e466a49b5ca9dbacbbfe5c5f7ca4f4b8ebd60b114c3daf14d9324651961e711c

Sharing

Copy URL Twitter E-mail

General

Target

e466a49b5ca9dbacbbfe5c5f7ca4f4b8ebd60b114c3daf14d9324651961e711c
Size

299KB
MD5

c861b3e75c217af602138718250ac8b7
SHA1

812af007c11b2c68965e8718e6fafd340f9e86d7
SHA256

e466a49b5ca9dbacbbfe5c5f7ca4f4b8ebd60b114c3daf14d9324651961e711c
SHA512

0bd440a3c8cf60201fb60844af4043eebf494fee3e6ab174f7711cfa066f1981058d73b353d8b50e486be17459aa479745260f757c128fd2cd667e8941ba73ab
SSDEEP

6144:nIdpgWxZ5vK8Iu10QWUPqyMA5CaJdKBk41MLdDtzzdCemE8:nIrgWFK8n10QWU153Jdp4CVtzzduE8

Score

N/A

Malware Config

Signatures

Files

e466a49b5ca9dbacbbfe5c5f7ca4f4b8ebd60b114c3daf14d9324651961e711c
.exe windows x86

7c9933deb39d4da47a64c8a52aae47b5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

HBITMAP_UserUnmarshal
OleCreateEmbeddingHelper
OleSaveToStream
OleRegEnumVerbs
CoGetStdMarshalEx
ReadClassStg
PropStgNameToFmtId
OleRegGetUserType
ReleaseStgMedium
StgCreateStorageEx
FmtIdToPropStgName
GetHGlobalFromILockBytes
CoUnmarshalInterface
IsAccelerator
CoLoadLibrary
OleSetMenuDescriptor
MonikerRelativePathTo
HWND_UserFree
CLIPFORMAT_UserSize

oleacc

AccessibleObjectFromEvent
GetStateTextA

msvcrt

_onexit
__dllonexit
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit

oleaut32

VarUI4FromDec

rpcrt4

RpcBindingInqAuthInfoA
IUnknown_AddRef_Proxy
RpcBindingFromStringBindingW
RpcProtseqVectorFreeA
RpcNetworkIsProtseqValidW
RpcMgmtEnableIdleCleanup
I_RpcIfInqTransferSyntaxes
NdrFixedArrayUnmarshall
RpcServerInqDefaultPrincNameW
NdrPointerFree
NdrConvert2
NdrConformantArrayBufferSize
NDRCContextUnmarshall
RpcBindingToStringBindingA
NdrComplexArrayBufferSize
NdrRpcSmClientAllocate
NdrByteCountPointerBufferSize
RpcMgmtStopServerListening
RpcSsDestroyClientContext
double_array_from_ndr
RpcSmGetThreadHandle
RpcServerUseAllProtseqsIf
NdrSimpleStructBufferSize
NdrXmitOrRepAsFree
RpcAsyncRegisterInfo
I_RpcConnectionSetSockBuffSize
MesHandleFree
RpcNetworkIsProtseqValidA
I_RpcPauseExecution
RpcSmDisableAllocate
I_RpcNsBindingSetEntryNameA
NdrNsGetBuffer
NdrMesSimpleTypeDecode
NdrFixedArrayMemorySize
MesBufferHandleReset
RpcSmDestroyClientContext
tree_into_ndr
tree_peek_ndr

shlwapi

StrCmpNA

rasapi32

RasGetConnectStatusW
RasGetEntryPropertiesW
RasGetEntryDialParamsW
RasGetErrorStringA
RasValidateEntryNameW
RasEditPhonebookEntryA
RasDialW
RasGetEntryPropertiesA
RasGetCountryInfoA

resutils

ResUtilGetBinaryProperty
ResUtilStopResourceService
ResUtilSetDwordValue
ClusWorkerCheckTerminate
ResUtilGetResourceNameDependency
ResUtilResourcesEqual
ResUtilVerifyService
ResUtilDupString
ResUtilGetDwordProperty
ResUtilGetSzValue

