64f94a730f4a73d291bc620f7440952be86f573fecd65d606f34e03342c3f3e4

Sharing

Copy URL

Twitter E-mail

General

Target

64f94a730f4a73d291bc620f7440952be86f573fecd65d606f34e03342c3f3e4
Size

827KB
MD5

0a630138e4cfb57388018de853fd243e
SHA1

8433cc50bfc68b5f0e8cd1a47ab4cc2847e747e1
SHA256

64f94a730f4a73d291bc620f7440952be86f573fecd65d606f34e03342c3f3e4
SHA512

db0ff351e7238b822fd610d69983571b3103a38efebb832c91767be696d0f218beb2b776c295149c3754f150d4ed55946ba2ceae3a4acfd1e4008f8159fe273d
SSDEEP

12288:EmKEbPAwDUjiWt4Qx7TzySWaM6LF/cs2DmWxz3EIFnE6O5:IQowDb24Qxvzyh0CJDzxLje

Score

N/A

Malware Config

Signatures

Files

64f94a730f4a73d291bc620f7440952be86f573fecd65d606f34e03342c3f3e4
.exe windows x86

0709c7728138e440608278e63671b48b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcirt

?overflow@strstreambuf@@UAEHH@Z
?get@istream@@QAEAAV1@AAE@Z
?unsetf@ios@@QAEJJ@Z
?underflow@strstreambuf@@UAEHXZ
?read@istream@@QAEAAV1@PAEH@Z
??0strstreambuf@@QAE@XZ
?cin@@3Vistream_withassign@@A
??_7istream@@6B@
??_Difstream@@QAEXXZ
?write@ostream@@QAEAAV1@PBEH@Z
?setf@ios@@QAEJJJ@Z
??1ofstream@@UAE@XZ
?delbuf@ios@@QAEXH@Z
??_7ios@@6B@
?x_curindex@ios@@0HA
??1fstream@@UAE@XZ
?put@ostream@@QAEAAV1@C@Z
??0ofstream@@QAE@XZ
??1ostrstream@@UAE@XZ

msls31

LsdnSubmitSublines
LsQueryLineDup
LsdnQueryPenNode
LsFindPrevBreakSubline
LsQueryTextCellDetails
LsPointXYFromPointUV
LsdnSetRigidDup
LsSetBreaking
LsSqueezeSubline
LsFinishCurrentSubline
LsdnQueryObjDimRange

oleaut32

VarCmp
VarUI4FromStr
VarUI8FromDec
DllCanUnloadNow
VarCyFromDisp
VarUI4FromI2
VarDateFromDec
VariantChangeTypeEx
VarCyFromDec
VarDateFromI1
VarUI2FromBool
VarBstrFromDec
VarDateFromUI1
VarI2FromI1
VarDecFromR8
VarUI2FromUI8
VarI2FromUI8
VarDecFromI2
VarBoolFromUI2
SafeArrayGetLBound
VarCyAbs
VarDateFromI2
VarCyMulI8
VarI1FromDec
OaBuildVersion
VarBoolFromUI4
SetErrorInfo
VarUI4FromI8
VarUI4FromI1
VarUI2FromI1
VarBoolFromI4
OleLoadPictureEx
VarCySub
OleLoadPictureFileEx
VarDecNeg
VarUI8FromI8
VarI2FromUI2
VarBoolFromDec
VarUI1FromUI4
VarFormatDateTime
SafeArrayGetIID
VarDecDiv
SafeArrayAllocData
OleLoadPicture

esent

JetGetDatabaseInfo
JetGetLock
JetInit@4
JetCreateInstance2
JetDupCursor
JetSnapshotStop
JetGetColumnInfo
JetSetCurrentIndex
JetReadFileInstance
JetCloseTable
JetRegisterCallback
JetSetCurrentIndex4
JetGetBookmark
JetEscrowUpdate
JetSetTableSequential
JetGetTableIndexInfo
JetSetColumn
JetRenameColumn
JetBeginSession
JetOpenTable
JetGetLogInfoInstance2
JetSetCurrentIndex3
JetMakeKey@20
JetGotoBookmark
JetDBUtilities

rsaenh

CPDestroyKey
CPSignHash
CPGetProvParam
CPGenKey
CPGetUserKey
CPSetHashParam
DllRegisterServer
DllUnregisterServer
CPDestroyHash
CPEncrypt
CPDeriveKey
CPImportKey
CPCreateHash
CPDuplicateKey
CPDuplicateHash

iphlpapi

InternalSetIfEntry
NhGetInterfaceNameFromDeviceGuid
IpReleaseAddress
InternalGetTcpTable
InternalCreateIpForwardEntry
GetUniDirectionalAdapterInfo
GetIfTable
RestoreMediaSense
UnenableRouter
GetAdapterIndex
_PfRemoveGlobalFilterFromInterface@8
do_echo_req
GetBestInterface

kernel32

GetNamedPipeInfo
UpdateResourceW
ResumeThread
FindNextChangeNotification
GetFileSizeEx
SetConsoleCP
CancelDeviceWakeupRequest
ReadConsoleInputExA
TlsAlloc
LoadLibraryW
TlsGetValue
FindActCtxSectionStringA
LocalAlloc
GetSystemTimeAsFileTime
SetLastError
GetTimeZoneInformation
CreateRemoteThread
BuildCommDCBAndTimeoutsA
ShowConsoleCursor
GetTickCount

Sections

.text
Size: 366KB - Virtual size: 366KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 133KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 165KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 900B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0709c7728138e440608278e63671b48b

Headers

DLL Characteristics

File Characteristics

Imports

msvcirt

msls31

oleaut32

esent

rsaenh

iphlpapi

kernel32

Sections

.text Size: 366KB - Virtual size: 366KB

.rdata Size: 133KB - Virtual size: 132KB

.data Size: 165KB - Virtual size: 1.6MB

.rsrc Size: 160KB - Virtual size: 160KB

.reloc Size: 1024B - Virtual size: 900B

.text
Size: 366KB - Virtual size: 366KB

.rdata
Size: 133KB - Virtual size: 132KB

.data
Size: 165KB - Virtual size: 1.6MB

.rsrc
Size: 160KB - Virtual size: 160KB

.reloc
Size: 1024B - Virtual size: 900B