5379e5176d554ab5d66cabfec28b107c104aa3d4e200dcd44baf898771f61d97

Sharing

Copy URL Twitter E-mail

General

Target

5379e5176d554ab5d66cabfec28b107c104aa3d4e200dcd44baf898771f61d97
Size

72KB
MD5

9ae7391d1dc8b4bcf66310e4be269d65
SHA1

9c626dd684221059bf7453b415b1d1b6fd43dc33
SHA256

5379e5176d554ab5d66cabfec28b107c104aa3d4e200dcd44baf898771f61d97
SHA512

e1b881285b73c9fed530d3250306412e3f2289846585b207b5d3d40d273abd9b2fabcbfa91dc3d2582c5b767d359302ee06e86720faca50fb21873578a83c07c
SSDEEP

1536:rgh3rknjdOcEj444mKf+YIH0gOL/OT4ugs3tl4kdl:rgh3QnkwmuICL/OT4Vs3P4S

Score

N/A

Malware Config

Signatures

Files

5379e5176d554ab5d66cabfec28b107c104aa3d4e200dcd44baf898771f61d97
.exe windows x86

d467829334fdda6b084d20d63a83360b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

shell32

SHIsFileAvailableOffline

kernel32

Sleep
GetProcessTimes
EnumCalendarInfoA
GetModuleHandleW
GetLastError
ExitThread
GetCurrentThreadId
WaitNamedPipeA
GetCommTimeouts
GetCommMask
SetThreadLocale
SetCalendarInfoW
WaitCommEvent
LocalAlloc
LCMapStringA
SetProcessShutdownParameters
CreateTapePartition
Process32FirstW
WaitForSingleObjectEx
CreateFiberEx
GetModuleFileNameA
GetOEMCP
FreeEnvironmentStringsW
GetNamedPipeHandleStateA
FindNextChangeNotification
VirtualLock
ScrollConsoleScreenBufferA
EnumTimeFormatsW
WideCharToMultiByte
GetProcAddress
SetConsoleTextAttribute
VerLanguageNameA
GetUserDefaultUILanguage
lstrcpyA
CreateDirectoryA
GetConsoleScreenBufferInfo
GetPrivateProfileSectionNamesA
GetThreadPriorityBoost
TlsSetValue
GlobalGetAtomNameW
Process32Next
GetProcessHeap
GlobalUnlock
RemoveVectoredExceptionHandler
CommConfigDialogW
VerSetConditionMask
PeekConsoleInputA
GetPrivateProfileSectionA
QueryDepthSList
ReadFileEx
CancelDeviceWakeupRequest
IsDBCSLeadByte
EnumDateFormatsW
OpenSemaphoreA
GetSystemPowerStatus
WriteConsoleOutputA
WriteConsoleOutputCharacterA
OpenFileMappingA
IsBadWritePtr
QueryPerformanceCounter
CompareStringA
EnumLanguageGroupLocalesW
ReadConsoleInputW
ReadFileScatter
EnumCalendarInfoA
GlobalFlags
GetFileInformationByHandle
GetFirmwareEnvironmentVariableW
TransactNamedPipe
WriteConsoleW
CreateThread
OutputDebugStringA
SetStdHandle
CreateDirectoryW
GetStringTypeExA
GetProcessShutdownParameters
WriteConsoleInputW
Heap32ListNext
LoadModule
BuildCommDCBA
VirtualQuery
CancelTimerQueueTimer
GetProcessVersion
CancelIo
FillConsoleOutputCharacterA
LCMapStringW
Heap32ListFirst
ScrollConsoleScreenBufferW

msvcrt

wcslen
toupper
vprintf
iswalpha
wcstod
scanf
strcpy
iswpunct
isdigit
iswdigit
rewind
iswxdigit
towupper
iswupper
wcscoll
fclose
wcscmp

oleaut32

VarUI2FromI4
VarCyRound

urlmon

FaultInIEFeature
RegisterFormatEnumerator
HlinkGoBack
ReleaseBindInfo

user32

CreateMDIWindowW
OpenInputDesktop
GetLastActivePopup
IsCharUpperW

pdh

PdhOpenQueryA

mprapi

MprAdminMIBEntryGet
MprAdminDeviceEnum
MprConfigInterfaceTransportAdd
MprAdminMIBEntryCreate

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nn3j
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d467829334fdda6b084d20d63a83360b

Headers

DLL Characteristics

File Characteristics

Imports

shell32

kernel32

msvcrt

oleaut32

urlmon

user32

pdh

mprapi

Sections

.text Size: 40KB - Virtual size: 40KB

.data Size: 8KB - Virtual size: 12KB

.nn3j Size: 16KB - Virtual size: 16KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 40KB - Virtual size: 40KB

.data
Size: 8KB - Virtual size: 12KB

.nn3j
Size: 16KB - Virtual size: 16KB

.rsrc
Size: 4KB - Virtual size: 1KB