user32

GetTabbedTextExtentW
WindowFromPoint
CharLowerBuffA
DdeInitializeW
DefWindowProcW

kernel32

GetStartupInfoA
GetModuleHandleA

comdlg32

FindTextA

shell32

SHGetFileInfoA

setupapi

SetupDiOpenDeviceInfoA
SetupDiGetClassInstallParamsA
SetupDiDeleteDeviceInterfaceRegKey
SetupQueryDrivesInDiskSpaceListW
SetupOpenLog
SetupDiInstallClassA
SetupDiCreateDeviceInterfaceW
SetupQueryInfVersionInformationA
SetupDefaultQueueCallbackA
SetupQuerySpaceRequiredOnDriveA
SetupDiGetHwProfileFriendlyNameA
SetupPromptForDiskA
SetupIterateCabinetA
SetupDiGetClassDescriptionExA
SetupFreeSourceListA
SetupGetMultiSzFieldW
SetupQuerySourceListA
SetupDiSetDeviceInstallParamsA
SetupDiGetClassDevsExA
SetupDiClassGuidsFromNameA
SetupQueueDefaultCopyA
SetupDiBuildClassInfoList
SetupGetFieldCount
SetupDiSetDeviceRegistryPropertyW
SetupRenameErrorW
SetupCloseLog
SetupDiGetDriverInfoDetailA
SetupSetDirectoryIdExW
SetupQueueRenameSectionA
SetupDiSelectDevice
SetupDiGetDeviceRegistryPropertyW
SetupQueueRenameA
SetupSetDirectoryIdA
SetupDiCreateDevRegKeyA
SetupGetIntField
SetupOpenMasterInf
SetupCopyOEMInfW
SetupRemoveFromSourceListW
SetupDiGetHwProfileList
SetupInstallFileW
SetupDestroyDiskSpaceList
SetupQueueDeleteW
SetupCopyErrorW
SetupGetSourceInfoA
SetupDiGetDriverInstallParamsA
SetupDiClassGuidsFromNameExA
SetupRemoveFromSourceListA
SetupGetInfInformationA
SetupDiGetDeviceInterfaceAlias
SetupDiGetSelectedDriverA
SetupLogErrorA
SetupInstallServicesFromInfSectionA
SetupGetLineByIndexW
SetupFindNextMatchLineA
SetupDiDeleteDeviceInterfaceData
SetupDiSetClassInstallParamsA
SetupRenameErrorA
SetupQueueCopyA
SetupDiGetClassDevsA
SetupGetSourceFileLocationA
SetupDiClassNameFromGuidW
SetupDefaultQueueCallbackW
SetupDiSetClassInstallParamsW
SetupDiCreateDeviceInterfaceA
SetupDeleteErrorW
SetupDiGetDeviceInfoListDetailW
SetupInitializeFileLogW
SetupInstallServicesFromInfSectionExW
SetupFindNextMatchLineW
SetupOpenInfFileA
SetupDiGetClassDevPropertySheetsA
SetupOpenAppendInfFileA
SetupDiGetDriverInstallParamsW
SetupDiBuildDriverInfoList
SetupDiSetSelectedDevice
SetupQuerySourceListW
SetupDiEnumDeviceInterfaces
SetupGetLineByIndexA
SetupDiOpenDeviceInterfaceRegKey
SetupQueryFileLogW

Sections

.text
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7c9933deb39d4da47a64c8a52aae47b5

Headers

File Characteristics

Imports

ole32

oleacc

msvcrt

oleaut32

rpcrt4

shlwapi

rasapi32

resutils

user32

kernel32

comdlg32

shell32

setupapi

Sections

.text Size: 44KB - Virtual size: 40KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 4KB - Virtual size: 1.6MB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 44KB - Virtual size: 40KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 4KB - Virtual size: 1.6MB

.rsrc
Size: 4KB - Virtual size: 2KB