d71923e354fabc6d97f333f814e5f5eb2b9ebcb2ef44ac56655dbe6ea51ab66f

Sharing

Copy URL Twitter E-mail

General

Target

d71923e354fabc6d97f333f814e5f5eb2b9ebcb2ef44ac56655dbe6ea51ab66f
Size

1.1MB
MD5

dd248575fc66d02a8f319e6aeffe860e
SHA1

5318ae6dd661a381033de69f47dbe29d70f7e7dc
SHA256

d71923e354fabc6d97f333f814e5f5eb2b9ebcb2ef44ac56655dbe6ea51ab66f
SHA512

53ee1e0b1baf4907f3342c9fa26e7e5daefc9c748117779d88d58e5726c90cbe49d0087b18159c0cd6a0ec82c354383e97c5b7485a2a615865b437a89a342f2f
SSDEEP

24576:LYtqO4/R6nl1apm8pWAzZ9Mm1CsNUiDdYZi+p:WqOTap/TMmosvZ

Score

N/A

Malware Config

Signatures

Files

d71923e354fabc6d97f333f814e5f5eb2b9ebcb2ef44ac56655dbe6ea51ab66f
.exe windows x86

9376e5638910a0403cd4c2b65c57a9fd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleSetClipboard
CoGetInstanceFromFile
StringFromGUID2
StgCreatePropStg
OleCreateEmbeddingHelper
OleCreateMenuDescriptor
CoIsHandlerConnected
CLSIDFromString
HICON_UserFree

imm32

ImmDestroyContext
ImmUnregisterWordW
ImmSetCompositionFontA
ImmGetDescriptionA
ImmGetConversionStatus
ImmSetCompositionStringA
ImmRegisterWordA
ImmGetConversionListW
ImmEnumRegisterWordA

comdlg32

GetFileTitleW
GetSaveFileNameA
GetFileTitleA

ntdsapi

DsReplicaDelW
DsBindA
DsBindWithSpnW
DsReplicaSyncAllW
DsUnquoteRdnValueA

urlmon

CoInternetGetProtocolFlags
HlinkNavigateMoniker
CoInternetGetSession
HlinkGoBack

pdh

PdhBrowseCountersW
PdhGetDataSourceTimeRangeA
PdhGetLogFileSize

mprapi

MprInfoBlockRemove
MprInfoBlockAdd

clusapi

SetClusterResourceName
ClusterOpenEnum
ClusterRegOpenKey
ClusterRegQueryInfoKey
CloseClusterResource
ClusterResourceTypeCloseEnum

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDriverInfoList
SetupCommitFileQueueA
SetupCopyOEMInfW
SetupInstallServicesFromInfSectionExW
SetupRemoveInstallSectionFromDiskSpaceListA
SetupDiCancelDriverInfoSearch
SetupFindNextMatchLineW
SetupDiCallClassInstaller

