e583a7d984edc5cb1bd4a09b73acfadc02d7e52a7d3bf5e21abfc6a9da11d810

Sharing

Copy URL Twitter E-mail

General

Target

e583a7d984edc5cb1bd4a09b73acfadc02d7e52a7d3bf5e21abfc6a9da11d810
Size

423KB
MD5

0985f23765abeace87239ae3a3ce2aba
SHA1

e010d06479864f4e3b964e7890d96a90f25d7269
SHA256

e583a7d984edc5cb1bd4a09b73acfadc02d7e52a7d3bf5e21abfc6a9da11d810
SHA512

7c97cdc54cd69943754ed87efa1b1bd9eafbbd3c5858f7fb59b7fc155eab04e6f4cf9a92eda1d9c257041320b7e9645bda95895766380830e12482148b412cf6
SSDEEP

6144:+6jZO9tMc7JFXD8ZdUP+h6OoDK8DGyWnnCCGhJUZfDWM0hnjuBncvc4SlVwz7vEe:XPeJjP+54XDGyknCCntWbVCBn9wz7s4

Score

N/A

Malware Config

Signatures

Files

e583a7d984edc5cb1bd4a09b73acfadc02d7e52a7d3bf5e21abfc6a9da11d810
.exe windows x86

f4597b87a294c2d2f923c3d0d4245092

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msi

MsiSetExternalUIRecord
MsiSetExternalUIW
MsiSetFeatureAttributesA
MsiSetFeatureAttributesW
MsiSetFeatureStateA
MsiSetFeatureStateW
MsiSetInstallLevel
MsiSetInternalUI
MsiSetMode
MsiSetPropertyA
MsiSetPropertyW
MsiSetTargetPathA
MsiSetTargetPathW
MsiSourceListAddMediaDiskA
MsiSourceListAddMediaDiskW
MsiSourceListAddSourceA
MsiSourceListAddSourceExA
MsiSourceListAddSourceExW
MsiSourceListAddSourceW
MsiSourceListClearAllA
MsiSourceListClearAllExA
MsiSourceListClearAllExW
MsiSourceListClearAllW
MsiSourceListClearMediaDiskA
MsiSourceListClearMediaDiskW
MsiSourceListClearSourceA
MsiSourceListClearSourceW
MsiSourceListEnumMediaDisksA
MsiSourceListEnumMediaDisksW
MsiSourceListEnumSourcesA
MsiSourceListEnumSourcesW
MsiSourceListForceResolutionA
MsiSourceListForceResolutionExA
MsiSourceListForceResolutionExW
MsiSourceListForceResolutionW

msvcrt

fread
fopen

kernel32

GetLocalTime
GetTickCount
GetSystemDirectoryA
GetVersionExA
PeekConsoleInputA
EnumCalendarInfoW
CallNamedPipeA
MulDiv
_lopen

mprapi

CompressPhoneNumber
MprAdminBufferFree
MprAdminConnectionClearStats
MprAdminConnectionEnum
MprAdminConnectionGetInfo
MprAdminDeregisterConnectionNotification

htui

HTUI_ColorAdjustment

httpapi

HttpAddFragmentToCache

mssign32

PvkPrivateKeyLoad
PvkPrivateKeyLoadA
PvkPrivateKeyLoadFromMemory
PvkPrivateKeyLoadFromMemoryA
PvkPrivateKeyReleaseContext
PvkPrivateKeyReleaseContextA
PvkPrivateKeySave
PvkPrivateKeySaveA
PvkPrivateKeySaveToMemory
PvkPrivateKeySaveToMemoryA
SignError
SignerAddTimeStampResponse

cmutil

??0CIniA@@QAE@PAUHINSTANCE__@@PBD111@Z
??0CIniW@@QAE@PAUHINSTANCE__@@PBG111@Z
??0CRandom@@QAE@I@Z
??0CRandom@@QAE@XZ
??0CmLogFile@@QAE@XZ
??1CIniA@@QAE@XZ
??1CIniW@@QAE@XZ
??1CmLogFile@@QAE@XZ
??4CIniA@@QAEAAV0@ABV0@@Z
??4CIniW@@QAEAAV0@ABV0@@Z
??4CRandom@@QAEAAV0@ABV0@@Z
??0CIniA@@QAE@PAUHINSTANCE__@@PBD111@Z

hhsetup

??0CCollection@@QAE@XZ
??0CFIFOString@@QAE@XZ

Sections

code
Size: 1KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

RDBBS22
Size: 9KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RSRC
Size: 410KB - Virtual size: 412KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RelvC
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f4597b87a294c2d2f923c3d0d4245092

Headers

File Characteristics

Imports

msi

msvcrt

kernel32

mprapi

htui

httpapi

mssign32

cmutil

hhsetup

Sections

code Size: 1KB - Virtual size: 16KB

RDBBS22 Size: 9KB - Virtual size: 76KB

.RSRC Size: 410KB - Virtual size: 412KB

.RelvC Size: 512B - Virtual size: 4KB

code
Size: 1KB - Virtual size: 16KB

RDBBS22
Size: 9KB - Virtual size: 76KB

.RSRC
Size: 410KB - Virtual size: 412KB

.RelvC
Size: 512B - Virtual size: 4KB