ed803232ba2c6f86c85747f63c9de42d86a418ad8daa4128b43d409bc74fe5dc

Sharing

Copy URL Twitter E-mail

General

Target

ed803232ba2c6f86c85747f63c9de42d86a418ad8daa4128b43d409bc74fe5dc
Size

236KB
MD5

46f5496bca6d2291b8ecd29bf88ac124
SHA1

17f9d57f8a931cfe8266b8b98409aff6f855be50
SHA256

ed803232ba2c6f86c85747f63c9de42d86a418ad8daa4128b43d409bc74fe5dc
SHA512

bc6107c7a7f39b54104e40c2a411465a799bf338ffd65435d197aa047a32bed8a7fc8d8a6dff495debeb9423fd8a4022e17860c346ebacd0dc2978491548a767
SSDEEP

6144:iwiR5ZbjQUXLM5BcRi2uvXVeWdnNN0l+jD7ZEabFVI0B:SR5lEKWBn/NN0GFrp

Score

N/A

Malware Config

Signatures

Files

ed803232ba2c6f86c85747f63c9de42d86a418ad8daa4128b43d409bc74fe5dc
.exe windows x86

0f3a901e70cecb88349fd57e1bb416fc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadProcessMemory
GetProfileIntW
LoadLibraryW
CreateToolhelp32Snapshot
CommConfigDialogA
lstrcatA
SetLastError
GetTempFileNameA
GetModuleFileNameW
FindFirstVolumeA
SetCurrentDirectoryA
LeaveCriticalSection
GetLocaleInfoW
FindResourceExA
DebugBreak
SetConsoleScreenBufferSize
GetConsoleAliasA
SetThreadPriority
IsBadStringPtrW
SetSystemTime
GetCompressedFileSizeA
SetSystemTimeAdjustment
CreateSemaphoreW
FileTimeToLocalFileTime
PurgeComm
GetTimeZoneInformation
GlobalAddAtomA
SetFileAttributesA
GetCurrentDirectoryW
WriteProfileSectionW
IsBadStringPtrA
GetDefaultCommConfigA
BaseInitAppcompatCacheSupport

mfcsubs

??H@YG?AVCString@@GABV0@@Z
??H@YG?AVCString@@ABV0@PBG@Z
?Mid@CString@@QBE?AV1@HH@Z
?FreeExtra@CStringArray@@QAEXXZ
?SetAt@CStringArray@@QAEXHPBG@Z
?Find@CString@@QBEHG@Z
??BCSyncObject@@QBEPAXXZ
?Release@CString@@IAEXXZ
??8@YG_NPBGABVCString@@@Z
??4CString@@QAEABV0@PBG@Z
??4CString@@QAEABV0@PBE@Z
?Empty@CString@@QAEXXZ
??H@YG?AVCString@@DABV0@@Z
??0CString@@QAE@GH@Z
?SpanExcluding@CString@@QBE?AV1@PBG@Z
?Copy@CStringArray@@QAEXABV1@@Z
?FreeExtra@CString@@QAEXXZ
?Left@CString@@QBE?AV1@H@Z
?GetStartPosition@CMapStringToPtr@@QBEPAU__POSITION@@XZ
??1CMapStringToPtr@@UAE@XZ
??4CString@@QAEABV0@ABV0@@Z
?LockBuffer@CString@@QAEPAGXZ
?SpanIncluding@CString@@QBE?AV1@PBG@Z

mscms

EnumColorProfilesA
DeleteColorTransform
InstallColorProfileA
InstallColorProfileW
CheckBitmapBits
GetStandardColorSpaceProfileW
SpoolerCopyFileEvent
GetPS2ColorSpaceArray
AssociateColorProfileWithDeviceW
CheckColors
OpenColorProfileA
UninstallColorProfileW
UnregisterCMMA
GetColorDirectoryW
IsColorProfileValid
CreateDeviceLinkProfile
CreateColorTransformW
TranslateColors
InternalGetPS2ColorRenderingDictionary
OpenColorProfileW
TranslateBitmapBits
ConvertIndexToColorName
SetStandardColorSpaceProfileW
DisassociateColorProfileFromDeviceW
CloseColorProfile
CreateColorTransformA
AssociateColorProfileWithDeviceA
IsColorProfileTagPresent
UnregisterCMMW
CreateProfileFromLogColorSpaceW

msvcrt

_fgetwchar
_wsplitpath
_commit
setbuf
_snwprintf
exit
_ui64toa
atof
_wasctime
_fpreset
_toupper
iswdigit
_Getdays
?terminate@@YAXXZ
__getmainargs
_adj_fdiv_m16i
_sys_errlist
_mbslen
_execve
_chkesp
?_query_new_handler@@YAP6AHI@ZXZ
__p___argc
_fullpath
_fpieee_flt
_ismbckata
_putch
_fputwchar
_rotr
_ismbcgraph
_mbsbtype
_mbsncoll
_wcslwr
_ultow
__p__commode
_mbstok
_execl
_CIcos
__set_app_type
_atoldbl
_copysign
sprintf

mmcbase

?Lock@CEventBuffer@@QAEXXZ
?MMCErrorBox@@YGHIVSC@mmcerror@@I@Z
?InternalLastRefReleased@CMMCStrongReferences@@AAE_NXZ
?FormatErrorString@@YGXPBGVSC@mmcerror@@IPAGH@Z
?GetErrorMessage@SC@mmcerror@@QBEXIPAG@Z
??7SC@mmcerror@@QBEHXZ
?InternalRelease@CMMCStrongReferences@@AAEKXZ
?SetHinst@SC@mmcerror@@SGXPAUHINSTANCE__@@@Z
?HrFromSc@@YGJABVSC@mmcerror@@@Z
?InternalAddRef@CMMCStrongReferences@@AAEKXZ
?s_dwMainThreadID@SC@mmcerror@@0KA
??4SC@mmcerror@@QAEAAV01@J@Z
??4?$CEventLock@UAppEvents@@@@QAEAAV0@ABV0@@Z
?MMCUpdateRegistry@@YGJHPBVCObjectRegParams@@PBVCControlRegParams@@@Z
?ScFromMMC@@YG?AVSC@mmcerror@@J@Z
?TraceAndClear@SC@mmcerror@@QAEXXZ
?Trace_@SC@mmcerror@@QBEXXZ
?IsLocked@CEventBuffer@@QAE_NXZ
?GetFacility@SC@mmcerror@@ABE?AW4facility_type@12@XZ
?SCODEFromSc@@YGJABVSC@mmcerror@@@Z
?ToHr@SC@mmcerror@@QBEJXZ
??0?$CEventLock@UAppEvents@@@@QAE@XZ
?GetHelpFile@SC@mmcerror@@SGPBGXZ
?s_hWnd@SC@mmcerror@@0PAUHWND__@@A
?MakeSc@SC@mmcerror@@AAEXW4facility_type@12@J@Z
?IsError@SC@mmcerror@@QBE_NXZ
?SetMainThreadID@SC@mmcerror@@SGXK@Z

user32

MessageBoxA
EndDialog

shell32

SHGetMalloc

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f3a901e70cecb88349fd57e1bb416fc

Headers

File Characteristics

Imports

kernel32

mfcsubs

mscms

msvcrt

mmcbase

user32

shell32

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 130KB - Virtual size: 129KB

.data Size: 61KB - Virtual size: 60KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 130KB - Virtual size: 129KB

.data
Size: 61KB - Virtual size: 60KB

.rsrc
Size: 3KB - Virtual size: 2KB