a9e8e3ef69572131193a99bd3492b94c049596956fa9dc230d8809d94217ab3a

Sharing

Copy URL Twitter E-mail

General

Target

a9e8e3ef69572131193a99bd3492b94c049596956fa9dc230d8809d94217ab3a
Size

238KB
MD5

826c1620cc00337e397b62a171637e50
SHA1

f941a9c23067ec29d23bdb366052f7d5a0a36d86
SHA256

a9e8e3ef69572131193a99bd3492b94c049596956fa9dc230d8809d94217ab3a
SHA512

cbca92bc1d1e71f5072d76cf4f5b092258a3c1bbbe28fedb9b628167c7616ecaabf612e0db10402521fac25d19e4ac200a4dee31bb9a10976fe5e0df840101b4
SSDEEP

6144:lj/F2jev1hXmWd5ttjq8zLozB/XEeLtnSzJb/zBAf/fu6:hd2iDXz5jpQ1Ztqb9Af/Z

Score

N/A

Malware Config

Signatures

Files

a9e8e3ef69572131193a99bd3492b94c049596956fa9dc230d8809d94217ab3a
.exe windows x86

3b7bd8757d6679c0657a1845d7c4b902

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStringsA
SetSystemPowerState
LocalShrink
GetTempPathW
RegisterWowExec
GetLocaleInfoA
GetProcessId
ChangeTimerQueueTimer
LoadLibraryW
EnumCalendarInfoExW
SetConsoleScreenBufferSize
GetWindowsDirectoryA
CreateConsoleScreenBuffer
EnterCriticalSection

mscat32

CryptCATGetCatAttrInfo
CryptCATAdminAddCatalog
CryptCATGetMemberInfo
CryptCATCDFEnumAttributesWithCDFTag
CryptCATAdminEnumCatalogFromHash
CryptCATAdminAcquireContext
CryptCATAdminReleaseContext
CryptCATCDFEnumCatAttributes
CatalogCompactHashDatabase
CryptCATCDFEnumMembers
CryptCATGetAttrInfo
CryptCATCDFEnumMembersByCDFTagEx
CryptCATEnumerateCatAttr
CryptCATCatalogInfoFromContext
CryptCATCDFEnumMembersByCDFTag
DllUnregisterServer
CryptCATAdminCalcHashFromFileHandle
CryptCATOpen
CryptCATCDFClose
DllRegisterServer
CryptCATPersistStore

t2embed

_TTEmbedFontFromFileA@52
_TTRunValidationTests@8
_TTIsEmbeddingEnabledForFacename@8
_TTCharToUnicode@24
TTRunValidationTests
_TTGetEmbeddingType@8
TTGetEmbeddingType
TTGetNewFontName
TTEmbedFont
_TTGetEmbeddedFontInfo@28
_TTLoadEmbeddedFont@40
TTIsEmbeddingEnabled
_TTIsEmbeddingEnabled@8
TTRunValidationTestsEx
_TTDeleteEmbeddedFont@12
TTEmbedFontEx
TTLoadEmbeddedFont
_TTEmbedFont@44
TTDeleteEmbeddedFont
TTEmbedFontFromFileA
TTCharToUnicode
_TTEnableEmbeddingForFacename@8
TTGetEmbeddedFontInfo
TTEnableEmbeddingForFacename
TTIsEmbeddingEnabledForFacename

sqlunirl

_RegLoadKey_@12
_PostMessage@16
_PolyTextOut_@12
_DrawText@20
AllocConvertMultiSZNameToA
_EnumDependentServices_@24
_Shell_NotifyIcon_@8
_BroadcastSystemMessage_@20
_GetVolumeInformation_@32
_EnumResourceLanguages_@20
_OpenFileMapping_@12
_MoveFile@8
_FatalAppExit_@8

crypt32

CertGetValidUsages
CertSetCRLContextProperty
CertFindCertificateInStore
CryptSignAndEncodeCertificate
CryptInstallDefaultContext
I_CryptInstallOssGlobal
CertGetPublicKeyLength
CertFreeCertificateContext
CertFreeCertificateChain
CertGetCTLContextProperty

crtdll

atan2
_mbctype
_getdiskfree
_stricmp
_clearfp
isxdigit
mbtowc
_wtol
_lrotr
modf
wcschr
_c_exit
strspn
_mbsnicmp
_kbhit

Sections

.text
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b7bd8757d6679c0657a1845d7c4b902

Headers

File Characteristics

Imports

kernel32

mscat32

t2embed

sqlunirl

crypt32

crtdll

Sections

.text Size: 113KB - Virtual size: 112KB

.rdata Size: 29KB - Virtual size: 28KB

.data Size: 84KB - Virtual size: 83KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 113KB - Virtual size: 112KB

.rdata
Size: 29KB - Virtual size: 28KB

.data
Size: 84KB - Virtual size: 83KB

.rsrc
Size: 10KB - Virtual size: 9KB