e68057c82e451a8473d436d9e898dabd870d0e710f910b84753bc5b509d9e6bb

Sharing

Copy URL Twitter E-mail

General

Target

e68057c82e451a8473d436d9e898dabd870d0e710f910b84753bc5b509d9e6bb
Size

105KB
MD5

06351df10c71f8d92d25f0d3d6472ef7
SHA1

881eaa08c29fc7613c76e518e1f069c7ef916827
SHA256

e68057c82e451a8473d436d9e898dabd870d0e710f910b84753bc5b509d9e6bb
SHA512

5fe2b9aa031a92884d188eb0650c8c88e02e1f88ebaabafd4c62fb2847dac03eff01192f3c25c0bbc8dcc8e6ee1a20137137c75986cf00e112132f0e96987dfd
SSDEEP

1536:6omgU7A4SAjiDVgvRdY5Zot3MgqzPA+7Z22g0rjgQfqTEdS/:E7AAagvRdYgtca+7wAjjqYo

Score

N/A

Malware Config

Signatures

Files

e68057c82e451a8473d436d9e898dabd870d0e710f910b84753bc5b509d9e6bb
.exe windows x86

21740304a39d328300973b2f7bbdd83d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cryptnet

LdapProvOpenStore
I_CryptNetGetUserDsStoreUrl
CertDllVerifyCTLUsage
CryptRetrieveObjectByUrlW
DllUnregisterServer
I_CryptNetGetHostNameFromUrl
CertDllVerifyRevocation
I_CryptNetEnumUrlCacheEntry
CryptFlushTimeValidObject
CryptInstallCancelRetrieval
CryptRetrieveObjectByUrlA
CryptGetTimeValidObject
CryptGetObjectUrl
CryptCancelAsyncRetrieval
CryptUninstallCancelRetrieval
DllRegisterServer

kernel32

Heap32Next
MultiByteToWideChar
GetLocaleInfoA
EnumUILanguagesA
HeapQueryInformation
DeleteFiber
GetDateFormatA
_lcreat
TlsGetValue
CreateMutexW
CreateFiberEx
Module32First
SetEnvironmentVariableA
SignalObjectAndWait
SetConsoleCP
HeapWalk
SwitchToFiber
MulDiv
SetTapePosition
TlsFree
GetConsoleAliasExesLengthA
GetProcAddress
GetVolumeInformationW
VirtualAlloc
LoadLibraryExA
VirtualFreeEx
RequestDeviceWakeup
GetStdHandle
QueueUserAPC
VirtualUnlock
IsDBCSLeadByteEx
Process32First
IsBadHugeWritePtr
PrivMoveFileIdentityW
GetDiskFreeSpaceW
WriteFileEx
Thread32Next
CreateProcessInternalW
CompareFileTime
LoadLibraryA
GetConsoleAliasesLengthW
DnsHostnameToComputerNameA
WriteFileGather
ResetWriteWatch
GetLastError
CreateDirectoryExA
FlushConsoleInputBuffer
GetProfileStringW
GetOverlappedResult
GetVDMCurrentDirectories

msvbvm60

__vbaOnError
TipInvokeMethod
__vbaVarTextLikeVar
PutMemNewObj
__vbaR8IntI4
rtDecFromVar
rtcCos
rtcVarFromVar
rtcBstrFromAnsi
__vbaCyAbs
EbGetErrorInfo
__vbaVarTextCmpGe
EVENT_SINK_QueryInterface
__vbaVarCmpGt
__vbaCyForNext
__vbaCyErrVar
GetMem1
__vbaR4Sgn
Zombie_GetTypeInfoCount
rtcGetDayOfMonth
__vbaFreeObjList
BASIC_CLASS_AddRef
__vbaLdZeroAry
__vbaMidStmtVar
__vbaAryRebase1Var
__vbaVarTextTstEq
__vbaCyMul
rtcGetTimeVar
__vbaRsetFixstrFree
__vbaStrUI1
__vbaPutFxStr3
__vbaVarZero
__vbaLsetFixstrFree
__vbaLateIdStAd
__vbaVarTextCmpNe
_CIlog
TipUnloadProject
__vbaLbound
__vbaHresultCheckNonvirt
__vbaVarTextTstGe
rtcSendKeys
rtcSplit
GetMem2
__vbaPut4
rtcMIRR
__vbaStrToUnicode

msvcp60

_Toupper

Sections

.rsrc
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 14.3MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 707KB - Virtual size: 707KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

21740304a39d328300973b2f7bbdd83d

Headers

File Characteristics

Imports

cryptnet

kernel32

msvbvm60

msvcp60

Sections

.rsrc Size: 42KB - Virtual size: 41KB

.data Size: - Virtual size: 14.3MB

.text Size: 707KB - Virtual size: 707KB

.tls Size: 512B - Virtual size: 4KB

.rsrc
Size: 42KB - Virtual size: 41KB

.data
Size: - Virtual size: 14.3MB

.text
Size: 707KB - Virtual size: 707KB

.tls
Size: 512B - Virtual size: 4KB