db385637574624214da76be53aa23c5660c882a13c417b3b43e046464b79e969

Sharing

Copy URL Twitter E-mail

General

Target

db385637574624214da76be53aa23c5660c882a13c417b3b43e046464b79e969
Size

1.1MB
MD5

8e9b18f36d129d4060e377797ffb226c
SHA1

46634a2dc20f398a73de0f0e5e8e538872b62879
SHA256

db385637574624214da76be53aa23c5660c882a13c417b3b43e046464b79e969
SHA512

a528c07dfe1ee1026c72e526c1327ca0530547a191036ca835827211ede3de4d7a0edaff1898cfab0e3334ee2ae3912b5baa7b093f33734e6548983f652256d2
SSDEEP

24576:x7dEq7xg/76ZQWDojJq0ErGTTNZtdzROlyX8VjIR:Dzx20nDiI03TTN/6sX7R

Score

N/A

Malware Config

Signatures

Files

db385637574624214da76be53aa23c5660c882a13c417b3b43e046464b79e969
.exe windows x86

9376e5638910a0403cd4c2b65c57a9fd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleSetClipboard
CoGetInstanceFromFile
StringFromGUID2
StgCreatePropStg
OleCreateEmbeddingHelper
OleCreateMenuDescriptor
CoIsHandlerConnected
CLSIDFromString
HICON_UserFree

imm32

ImmDestroyContext
ImmUnregisterWordW
ImmSetCompositionFontA
ImmGetDescriptionA
ImmGetConversionStatus
ImmSetCompositionStringA
ImmRegisterWordA
ImmGetConversionListW
ImmEnumRegisterWordA

comdlg32

GetFileTitleW
GetSaveFileNameA
GetFileTitleA

ntdsapi

DsReplicaDelW
DsBindA
DsBindWithSpnW
DsReplicaSyncAllW
DsUnquoteRdnValueA

urlmon

CoInternetGetProtocolFlags
HlinkNavigateMoniker
CoInternetGetSession
HlinkGoBack

pdh

PdhBrowseCountersW
PdhGetDataSourceTimeRangeA
PdhGetLogFileSize

mprapi

MprInfoBlockRemove
MprInfoBlockAdd

clusapi

SetClusterResourceName
ClusterOpenEnum
ClusterRegOpenKey
ClusterRegQueryInfoKey
CloseClusterResource
ClusterResourceTypeCloseEnum

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDriverInfoList
SetupCommitFileQueueA
SetupCopyOEMInfW
SetupInstallServicesFromInfSectionExW
SetupRemoveInstallSectionFromDiskSpaceListA
SetupDiCancelDriverInfoSearch
SetupFindNextMatchLineW
SetupDiCallClassInstaller

shell32

ExtractAssociatedIconW
SHFileOperationW
DuplicateIcon

oleaut32

VarCyFromI1
VarUI2FromR4

kernel32

FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetTimeZoneInformation
ReadFile
SetEndOfFile
FlushFileBuffers
QueryPerformanceCounter
VirtualProtect
GetConsoleOutputCP
WriteConsoleA
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetVersionExA
GetCommandLineA
LoadLibraryA
InterlockedExchange
FreeLibrary
Sleep
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetSystemInfo
GetDefaultCommConfigA
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
InitializeCriticalSection
CloseHandle
LCMapStringW
MultiByteToWideChar
LCMapStringA
HeapCreate
HeapDestroy
HeapReAlloc
HeapFree
GetConsoleMode
GetConsoleCP
FatalAppExitA
GetModuleFileNameA
ExitProcess
VirtualAlloc
VirtualFree
GetModuleHandleA
GetProcAddress
lstrcmpiW
LoadLibraryW
lstrlenW
GetModuleHandleW
GetPrivateProfileIntW
GetCurrentProcess
ExitThread
MoveFileExA
GetFullPathNameW
GetFileInformationByHandle
GetLogicalDriveStringsW
SetNamedPipeHandleState
WriteConsoleW
ReadFileScatter
DeleteTimerQueueEx
WritePrivateProfileSectionW
RegisterWaitForSingleObject
SetMailslotInfo
LocalReAlloc
CreateNamedPipeW
SetVolumeMountPointA
GetDiskFreeSpaceW
MoveFileWithProgressW
SetTapeParameters
CreateActCtxA
GetCPInfoExW
InitializeSListHead
SetFilePointer
VirtualQuery
SetProcessWorkingSetSize
SetFirmwareEnvironmentVariableA
TerminateProcess
SetProcessAffinityMask
EnumResourceTypesW
WTSGetActiveConsoleSessionId
SetStdHandle
GetSystemDefaultUILanguage
GetDiskFreeSpaceExW
GetProcessHeap
DisconnectNamedPipe
GetOverlappedResult
WriteFile
WaitForSingleObjectEx
FreeResource
GetModuleFileNameW
lstrcmpiA
CreateWaitableTimerW
DeleteTimerQueue
CreateFileA
SleepEx
ActivateActCtx
WritePrivateProfileStringA
GetBinaryTypeA
SetConsoleTitleW
GlobalFindAtomW
GetCPInfo
SetConsoleCtrlHandler
lstrcpynA
GetExitCodeThread
SetConsoleOutputCP
GetLongPathNameA
ResetWriteWatch
GetThreadLocale
GetTimeFormatW
GenerateConsoleCtrlEvent
GetUserGeoID
CreatePipe
DeleteVolumeMountPointA
TransactNamedPipe
CreateWaitableTimerA
EnumSystemGeoID
OpenFile
WaitNamedPipeW
GetProcessHandleCount
FindFirstFileW
RaiseException
ReleaseSemaphore
GetSystemDefaultLCID
GetPrivateProfileStringA
GetMailslotInfo
SetDefaultCommConfigA
GetSystemWow64DirectoryW
FlushConsoleInputBuffer
LocalFileTimeToFileTime
EnumResourceNamesA
FindVolumeMountPointClose
ReplaceFileA
DosDateTimeToFileTime
EnumLanguageGroupLocalesW
GetTapeStatus
OpenFileMappingW
CreateSemaphoreW
GetPrivateProfileSectionNamesW
TzSpecificLocalTimeToSystemTime
GlobalCompact
InterlockedPushEntrySList
WaitForSingleObject
SetMessageWaitingIndicator
FreeEnvironmentStringsA
EnumDateFormatsA
GlobalFix
CreateMutexA
LocalUnlock
MapViewOfFileEx
SetLocaleInfoA
GetProcessAffinityMask
GetFileSizeEx
PulseEvent
GetLocaleInfoW
GetHandleInformation
AttachConsole
GetLastError
DeleteFileA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapAlloc
WideCharToMultiByte
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
OutputDebugStringA
RtlUnwind
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetCurrentThread
ExitProcess

Sections

.text
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.flat
Size: 940KB - Virtual size: 938KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9376e5638910a0403cd4c2b65c57a9fd

Headers

File Characteristics

Imports

ole32

imm32

comdlg32

ntdsapi

urlmon

pdh

mprapi

clusapi

setupapi

shell32

oleaut32

kernel32

Sections

.text Size: 180KB - Virtual size: 179KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 8KB - Virtual size: 13KB

.flat Size: 940KB - Virtual size: 938KB

.rsrc Size: 8KB - Virtual size: 1.1MB

.text
Size: 180KB - Virtual size: 179KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 8KB - Virtual size: 13KB

.flat
Size: 940KB - Virtual size: 938KB

.rsrc
Size: 8KB - Virtual size: 1.1MB