInfo64
SymRegisterFunctionEntryCallback
SymGetModuleInfoW64
SymEnumerateModules64
ImageNtHeader
SymGetSymNext
DbgHelpCreateUserDump
SymEnumTypes
SymGetSymNext64
ExtensionApiVersion
SymRegisterCallback
DbgHelpCreateUserDumpW
SymUnDName
SymGetLinePrev
SymGetModuleBase64
StackWalk64
SymLoadModule64
srcfiles

Sections

.text
Size: 753KB - Virtual size: 753KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5510ddfe1089e29b019f945a08ec1825

Headers

DLL Characteristics

File Characteristics

Imports

psapi

mapistub

kernel32

d3dim700

msdart

dbghelp

Sections

.text Size: 753KB - Virtual size: 753KB

.rdata Size: 91KB - Virtual size: 90KB

.data Size: 5KB - Virtual size: 1.5MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 753KB - Virtual size: 753KB

.rdata
Size: 91KB - Virtual size: 90KB

.data
Size: 5KB - Virtual size: 1.5MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB