a4583318c3328204f56810ca3b22f5e4c0a74b173b1a12c5f9e35c70982a1138

Sharing

Copy URL Twitter E-mail

General

Target

a4583318c3328204f56810ca3b22f5e4c0a74b173b1a12c5f9e35c70982a1138
Size

68KB
MD5

ebf9143221a971a9e0e6424b542180f6
SHA1

14d8872e159b8341fa766e45b278f0b59839d6c3
SHA256

a4583318c3328204f56810ca3b22f5e4c0a74b173b1a12c5f9e35c70982a1138
SHA512

857ab09904f221634f01f0fa84728444de3c7b9d1cd34fddb2e76045b1746f30e6b9b43d5705c97f3afc5b4689be711b7349a5d99a02310efe5580a53ac2779e
SSDEEP

1536:XbPcYWzdnXCwU0DkLO6m2+UWNz2WIkcWzZLwMELbL:rmnywHkb+UlWrcWzqMEXL

Score

N/A

Malware Config

Signatures

Files

a4583318c3328204f56810ca3b22f5e4c0a74b173b1a12c5f9e35c70982a1138
.exe windows x86

abce71adf47e26b2cff99149b83cb7c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

ispunct
wcstod
fprintf
strcat
malloc
isalpha
wcsftime
strcpy
strncat
fputws
memcmp
fputc
iswpunct
iscntrl
iswgraph
isdigit
ferror
strtol
getenv
asctime
strcspn
fgetwc
strxfrm
fgetws
tmpfile
iswascii

mprapi

MprInfoBlockSet
MprAdminServerConnect
MprConfigInterfaceCreate
MprConfigTransportCreate
MprInfoBlockRemove

urlmon

RegisterFormatEnumerator
CoInternetCombineUrl

shell32

ExtractIconExA
SHQueryRecycleBinW
SHLoadNonloadedIconOverlayIdentifiers
ord180

gdi32

SaveDC
CreateDIBPatternBrushPt

pdh

PdhCalculateCounterFromRawValue
PdhLookupPerfNameByIndexW
PdhGetFormattedCounterArrayA
PdhMakeCounterPathW
PdhCollectQueryDataEx

clusapi

ClusterNetworkCloseEnum
ClusterNodeEnum
ClusterRegSetKeySecurity
OpenCluster

oleaut32

VarUI2FromR4
LPSAFEARRAY_UserMarshal
VarR4CmpR8
VarUI4FromDisp

kernel32

SetFileAttributesA
GetCPInfoExA
LocalCompact
GetUserDefaultLCID
TzSpecificLocalTimeToSystemTime
BuildCommDCBAndTimeoutsA
MulDiv
GetCurrentConsoleFont
GlobalGetAtomNameA
GetCommProperties
GlobalReAlloc
ReadFileEx
SetWaitableTimer
SetVolumeLabelW
FileTimeToLocalFileTime
SizeofResource
RaiseException
MoveFileExW
QueryDosDeviceA
GetShortPathNameW
WritePrivateProfileSectionA
Module32First
GlobalFindAtomA
IsProcessInJob
CreateSemaphoreW
HeapSetInformation
GetSystemDefaultLangID
SystemTimeToFileTime
GetCurrentProcessId
EnumResourceTypesA
UpdateResourceW
FreeUserPhysicalPages
SetFileApisToOEM
WriteConsoleW
WriteProfileSectionW
GetOverlappedResult
WriteConsoleInputA
CreateFiber
MapUserPhysicalPages
InterlockedExchange
FormatMessageA
LocalAlloc
GetProcAddress
ConvertThreadToFiber
GlobalCompact
SetThreadPriority
FindNextFileW
GlobalUnWire
FindFirstFileA
GetProcessTimes
GetCommConfig
GetCurrentProcess
SetLastError
MultiByteToWideChar
GetLastError
ExitThread
GetModuleHandleW
GetDiskFreeSpaceW
ResumeThread
CreateThread
WaitForSingleObject
LocalLock
GetConsoleSelectionInfo
GetNamedPipeHandleStateA
DeleteAtom
VirtualFree
MoveFileA
CreateEventW
GetStringTypeExW
CreateMemoryResourceNotification
lstrlenW
GetFileTime
GlobalAlloc
PrepareTape
WriteConsoleInputW
Module32FirstW
GetCommConfig
IsSystemResumeAutomatic
GetCommState
CreateMutexA
GetTapePosition
GetSystemTimeAdjustment
VirtualUnlock
CreateDirectoryA
FindNextVolumeW
FindResourceW
FindFirstVolumeMountPointA
SetFileShortNameW
GetComputerNameW
LoadLibraryA
EnumLanguageGroupLocalesW
SetEnvironmentVariableA
VirtualFreeEx
DeactivateActCtx
FindActCtxSectionGuid
WriteFileGather
Module32NextW
ResetWriteWatch
FreeLibraryAndExitThread
GetCurrencyFormatA
CreateJobObjectA
GetCalendarInfoA
GetLogicalDriveStringsW
SetComputerNameExA
BeginUpdateResourceA
FreeLibrary
SetNamedPipeHandleState
GetModuleHandleExA
SetProcessAffinityMask
DefineDosDeviceW
IsValidLanguageGroup
GetThreadContext
GetLocaleInfoA
InterlockedIncrement
GetProcessId
SetDefaultCommConfigW
FindFirstFileExW
SetErrorMode
CompareStringA
GetPrivateProfileSectionNamesW
FatalAppExitW
FreeEnvironmentStringsA
GetDiskFreeSpaceA
EnumCalendarInfoExA
SetConsoleTitleW
GetAtomNameW
GetConsoleScreenBufferInfo
GetNumberFormatW
CheckRemoteDebuggerPresent
GetTempFileNameW
EnumTimeFormatsW
ReadConsoleOutputCharacterW
VirtualQuery
GetConsoleCursorInfo
LoadModule
WriteProfileStringW

Sections

.text
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

abce71adf47e26b2cff99149b83cb7c4

Headers

File Characteristics

Imports

msvcrt

mprapi

urlmon

shell32

gdi32

pdh

clusapi

oleaut32

kernel32

Sections

.text Size: 52KB - Virtual size: 52KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 52KB - Virtual size: 52KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 4KB - Virtual size: 1KB