b86239e322dd1f820ad4f186d0c65c2e7e4ad2645368c37d6bb586904166d8dd

Sharing

Copy URL Twitter E-mail

General

Target

b86239e322dd1f820ad4f186d0c65c2e7e4ad2645368c37d6bb586904166d8dd
Size

146KB
MD5

65833c2bde5fe1f4e42a6db66bbb37ac
SHA1

9797fc6e12b9e1e035f508441fa346513cb8cae3
SHA256

b86239e322dd1f820ad4f186d0c65c2e7e4ad2645368c37d6bb586904166d8dd
SHA512

f3d28f3e23d0875d56a379532ebfa9ee810a645126b2eb9b1e7221ce6da523451b1695622bf23e6c3e00602597efd42cca418ffd5cfbf9eefd357a8e26f7ee7b
SSDEEP

3072:PcFkb1ZEVeXmM1T2O/9iU1m6djGxQpGxINS9rmHg32lYmlVGGyN:0KEoXmM1T2O/fn9vc80rmA3KYmlVGGyN

Score

N/A

Malware Config

Signatures

Files

b86239e322dd1f820ad4f186d0c65c2e7e4ad2645368c37d6bb586904166d8dd
.zip
2014_11vodafone_onlinerechnung_002120003909_november_390321980009_11_00000000445.exe
.exe windows x86

ba5a3baf4c2758c3fc0e435746b2287c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_SetImageCount
InitCommonControls
ImageList_Duplicate
UninitializeFlatSB
DrawStatusText
DrawStatusTextW
ImageList_LoadImageW
InitCommonControlsEx
FlatSB_GetScrollProp
ImageList_Create

dsprop

DllUnregisterServer
ErrMsgParam
BringSheetToForeground
ADsPropGetInitInfo
IsSheetAlreadyUp

dciman32

WinWatchGetClipList
DCICreateOffscreen
DCIEnum
DCIOpenProvider
WinWatchDidStatusChange
DCISetClipList
WinWatchNotify
DCICreatePrimary
DCICreateOverlay
DCISetDestination
DCISetSrcDestClip
WinWatchOpen
DCIDraw
WinWatchClose
GetDCRegionData
GetWindowRegionData
DCIEndAccess
DCIDestroy

gdi32

CloseMetaFile
CreatePen
CreatePenIndirect
STROBJ_bEnumPositionsOnly
DeleteObject
GetStockObject
CreateBrushIndirect
CreateSolidBrush
EqualRgn
SelectObject
GetEUDCTimeStamp
CreatePalette
CreateFontIndirectA

rasser

PortClearStatistics
PortSend
PortSetINetCfg
PortSetInfo
PortConnect
PortEnum
PortGetStatistics
PortClose
PortSetFraming
PortReceive
PortCompressionSetInfo
PortDisconnect
PortTestSignalState
PortGetPortState
PortChangeCallback
PortOpen

winscard

SCardForgetCardTypeW
SCardForgetReaderW
SCardReleaseStartedEvent
SCardReleaseNewReaderEvent
SCardAddReaderToGroupA
SCardLocateCardsW
SCardFreeMemory
SCardForgetReaderGroupA
SCardControl
SCardGetStatusChangeA
SCardCancel
SCardGetCardTypeProviderNameA
SCardGetAttrib
SCardTransmit

oleaut32

VarBoolFromDec
DllUnregisterServer
GetActiveObject
VarCySub
VariantCopy
VarUI2FromCy
VarFormatNumber
VarI4FromUI2
SafeArrayGetVartype
VarUI2FromBool
VarCyCmp
VarCmp
VarCyFromI1
VarUI4FromUI2
VarI1FromDate
VarUI4FromDate
VarXor
VarR4CmpR8

user32

LoadIconA
FindWindowW
GetForegroundWindow
LoadBitmapW
LoadCursorA
LoadAcceleratorsW
GetSystemMetrics
LoadMenuW
LoadBitmapA
FindWindowA
IsChild
GetDesktopWindow
GetSysColorBrush
GetClientRect
GetMenu
LoadMenuA
GetWindowRect
GetDC
GetProcessDefaultLayout
LoadAcceleratorsA
GetWindowTextA
GetWindowTextW
GetSysColor

glu32

gluQuadricNormals
gluTessNormal
gluDisk
gluNurbsSurface
gluTessEndPolygon
gluTessCallback
gluDeleteNurbsRenderer
gluErrorString
gluNurbsCurve
gluNewQuadric
gluScaleImage
gluTessBeginContour
gluBeginTrim
gluQuadricTexture
gluEndSurface
gluBeginCurve

iasnap

DllRegisterServer
DllCanUnloadNow
DllUnregisterServer
DllGetClassObject

kernel32

GetStartupInfoW
CloseHandle
GetProcAddress
GetFileAttributesW
CopyFileA
VirtualAlloc
LoadLibraryA
GetCommandLineA
CreateEventA
AddAtomW

imm32

ImmCreateContext
ImmDisableIME
ImmGetCompositionFontW
ImmSetCompositionFontA
ImmGetIMCCSize
ImmGetOpenStatus
ImmIMPQueryIMEW
ImmGetImeMenuItemsA
ImmGetConversionListA
ImmAssociateContext
ImmIMPGetIMEA
ImmGetConversionListW
ImmGetIMEFileNameA
ImmGetCandidateListCountA
ImmRegisterClient
ImmIsUIMessageW

ole32

HMENU_UserFree
CoUninitialize
OleCreateStaticFromData
SetErrorInfo
CoInitialize
CoTaskMemFree
OleCreateFromDataEx

shlwapi

StrStrIA
StrCSpnW
PathStripToRootA
StrStrA
StrCSpnA
PathGetDriveNumberW
PathFindFileNameA
StrTrimA
PathSkipRootW
PathStripToRootW
PathRemoveExtensionW
PathStripPathW
StrCmpW
PathRemoveBlanksA
PathRemoveExtensionA

Sections

.text
Size: 157KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

/14
Size: 512B - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ba5a3baf4c2758c3fc0e435746b2287c

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

dsprop

dciman32

gdi32

rasser

winscard

oleaut32

user32

glu32

iasnap

kernel32

imm32

ole32

shlwapi

Sections

.text Size: 157KB - Virtual size: 157KB

/14 Size: 512B - Virtual size: 136B

.data Size: 4KB - Virtual size: 16KB

.reloc Size: 2KB - Virtual size: 1KB

.rsrc Size: 5KB - Virtual size: 5KB

.rdata Size: 5KB - Virtual size: 5KB

.text
Size: 157KB - Virtual size: 157KB

/14
Size: 512B - Virtual size: 136B

.data
Size: 4KB - Virtual size: 16KB

.reloc
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 5KB - Virtual size: 5KB

.rdata
Size: 5KB - Virtual size: 5KB