2ddbb97938f8267f53e8fa4f1e1c61c0e07e03221c8a2d8f735900a5e8ec90ae

Sharing

Copy URL Twitter E-mail

General

Target

2ddbb97938f8267f53e8fa4f1e1c61c0e07e03221c8a2d8f735900a5e8ec90ae
Size

869KB
MD5

0689a0b059cdadd8f005a24742d8db1b
SHA1

68c4697058370d62f50cf51ff825a720f0366d5d
SHA256

2ddbb97938f8267f53e8fa4f1e1c61c0e07e03221c8a2d8f735900a5e8ec90ae
SHA512

7b8166b15533fe0e010e418bdfa368d90f1e8cd6cf68c26ba585420fab771b4f48fa5df7d74582fb275ce2f2ed370bb9b32141376c0eea92a0751c8eb6037627
SSDEEP

24576:xAh9oyVbkdjiFzMx+dtDkFbUp+VcX2cT637f6AbF2BfVV:xA3K3+LcbUH2g63L6ZVV

Score

N/A

Malware Config

Signatures

Files

2ddbb97938f8267f53e8fa4f1e1c61c0e07e03221c8a2d8f735900a5e8ec90ae
.exe windows x86

8bfdb68949a5416e635f76a057cd14fa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crtdll

iswalnum
_tzname
__mb_cur_max_dll
_getw
_spawnlpe
_mbsnbcpy
system
_wcslwr
fabs
printf
__doserrno
frexp
_ismbbgraph
strlen
_aexit_rtn_dll
ispunct
_snprintf

ole32

CoAddRefServerProcess
CoFreeUnusedLibrariesEx
HPALETTE_UserMarshal
OleLoad
PropVariantChangeType
STGMEDIUM_UserMarshal
FreePropVariantArray
CoGetMarshalSizeMax
STGMEDIUM_UserSize
HMETAFILE_UserMarshal
SetDocumentBitStg
OleUninitialize
CoWaitForMultipleHandles
UpdateDCOMSettings
GetHGlobalFromILockBytes
CoRegisterClassObject
OleCreateLinkToFile
OleCreateEx

msvcrt

getwchar
_outp
?terminate@@YAXXZ
getenv
_osplatform
swprintf
_fpreset
_CxxThrowException
_findnext64
_mbsncmp
ldexp
__getmainargs
free
_wutime64
_dup2
__set_app_type
_tolower
exit
_ui64toa
_wpopen
__p__commode

mfcsubs

?AfxA2WHelper@@YGPAGPAGPBDH@Z
??N@YG_NPBGABVCString@@@Z
?MakeReverse@CString@@QAEXXZ
?FormatMessageW@CString@@QAAXPBGZZ
?InsertAt@CStringArray@@QAEXHPAV1@@Z
?GetData@CStringArray@@QBEPBVCString@@XZ
?CompareNoCase@CString@@QBEHPBG@Z
?SetSize@CStringArray@@QAEXHH@Z
?AllocBeforeWrite@CString@@IAEXH@Z
?GetStartPosition@CMapStringToPtr@@QBEPAU__POSITION@@XZ

kernel32

LocalAlloc
GetNamedPipeHandleStateW
GetTimeZoneInformation
SetLocaleInfoA
GetStartupInfoA
IsValidCodePage
EnumDateFormatsExA
GetProfileIntW
LoadLibraryA
GetSystemTimeAsFileTime

Sections

.text
Size: 379KB - Virtual size: 379KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 181KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 190KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8bfdb68949a5416e635f76a057cd14fa

Headers

File Characteristics

Imports

crtdll

ole32

msvcrt

mfcsubs

kernel32

Sections

.text Size: 379KB - Virtual size: 379KB

.rdata Size: 89KB - Virtual size: 88KB

.data Size: 181KB - Virtual size: 1.6MB

.rsrc Size: 190KB - Virtual size: 190KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 379KB - Virtual size: 379KB

.rdata
Size: 89KB - Virtual size: 88KB

.data
Size: 181KB - Virtual size: 1.6MB

.rsrc
Size: 190KB - Virtual size: 190KB

.reloc
Size: 1KB - Virtual size: 1KB