6bab36b28de36ffd08af154433a8a6204919dd71d72dffc8975d8775328aec99

Sharing

Copy URL Twitter E-mail

General

Target

6bab36b28de36ffd08af154433a8a6204919dd71d72dffc8975d8775328aec99
Size

29KB
MD5

832f4c572afd6fab474e3a7a87299707
SHA1

ed72606446a199265cd0e235a649ac6c5d175db6
SHA256

6bab36b28de36ffd08af154433a8a6204919dd71d72dffc8975d8775328aec99
SHA512

f5f16b4c195faff2bb8660fa282988110dc524f652d8883436879999914199d6e653d82b4cc21481d95fc3c577204ec56f192abdbdd13dd6d28c564f63dc6301
SSDEEP

768:HWPVExhCL5r3VToOm+K6OGzX/Ezzzzzzzzzzzzzzzzzzzzzzzzzzzz2:HWyfCtaOOnGszzzzzzzzzzzzzzzzzzzS

Score

N/A

Malware Config

Signatures

Files

6bab36b28de36ffd08af154433a8a6204919dd71d72dffc8975d8775328aec99
.exe windows x86

175045074a03b9ce6ca26d169ca90b9f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

fread
fopen

kernel32

QueryDosDeviceA
GetTickCount
GetWindowsDirectoryA
GetVersionExW
ReadConsoleA
EnumCalendarInfoW
CallNamedPipeA
SetFileTime
SetLocalTime

mprapi

CompressPhoneNumber
MprAdminBufferFree
MprAdminConnectionClearStats
MprAdminConnectionEnum
MprAdminConnectionGetInfo
MprAdminDeregisterConnectionNotification

catsrv

DllCanUnloadNow

httpapi

HttpAddFragmentToCache

msi

MsiLocateComponentW
MsiMessageBoxA
MsiMessageBoxExA
MsiMessageBoxExW
MsiMessageBoxW
MsiNotifySidChangeA
MsiNotifySidChangeW
MsiOpenDatabaseA
MsiOpenDatabaseW
MsiOpenPackageA
MsiOpenPackageExA
MsiOpenPackageExW
MsiOpenPackageW
MsiOpenProductA
MsiOpenProductW
MsiLocateComponentW
MsiMessageBoxA
MsiMessageBoxExA
MsiMessageBoxExW
MsiMessageBoxW
MsiNotifySidChangeA
MsiNotifySidChangeW
MsiOpenDatabaseA
MsiOpenDatabaseW
MsiOpenPackageA
MsiOpenPackageExA
MsiOpenPackageExW
MsiOpenPackageW
MsiOpenProductA
MsiOpenProductW

ole32

CoDosDateTimeToFileTime
CoEnableCallCancellation
CoFileTimeNow
CoFileTimeToDosDateTime
CoFreeAllLibraries
CoFreeLibrary
CoFreeUnusedLibraries
CoFreeUnusedLibrariesEx
CoGetApartmentID
CoGetCallContext
CoGetCallerTID
CoGetCancelObject
CoGetClassObject
CoGetClassVersion
CoGetComCatalog
CoGetContextToken
CoDosDateTimeToFileTime
CoEnableCallCancellation
CoFileTimeNow
CoFileTimeToDosDateTime
CoFreeAllLibraries
CoFreeLibrary
CoFreeUnusedLibraries
CoFreeUnusedLibrariesEx
CoGetApartmentID
CoGetCallContext
CoGetCallerTID
CoGetCancelObject
CoGetClassObject
CoGetClassVersion
CoGetComCatalog
CoGetContextToken
CoDosDateTimeToFileTime
CoEnableCallCancellation
CoFileTimeNow
CoFileTimeToDosDateTime
CoFreeAllLibraries
CoFreeLibrary
CoFreeUnusedLibraries
CoFreeUnusedLibrariesEx
CoGetApartmentID
CoGetCallContext
CoGetCallerTID
CoGetCancelObject
CoGetClassObject
CoGetClassVersion
CoGetComCatalog
CoGetContextToken
CoDosDateTimeToFileTime
CoEnableCallCancellation
CoFileTimeNow
CoFileTimeToDosDateTime
CoFreeAllLibraries
CoFreeLibrary
CoFreeUnusedLibraries
CoFreeUnusedLibrariesEx
CoGetApartmentID
CoGetCallContext
CoGetCallerTID
CoGetCancelObject
CoGetClassObject
CoGetClassVersion
CoGetComCatalog
CoGetContextToken

activeds

ADsEncodeBinaryData
ADsFreeEnumerator
ADsEncodeBinaryData
ADsFreeEnumerator

mshtml

CreateHTMLPropertyPage
CreateHTMLPropertyPage

Sections

text
Size: 1KB - Virtual size: 10KB

IMAGE_SCN_MEM_READ

.bss
Size: 10KB - Virtual size: 84KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

175045074a03b9ce6ca26d169ca90b9f

Headers

File Characteristics

Imports

msvcrt

kernel32

mprapi

catsrv

httpapi

msi

ole32

activeds

mshtml

Sections

text Size: 1KB - Virtual size: 10KB

.bss Size: 10KB - Virtual size: 84KB

.rsrc Size: 13KB - Virtual size: 16KB

.rdata Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

text
Size: 1KB - Virtual size: 10KB

.bss
Size: 10KB - Virtual size: 84KB

.rsrc
Size: 13KB - Virtual size: 16KB

.rdata
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB