7f1f554e091e5cff4c87c1b77e72efd799dcdede884051afd22ed0654a0837ec

Sharing

Copy URL Twitter E-mail

General

Target

7f1f554e091e5cff4c87c1b77e72efd799dcdede884051afd22ed0654a0837ec
Size

823KB
MD5

10ec20d7f5a18f2bc7ee4cd8d859f011
SHA1

8a1b8b8e7e37fbcc7da5e62476a6db01405802be
SHA256

7f1f554e091e5cff4c87c1b77e72efd799dcdede884051afd22ed0654a0837ec
SHA512

e5f41d3c1353983103b6b9935e339dffc72e07921fbaf1e29d4ccd98eb1a36dba566e7ead702016b6e257462e3c50ffd3ba29e9601e17dd1918d6d3e1b57b47e
SSDEEP

24576:itffVtlp+W66GM8FfvwOntn1VetdLSGL7k:iffLrmXFfvltnDgbA

Score

N/A

Malware Config

Signatures

Files

7f1f554e091e5cff4c87c1b77e72efd799dcdede884051afd22ed0654a0837ec
.exe windows x86

18e538c344c4be7ee46e899353bfa1d9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

RtlUpcaseUnicodeToOemN
NtReadVirtualMemory
RtlPushFrame
ZwSetUuidSeed
RtlReleaseResource
ZwCancelIoFile
RtlpUnWaitCriticalSection
ZwOpenTimer
NtOpenEventPair
NtReadRequestData
RtlFindActivationContextSectionGuid
ZwFlushVirtualMemory
RtlTraceDatabaseAdd
NtSetInformationToken
NtMakePermanentObject
ZwSignalAndWaitForSingleObject
ZwRestoreKey
RtlDeleteAtomFromAtomTable
ZwAllocateUuids
ZwMakePermanentObject
RtlSetUserFlagsHeap
NtStopProfile

kernel32

GetTickCount
SetConsoleScreenBufferSize
GetPrivateProfileStructW
FormatMessageW
SetComputerNameA
GetConsoleAliasA
RtlMoveMemory
GetAtomNameA
FlushConsoleInputBuffer
EnumDateFormatsA
QueryDosDeviceW
CopyFileExW
LoadLibraryW
GetModuleHandleW
SwitchToThread
QueryPerformanceCounter
GetCurrentThread
SetEvent
EnumUILanguagesA
CommConfigDialogW
WritePrivateProfileSectionW
GetCurrentActCtx
SetLocaleInfoW
GetLocaleInfoW
ScrollConsoleScreenBufferA
GetFileInformationByHandle
SetMailslotInfo
ClearCommBreak
DebugSetProcessKillOnExit

msoert2

_MSG
OpenFileStream
HrSafeGetStreamSize
CryptFreeFunc
FIsEmptyA
HrStreamSeekBegin
CreateStreamOnHFileW
CchFileTimeToDateTimeW
HrCheckTridentMenu
OpenFileStreamW
HrCreatePhonebookEntry
HrGetCertificateParam
CreateTempFileStream
AppendTempFileList
PszDayFromIndex
HrStreamSeekCur
CchFileTimeToDateTimeSz
UpdateRebarBandColors
HrStreamSeekEnd
IUnknownList_CreateInstance
CreateNotify
UlStripWhitespace
FBuildTempPathW
FBuildTempPath
CryptAllocFunc
HrRewindStream
StrToUintW

duser

AttachWndProcW
SetGadgetCenterPoint
PeekMessageExA
UtilDrawOutlineRect
DUserCastDirect
GetStdColorPenI
GetGadgetAnimation
GetDebug
GetGadgetFocus
InitGadgetComponent
RemoveGadgetProperty
DUserDeleteGadget
AttachWndProcA
GetGadgetRootInfo
RegisterGadgetMessage
DUserFindClass
FindStdColor
GetStdColorF
AddGadgetMessageHandler
UtilDrawBlendRect

crypt32

CertSetCertificateContextProperty
CryptCreateAsyncHandle
PFXExportCertStore
CryptMemFree
CertAddSerializedElementToStore
I_CertProtectFunction
CertAddCertificateContextToStore
CertFindRDNAttr
CertResyncCertificateChainEngine
CryptAcquireCertificatePrivateKey
CryptImportPublicKeyInfoEx
CertEnumCRLContextProperties
CryptFindLocalizedName
CertGetPublicKeyLength
CryptSIPRetrieveSubjectGuid
RegSetValueExU
I_CertSrvProtectFunction
CryptEncodeObjectEx

Sections

.text
Size: 365KB - Virtual size: 365KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 161KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 189KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

18e538c344c4be7ee46e899353bfa1d9

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

kernel32

msoert2

duser

crypt32

Sections

.text Size: 365KB - Virtual size: 365KB

.rdata Size: 161KB - Virtual size: 161KB

.data Size: 189KB - Virtual size: 1.6MB

.rsrc Size: 105KB - Virtual size: 104KB

.reloc Size: 1024B - Virtual size: 824B

.text
Size: 365KB - Virtual size: 365KB

.rdata
Size: 161KB - Virtual size: 161KB

.data
Size: 189KB - Virtual size: 1.6MB

.rsrc
Size: 105KB - Virtual size: 104KB

.reloc
Size: 1024B - Virtual size: 824B