shell32

ExtractAssociatedIconW
SHFileOperationW
DuplicateIcon

oleaut32

VarCyFromI1
VarUI2FromR4

kernel32

FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetTimeZoneInformation
ReadFile
SetEndOfFile
FlushFileBuffers
QueryPerformanceCounter
VirtualProtect
GetConsoleOutputCP
WriteConsoleA
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetVersionExA
GetCommandLineA
LoadLibraryA
InterlockedExchange
FreeLibrary
Sleep
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetSystemInfo
GetDefaultCommConfigA
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
InitializeCriticalSection
CloseHandle
LCMapStringW
MultiByteToWideChar
LCMapStringA
HeapCreate
HeapDestroy
HeapReAlloc
HeapFree
GetConsoleMode
GetConsoleCP
FatalAppExitA
GetModuleFileNameA
ExitProcess
VirtualAlloc
VirtualFree
GetModuleHandleA
GetProcAddress
lstrcmpiW
LoadLibraryW
lstrlenW
GetModuleHandleW
GetPrivateProfileIntW
GetCurrentProcess
ExitThread
MoveFileExA
GetFullPathNameW
GetFileInformationByHandle
GetLogicalDriveStringsW
SetNamedPipeHandleState
WriteConsoleW
ReadFileScatter
DeleteTimerQueueEx
WritePrivateProfileSectionW
RegisterWaitForSingleObject
SetMailslotInfo
LocalReAlloc
CreateNamedPipeW
SetVolumeMountPointA
GetDiskFreeSpaceW
MoveFileWithProgressW
SetTapeParameters
CreateActCtxA
GetCPInfoExW
InitializeSListHead
SetFilePointer
VirtualQuery
SetProcessWorkingSetSize
SetFirmwareEnvironmentVariableA
TerminateProcess
SetProcessAffinityMask
EnumResourceTypesW
WTSGetActiveConsoleSessionId
SetStdHandle
GetSystemDefaultUILanguage
GetDiskFreeSpaceExW
GetProcessHeap
DisconnectNamedPipe
GetOverlappedResult
WriteFile
WaitForSingleObjectEx
FreeResource
GetModuleFileNameW
lstrcmpiA
CreateWaitableTimerW
DeleteTimerQueue
CreateFileA
SleepEx
ActivateActCtx
WritePrivateProfileStringA
GetBinaryTypeA
SetConsoleTitleW
GlobalFindAtomW
GetCPInfo
SetConsoleCtrlHandler
lstrcpynA
GetExitCodeThread
SetConsoleOutputCP
GetLongPathNameA
ResetWriteWatch
GetThreadLocale
GetTimeFormatW
GenerateConsoleCtrlEvent
GetUserGeoID
CreatePipe
DeleteVolumeMountPointA
TransactNamedPipe
CreateWaitableTimerA
EnumSystemGeoID
OpenFile
WaitNamedPipeW
GetProcessHandleCount
FindFirstFileW
RaiseException
ReleaseSemaphore
GetSystemDefaultLCID
GetPrivateProfileStringA
GetMailslotInfo
SetDefaultCommConfigA
GetSystemWow64DirectoryW
FlushConsoleInputBuffer
LocalFileTimeToFileTime
EnumResourceNamesA
FindVolumeMountPointClose
ReplaceFileA
DosDateTimeToFileTime
EnumLanguageGroupLocalesW
GetTapeStatus
OpenFileMappingW
CreateSemaphoreW
GetPrivateProfileSectionNamesW
TzSpecificLocalTimeToSystemTime
GlobalCompact
InterlockedPushEntrySList
WaitForSingleObject
SetMessageWaitingIndicator
FreeEnvironmentStringsA
EnumDateFormatsA
GlobalFix
CreateMutexA
LocalUnlock
MapViewOfFileEx
SetLocaleInfoA
GetProcessAffinityMask
GetFileSizeEx
PulseEvent
GetLocaleInfoW
GetHandleInformation
AttachConsole
GetLastError
DeleteFileA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapAlloc
WideCharToMultiByte
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
OutputDebugStringA
RtlUnwind
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetCurrentThread
ExitProcess

Sections

.text
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.flat
Size: 932KB - Virtual size: 929KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9376e5638910a0403cd4c2b65c57a9fd

Headers

File Characteristics

Imports

ole32

imm32

comdlg32

ntdsapi

urlmon

pdh

mprapi

clusapi

setupapi

shell32

oleaut32

kernel32

Sections

.text Size: 180KB - Virtual size: 179KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 8KB - Virtual size: 13KB

.flat Size: 932KB - Virtual size: 929KB

.rsrc Size: 8KB - Virtual size: 1.1MB

.text
Size: 180KB - Virtual size: 179KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 8KB - Virtual size: 13KB

.flat
Size: 932KB - Virtual size: 929KB

.rsrc
Size: 8KB - Virtual size: 1.1MB