5d9acd14266b41d60bcc80af9d9cc8ec731e6759b6da53fbf1d61b38a3508a8e

Sharing

Copy URL Twitter E-mail

General

Target

5d9acd14266b41d60bcc80af9d9cc8ec731e6759b6da53fbf1d61b38a3508a8e
Size

104KB
MD5

e0f5c664833e1355420896a24379953f
SHA1

1adeab65fa2d4f533edc1b5ca3bc3d4e50813ed2
SHA256

5d9acd14266b41d60bcc80af9d9cc8ec731e6759b6da53fbf1d61b38a3508a8e
SHA512

85b7f711fb56e203df0c0f5e4ff6ae515fc5d57a25b6c407cf15ef02d7791df61b2f649dac4cb057a38c06b6773357efd3857e331f709ba91cd6400664bcf64d
SSDEEP

1536:yI0ujDSre5giiB40XzTT7j07TmRuQ/0aPikZn0BJOQ/CdBWD2U/qidvrr2cih:yInl5gdBLXnT7j079QzPDQ/YXUZdmcih

Score

N/A

Malware Config

Signatures

Files

5d9acd14266b41d60bcc80af9d9cc8ec731e6759b6da53fbf1d61b38a3508a8e
.zip
informationen_zum_transaktions_2014_06_10_02092083044_volksbank.exe
.exe windows x86

81d0218ddf551f1e50793eed257959e1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

shlwapi

SHQueryInfoKeyA
DllGetVersion
SHDeleteOrphanKeyA
PathRemoveFileSpecW
StrIsIntlEqualW
PathIsPrefixA
PathSkipRootW
PathBuildRootW
UrlIsNoHistoryW
StrFormatKBSizeA
PathAppendW
AssocCreate
StrCSpnA
PathRemoveBlanksW
AssocQueryKeyA
SHRegEnumUSKeyA
PathIsLFNFileSpecA
AssocQueryStringByKeyA
StrRetToStrW
SHRegDuplicateHKey
ColorRGBToHLS
UrlHashA
StrStrIW
SHEnumKeyExW
DelayLoadFailureHook
StrToInt64ExW
AssocQueryKeyW
PathRemoveFileSpecA
PathGetCharTypeA
IntlStrEqWorkerW
StrDupA
StrNCatA
StrCmpNW
UrlGetPartW
StrRetToBufA
SHRegSetUSValueA
PathSearchAndQualifyW
SHRegGetUSValueW
PathCompactPathW
wvnsprintfW
PathIsPrefixW
StrCmpIW
StrRStrIA
SHEnumKeyExA
StrFromTimeIntervalA
SHQueryValueExA
ColorAdjustLuma
PathUnExpandEnvStringsW
SHRegEnumUSValueW
SHCopyKeyW
PathStripToRootW
PathIsDirectoryA
PathIsRootW
PathCompactPathExW
SHGetViewStatePropertyBag
StrStrIA
SHRegEnumUSValueA
PathSkipRootA
StrToIntA

kernel32

GetFileType
GetConsoleAliasExesLengthW
AllocateUserPhysicalPages
MapUserPhysicalPagesScatter
VirtualAlloc
DefineDosDeviceA
GetConsoleKeyboardLayoutNameA
lstrcpynW
HeapUnlock
RegisterWaitForSingleObjectEx
OpenFileMappingA
GetCurrentConsoleFont
GlobalGetAtomNameA
SetMailslotInfo
lstrcatW
SetConsoleCursor
SetConsoleInputExeNameA
GlobalDeleteAtom
SetEnvironmentVariableW

setupapi

UnicodeToMultiByte
CM_Get_Device_ID_List_ExW
CM_Get_Device_ID_List_SizeA
CM_Get_Resource_Conflict_Count
IsUserAdmin
CM_Delete_Class_Key
SetupDiDestroyClassImageList
SetupTerminateFileLog
SetupQueryFileLogA
SetupGetInfFileListW
CM_Get_Device_Interface_List_SizeA
SetupDiDeleteDeviceInterfaceData
CM_Test_Range_Available
CM_Create_Range_List
SetupScanFileQueueW
CM_Set_DevNode_Problem
CM_Is_Dock_Station_Present_Ex
CM_Locate_DevNode_ExW
SetupPromptForDiskA
SetupDiGetHwProfileFriendlyNameExA
CM_Modify_Res_Des_Ex
CM_Register_Device_Driver
SetupCommitFileQueueW
SetupPromptForDiskW
CMP_Report_LogOn
SetupGetSourceFileLocationW
CM_Get_Next_Log_Conf
SetupDiGetClassImageList
CM_Unregister_Device_Interface_ExW
SetupCloseLog
SetupSetFileQueueAlternatePlatformW
CM_Open_Class_KeyA
SetupDiDrawMiniIcon
CM_Open_DevNode_Key_Ex
SetupOpenInfFileW
SetupGetLineByIndexW
CM_Get_Class_NameA
SetupDiInstallClassExA
SetupQueueRenameA
SetupRenameErrorW
SetupDiDestroyDeviceInfoList
SetupDiOpenDeviceInterfaceA
SetupDiOpenDeviceInterfaceRegKey
SetupDiGetDeviceInterfaceDetailW
SetupDiClassNameFromGuidA
CM_Enumerate_Classes
CM_Set_HW_Prof_Ex
SetupQueueRenameSectionW
SetupInstallFilesFromInfSectionA
SetupRemoveSectionFromDiskSpaceListA
SetupDiClassGuidsFromNameExA
SetupGetLineCountA
SetupGetSourceFileSizeA
CM_Query_Resource_Conflict_List
CM_Create_DevNode_ExA
CMP_Init_Detection
CM_Get_Res_Des_Data_Size
CM_Request_Eject_PC
SetupGetStringFieldW
SetupFindNextLine
SetupGetInfFileListA
CM_Dup_Range_List

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

81d0218ddf551f1e50793eed257959e1

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

setupapi

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 38KB - Virtual size: 37KB

.data Size: 50KB - Virtual size: 50KB

.rsrc Size: 92KB - Virtual size: 92KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 38KB - Virtual size: 37KB

.data
Size: 50KB - Virtual size: 50KB

.rsrc
Size: 92KB - Virtual size: 92KB

.reloc
Size: 4KB - Virtual size: 3KB