a58d1aaf70dd9d3908a913b6af8963c202c1bd4c1142e30e77fbf4f0b248f324

Sharing

Copy URL Twitter E-mail

General

Target

a58d1aaf70dd9d3908a913b6af8963c202c1bd4c1142e30e77fbf4f0b248f324
Size

575KB
MD5

ae56b4c09998cd83426d5e6ce7c4131a
SHA1

74081eec0d8fed5598c77ba6043eabedbfca88b2
SHA256

a58d1aaf70dd9d3908a913b6af8963c202c1bd4c1142e30e77fbf4f0b248f324
SHA512

78837a46444a5fd95a1acb445bffdf5813df4fe98e89f74ea21d390f6fc35fbee90c8d7a75ddd40753641bba95c714e7891f24a6462bb13973f045d77e1f0a43
SSDEEP

12288:5337gX0I5yr4V6PnK7WUpZY6zXyEGWBa6pCmkrvjakjv17aZTS1nHTv:t8kI5CrfRalXyE3aIqjvNaZTWHTv

Score

N/A

Malware Config

Signatures

Files

a58d1aaf70dd9d3908a913b6af8963c202c1bd4c1142e30e77fbf4f0b248f324
.zip
Tantra.exe
.exe windows x86

02984f9cb357f289db2f6e0d13b04a4a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

d3d8

Direct3DCreate8

kernel32

HeapAlloc
HeapFree
GetStartupInfoA
GetCommandLineA
HeapReAlloc
TerminateProcess
SetStdHandle
GetFileType
HeapSize
QueryPerformanceCounter
GetCurrentProcessId
SetUnhandledExceptionFilter
GetTimeZoneInformation
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStringTypeA
GetStringTypeW
GetDriveTypeA
LCMapStringA
LCMapStringW
IsBadCodePtr
GetExitCodeProcess
CreateProcessA
VirtualProtect
GetSystemInfo
VirtualQuery
SetEnvironmentVariableA
RaiseException
RtlUnwind
ExitProcess
GetCurrentDirectoryA
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
GlobalFlags
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
FindNextFileA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
GetFileTime
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
InterlockedDecrement
InterlockedIncrement
WaitForSingleObject
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
lstrcatA
lstrcmpW
GetModuleHandleA
FreeResource
LoadLibraryA
GetProcAddress
GetModuleFileNameA
GetFullPathNameA
GetVolumeInformationA
lstrcpyA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
IsBadReadPtr
IsBadWritePtr
GetLastError
SetLastError
GlobalFree
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
lstrcpynA
LocalFree
lstrlenA
lstrcmpiA
CompareStringW
CompareStringA
GetVersion
MultiByteToWideChar
GetFileAttributesA
CopyFileA
CreateFileA
WriteFile
CloseHandle
FindFirstFileA
FindClose
CreateDirectoryA
SetFileAttributesA
DeleteFileA
GetTickCount
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetEnvironmentStrings

user32

MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
SetRect
IsRectEmpty
ReleaseCapture
SetCapture
LoadCursorA
GetSysColorBrush
DestroyMenu
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
CharNextA
ReleaseDC
GetDC
SetWindowContextHelpId
MapDialogRect
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
SetCursor
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
PostThreadMessageA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
MessageBoxA
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
PostMessageA
AdjustWindowRectEx
EqualRect
GetClassInfoA
RegisterClassA
UnregisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
PtInRect
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
RegisterClipboardFormatA
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
wsprintfA
GetMenuState
GetMenuItemID
GetMenuItemCount
SetPropA
GetSubMenu
GetSysColor
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
CopyRect
OffsetRect
CharUpperA
PeekMessageA
GetSystemMetrics
LoadIconA
KillTimer
SetTimer
InvalidateRect
GetClientRect
IsIconic
GetSystemMenu
AppendMenuA
DrawIcon
PostQuitMessage
SendMessageA
EnableWindow
SetFocus

gdi32

DeleteDC
GetMapMode
GetRgnBox
ExtSelectClipRgn
SetTextAlign
SetMapMode
SetBkMode
RestoreDC
SaveDC
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
GetWindowExtEx
GetViewportExtEx
SelectClipRgn
DeleteObject
CreateSolidBrush
GetTextColor
GetBkColor
GetStockObject
CreateRectRgnIndirect
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetTextExtentPoint32A
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
BitBlt
GetWindowOrgEx
GetViewportOrgEx
GetDeviceCaps
CreateCompatibleDC
CreateRectRgn
CreateCompatibleBitmap
GetObjectA
SetBrushOrgEx

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

shell32

ShellExecuteA

comctl32

ord17

shlwapi

PathIsUNCA
PathFindExtensionA
PathStripToRootA
PathFindFileNameA

oledlg

ord8

ole32

CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoRevokeClassObject
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard

oleaut32

SysAllocString
SystemTimeToVariantTime
SafeArrayDestroy
VariantCopy
OleCreateFontIndirect
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
SysAllocStringByteLen
SysStringLen
SysFreeString

wininet

InternetOpenA
InternetConnectA
InternetCloseHandle
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetReadFile
InternetReadFileExA

oleacc

CreateStdAccessibleObject
LresultFromObject

Sections

.text
Size: 224KB - Virtual size: 221KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 532KB - Virtual size: 529KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

02984f9cb357f289db2f6e0d13b04a4a

Headers

File Characteristics

Imports

d3d8

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

wininet

oleacc

Sections

.text Size: 224KB - Virtual size: 221KB

.rdata Size: 56KB - Virtual size: 53KB

.data Size: 16KB - Virtual size: 28KB

.rsrc Size: 532KB - Virtual size: 529KB

.text
Size: 224KB - Virtual size: 221KB

.rdata
Size: 56KB - Virtual size: 53KB

.data
Size: 16KB - Virtual size: 28KB

.rsrc
Size: 532KB - Virtual size: 529KB