907e5aef166b4ccbdf5d7b8706a753a8af4b12796080ae1b1ccdfa9ebba29c69

Sharing

Copy URL

Twitter E-mail

General

Target

907e5aef166b4ccbdf5d7b8706a753a8af4b12796080ae1b1ccdfa9ebba29c69
Size

309KB
MD5

d3481bb7c8a2ac136ee9f8fc953c2391
SHA1

846953d2b560a06d50f422549383b96802f2a02a
SHA256

907e5aef166b4ccbdf5d7b8706a753a8af4b12796080ae1b1ccdfa9ebba29c69
SHA512

0c2d8bbe7bf486c1bea725870cca63714a416f4db9986ba65cd9b0adbb62ee777a43d7e3bc3bb3d1bfd579d00da28aeec4a7f140d229146cb0e499f76f7ba68c
SSDEEP

6144:vdxVI+iF3x61QQIpplyIu+VEdcU2lzSQ5VqQ+IlSK9SpcaA:Da1Fh6qpbVFs0Vr+8SK9Sc

Score

N/A

Malware Config

Signatures

Files

907e5aef166b4ccbdf5d7b8706a753a8af4b12796080ae1b1ccdfa9ebba29c69
.exe windows x86

3516a73b13b845b7ef2e7beca89b03d6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateInstance
ProgIDFromCLSID
OleQueryLinkFromData
CLSIDFromString

kernel32

EncodePointer
HeapReAlloc
HeapAlloc
GetStringTypeW
MultiByteToWideChar
OpenMutexA
GetCPInfoExA
IsBadCodePtr
LocalHandle
CompareStringA
GetModuleHandleA
GetProcAddress
Sleep
VirtualAllocEx
ExitProcess
LCMapStringW
HeapSize
RtlUnwind
HeapFree
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetCurrentProcess
GetCommandLineA
HeapSetInformation
GetStartupInfoW
SetUnhandledExceptionFilter
GetModuleHandleW
DecodePointer
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
IsProcessorFeaturePresent
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
GetLastError
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
UnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess

usp10

ScriptGetGlyphABCWidth
ScriptItemize
ScriptGetProperties
ScriptGetLogicalWidths
ScriptIsComplex
ScriptGetCMap

rpcrt4

RpcServerUseProtseqA

Sections

.yfbfbdj
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.uretigz
Size: 273KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3516a73b13b845b7ef2e7beca89b03d6

Headers

DLL Characteristics

File Characteristics

Imports

ole32

kernel32

usp10

rpcrt4

Sections

.yfbfbdj Size: 23KB - Virtual size: 23KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 3KB - Virtual size: 13KB

.uretigz Size: 273KB - Virtual size: 272KB

.yfbfbdj
Size: 23KB - Virtual size: 23KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 3KB - Virtual size: 13KB

.uretigz
Size: 273KB - Virtual size: 272KB