40ece4f0ee30e64f6011de3de92a611ccae00eeca846c4797545b796bc95459a

Sharing

Copy URL Twitter E-mail

General

Target

40ece4f0ee30e64f6011de3de92a611ccae00eeca846c4797545b796bc95459a
Size

132KB
MD5

51810f13921600f7e389dc23ff8d3cce
SHA1

314a40aab83fb89cb04e76264692a6b75c9c26e7
SHA256

40ece4f0ee30e64f6011de3de92a611ccae00eeca846c4797545b796bc95459a
SHA512

be6c19abeeb6a916bd06ddf6b6e3a76e12428afc748bc00f3206ce2866f5a7fa52d4109a46b05728357313c40b27490cf48bd84c427268088b4e22a01d23415e
SSDEEP

3072:irbmv3aPfy5OIVGwHYqcLi1P8BUcZYdIpfVn8:JKUOIKbqEUc4in8

Score

N/A

Malware Config

Signatures

Files

40ece4f0ee30e64f6011de3de92a611ccae00eeca846c4797545b796bc95459a
.exe windows x86

4fe9efd86fea5ebf2e773a240e0fc5cb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

avifil32

AVIStreamFindSample
AVIStreamGetFrameOpen
AVIPutFileOnClipboard
AVIStreamGetFrameClose
AVIStreamTimeToSample
AVISaveV
AVIStreamLength
AVISaveW
AVIStreamWrite
EditStreamCopy
AVIFileOpen
AVIStreamInfoA
AVIStreamInfoW
AVIStreamOpenFromFile
IID_IGetFrame
AVIClearClipboard
AVIFileInit
AVIFileGetStream
AVIFileExit

iassvcs

IASRegisterComponent
IASUninitialize
IASAllocateUniqueID
IASAdler32
DllCanUnloadNow
IASVariantChangeType
DllUnregisterServer
IASReportEvent
IASRadiusCrypt
DllRegisterServer
IASSetMaxThreadIdle
IASSetMaxNumberOfThreads
DllGetClassObject
IASRequestThread
IASInitialize

kernel32

VirtualAlloc
HeapAlloc
QueryPerformanceCounter
GetSystemTime
lstrcpynA
VirtualFree
GetVersion
GetStartupInfoA
GetFileAttributesW
GetConsoleWindow
HeapFree
CreateFileA
GetTickCount
ReadFile
AddAtomA
WriteFile
GetFileAttributesA
GetProcessHeap
GetCurrentProcess
CloseHandle
GetModuleHandleA
lstrlenW
lstrcmpA
GetLastError
GetCurrentThreadId

clusapi

ClusterNetworkControl
GetClusterResourceNetworkName
ChangeClusterResourceGroup
GetClusterNetworkState
ClusterResourceTypeControl
ResumeClusterNode
SetClusterGroupName
CloseClusterNode
ClusterResourceCloseEnum
GetClusterGroupState
CloseClusterNotifyPort
GetClusterNetworkId
CloseClusterNetInterface

cmutil

?SetEntry@CIniA@@QAEXPBD@Z
?GPPS@CIniW@@QBEPAGPBG00@Z
CmWinHelp
CmRealloc
CmFmtMsgW
?GPPB@CIniW@@QBEHPBG0H@Z
CmParsePathW
?SetSection@CIniW@@QAEXPBG@Z
CmLoadSmallIconW

cryptext

CryptExtAddP7RW
CryptExtAddCRLW
CryptExtOpenP7RW
CryptExtAddCTLW
CryptExtOpenCAT
CryptExtOpenCATW
CryptExtOpenCERW
CryptExtOpenSTRW
CryptExtAddSPCW

raschap

RasCpEnumProtocolIds
RasEapInvokeInteractiveUI
RasCpGetInfo
DllCanUnloadNow
DllUnregisterServer
RasEapInvokeConfigUI
RasEapGetInfo
DllGetClassObject
RasEapGetIdentity
RasEapFreeMemory
DllRegisterServer

gdi32

EqualRgn
CreateBrushIndirect
DeleteObject
CreatePalette
CreateSolidBrush
SelectObject
EnumFontFamiliesA
GetTextExtentPointW
CreatePen
GetLogColorSpaceW

shlwapi

PathStripToRootA
PathFindFileNameA
PathGetDriveNumberW
StrStrIW
StrTrimA
PathSkipRootW
StrCSpnW
PathStripPathA
PathStripPathW
PathSkipRootA

msports

ComDBClaimPort
ComDBResizeDatabase
ComDBReleasePort
SerialDisplayAdvancedSettings
SerialPortPropPageProvider
ComDBClaimNextFreePort
PortsClassInstaller
ParallelPortPropPageProvider
ComDBOpen
ComDBGetCurrentPortUsage

advpack

NeedRebootInit
GetVersionFromFileEx
IsNTAdmin
CloseINFEngine

devenum

DllGetClassObject
DllRegisterServer
DllCanUnloadNow
DllUnregisterServer

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4fe9efd86fea5ebf2e773a240e0fc5cb

Headers

DLL Characteristics

File Characteristics

Imports

avifil32

iassvcs

kernel32

clusapi

cmutil

cryptext

raschap

gdi32

shlwapi

msports

advpack

devenum

Sections

.text Size: 15KB - Virtual size: 15KB

.rsrc Size: 95KB - Virtual size: 95KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 11KB - Virtual size: 22KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 15KB - Virtual size: 15KB

.rsrc
Size: 95KB - Virtual size: 95KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 11KB - Virtual size: 22KB

.reloc
Size: 5KB - Virtual size: 4KB