275a00794a4b51c8a66f62a052f6387ea3610977c3808c49fdf93df21ef647a6

Sharing

Copy URL Twitter E-mail

General

Target

275a00794a4b51c8a66f62a052f6387ea3610977c3808c49fdf93df21ef647a6
Size

423KB
MD5

183f6c2bf474fca461890407bdd4cceb
SHA1

62e04fef6705fd2fd64aba04c1266df6a93eb98f
SHA256

275a00794a4b51c8a66f62a052f6387ea3610977c3808c49fdf93df21ef647a6
SHA512

2938f5c75ed00e48e86d83b0b78c873f0f202edb1ee18f614469ea0baadd560ab5b11b5931771eba20ade43838f35a53934135c7b7b5e647c58e19b8cfd3e1cd
SSDEEP

6144:Z+tCIqA11lam7fuU2FSX9TD8ILNllLW9XSrynOKFGuQnLUOF8mX5ShPxP94K/:Z+Ca712FSpDdmirC7FGunQkZ4K/

Score

N/A

Malware Config

Signatures

Files

275a00794a4b51c8a66f62a052f6387ea3610977c3808c49fdf93df21ef647a6
.exe windows x86

f4597b87a294c2d2f923c3d0d4245092

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msi

MsiSetExternalUIRecord
MsiSetExternalUIW
MsiSetFeatureAttributesA
MsiSetFeatureAttributesW
MsiSetFeatureStateA
MsiSetFeatureStateW
MsiSetInstallLevel
MsiSetInternalUI
MsiSetMode
MsiSetPropertyA
MsiSetPropertyW
MsiSetTargetPathA
MsiSetTargetPathW
MsiSourceListAddMediaDiskA
MsiSourceListAddMediaDiskW
MsiSourceListAddSourceA
MsiSourceListAddSourceExA
MsiSourceListAddSourceExW
MsiSourceListAddSourceW
MsiSourceListClearAllA
MsiSourceListClearAllExA
MsiSourceListClearAllExW
MsiSourceListClearAllW
MsiSourceListClearMediaDiskA
MsiSourceListClearMediaDiskW
MsiSourceListClearSourceA
MsiSourceListClearSourceW
MsiSourceListEnumMediaDisksA
MsiSourceListEnumMediaDisksW
MsiSourceListEnumSourcesA
MsiSourceListEnumSourcesW
MsiSourceListForceResolutionA
MsiSourceListForceResolutionExA
MsiSourceListForceResolutionExW
MsiSourceListForceResolutionW

msvcrt

fread
fopen

kernel32

GetLocalTime
GetTickCount
GetSystemDirectoryA
GetVersionExA
PeekConsoleInputA
EnumCalendarInfoW
CallNamedPipeA
MulDiv
_lopen

mprapi

CompressPhoneNumber
MprAdminBufferFree
MprAdminConnectionClearStats
MprAdminConnectionEnum
MprAdminConnectionGetInfo
MprAdminDeregisterConnectionNotification

htui

HTUI_ColorAdjustment

httpapi

HttpAddFragmentToCache

mssign32

PvkPrivateKeyLoad
PvkPrivateKeyLoadA
PvkPrivateKeyLoadFromMemory
PvkPrivateKeyLoadFromMemoryA
PvkPrivateKeyReleaseContext
PvkPrivateKeyReleaseContextA
PvkPrivateKeySave
PvkPrivateKeySaveA
PvkPrivateKeySaveToMemory
PvkPrivateKeySaveToMemoryA
SignError
SignerAddTimeStampResponse

cmutil

??0CIniA@@QAE@PAUHINSTANCE__@@PBD111@Z
??0CIniW@@QAE@PAUHINSTANCE__@@PBG111@Z
??0CRandom@@QAE@I@Z
??0CRandom@@QAE@XZ
??0CmLogFile@@QAE@XZ
??1CIniA@@QAE@XZ
??1CIniW@@QAE@XZ
??1CmLogFile@@QAE@XZ
??4CIniA@@QAEAAV0@ABV0@@Z
??4CIniW@@QAEAAV0@ABV0@@Z
??4CRandom@@QAEAAV0@ABV0@@Z
??0CIniA@@QAE@PAUHINSTANCE__@@PBD111@Z

hhsetup

??0CCollection@@QAE@XZ
??0CFIFOString@@QAE@XZ

Sections

code
Size: 1KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

RDBBS22
Size: 9KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RSRC
Size: 410KB - Virtual size: 412KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RelvC
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f4597b87a294c2d2f923c3d0d4245092

Headers

File Characteristics

Imports

msi

msvcrt

kernel32

mprapi

htui

httpapi

mssign32

cmutil

hhsetup

Sections

code Size: 1KB - Virtual size: 16KB

RDBBS22 Size: 9KB - Virtual size: 76KB

.RSRC Size: 410KB - Virtual size: 412KB

.RelvC Size: 512B - Virtual size: 4KB

code
Size: 1KB - Virtual size: 16KB

RDBBS22
Size: 9KB - Virtual size: 76KB

.RSRC
Size: 410KB - Virtual size: 412KB

.RelvC
Size: 512B - Virtual size: 4KB