9e8515b0d24179bc9799e3df066f3cce18914d739abc786a809e967ea1370d43

Sharing

Copy URL Twitter E-mail

General

Target

9e8515b0d24179bc9799e3df066f3cce18914d739abc786a809e967ea1370d43
Size

147KB
MD5

6a547d30b3cf0b163cd394b16af22219
SHA1

bc54a9f6c6274d3425c9baea34052d2637909ab6
SHA256

9e8515b0d24179bc9799e3df066f3cce18914d739abc786a809e967ea1370d43
SHA512

56a7820a94a7e1e7fc7c36fe1842e811ed54437c072b65584c2dcf6c193895aa3bc4cdae7ef28580e0b0e40613da7e745d285d36d09771e4cc7cc1f2edbe155b
SSDEEP

3072:S9nCkh+ZiAogLZ7qa28uixDWlFxVv8vNVl5BvHWNUtBEHaBb+WRdJ:S5Ckh+QAFtq75SMFxtANJNHWNUtzZ

Score

N/A

Malware Config

Signatures

Files

9e8515b0d24179bc9799e3df066f3cce18914d739abc786a809e967ea1370d43
.exe windows x86

2480fa2df410ee9825aa9525dc6b7ebf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mtxoci

ocan
odescr
odefin
MTxOciRegisterCursor
MTxolog
obndrn
orol
oexn
ocof
oopen
oermsg
MTxOciInit
oopt
oclose
oparse
ocom
oerhms
ofetch
oflng
obindps
Enlist
ofen
osetpi
oexec
oexfet
ogetpi
obndra
ocon
obndrv
olog

msvcrt

__set_app_type
_endthread
__getmainargs
_mbctolower
getc
_get_osfhandle
_Getmonths
fputws
system
vfwprintf
_ismbcpunct
exit
_ismbbpunct
swscanf
_strnicoll
fgetpos
_chgsign
_wcstoi64
_callnewh
wcsspn
_mbsdec
_EH_prolog
fscanf
ceil
towupper
wcspbrk
__p__commode
_seh_longjmp_unwind
_nextafter
longjmp
_wfopen

user32

MessageBoxW
EndDialog

atmlib

ATMFontAvailableA
ATMGetOutline
ATMGetGlyphListA
ATMGetBuildStr
ATMRemoveFontA
ATMClient
ATMGetNtmFieldsA
ATMFontStatusW
ATMSetFlags
ATMAddFontExW
ATMGetPostScriptNameW
ATMEnumMMFontsA
ATMGetVersionExW
ATMEnumFontsA

atl

AtlDevModeW2A
AtlModuleGetClassObject
AtlIPersistStreamInit_Load
AtlModuleRevokeClassObjects
AtlModuleTerm
AtlAxGetHost
AtlModuleAddCreateWndData
AtlHiMetricToPixel
AtlModuleUpdateRegistryFromResourceD
AtlPixelToHiMetric
AtlModuleUnRegisterTypeLib
AtlModuleRegisterWndClassInfoW
AtlAxAttachControl
AtlModuleRegisterClassObjects
AtlUnadvise
AtlAxDialogBoxA
AtlModuleUnregisterServer
AtlAxDialogBoxW
AtlGetVersion
AtlModuleInit
AtlModuleExtractCreateWndData
AtlModuleUnregisterServerEx
AtlIPersistPropertyBag_Load
AtlModuleRegisterWndClassInfoA
AtlGetObjectSourceInterface
AtlWaitWithMessageLoop

kernel32

IsBadReadPtr
GetProcessWorkingSetSize
GetOEMCP
GetProcessTimes
FileTimeToSystemTime
SetEvent
VirtualUnlock
CancelDeviceWakeupRequest
RemoveDirectoryW
LoadLibraryW
CreateFileMappingA
UnmapViewOfFile
DeviceIoControl
BindIoCompletionCallback
GetProfileSectionA
DefineDosDeviceW
SetFileShortNameA
RtlZeroMemory
Heap32ListFirst
GetExitCodeProcess
HeapCreate
GlobalHandle
EnumCalendarInfoA
EnumSystemCodePagesA

msdart

?RemoveTail@CLockedDoubleList@@QAEQAVCListEntry@@XZ
?_TryWriteLock@CReaderWriterLock2@@AAE_NJ@Z
?SetDefaultSpinCount@CSmallSpinLock@@SGXG@Z
MpHeapFree
?SetSpinCount@CSpinLock@@QAE_NG@Z
?_H1@CLKRLinearHashTable@@ABEKK@Z
?GetDefaultSpinAdjustmentFactor@CFakeLock@@SGNXZ
?ReadUnlock@CCritSec@@QAEXXZ
?SetDefaultSpinCount@CSpinLock@@SGXG@Z
?MaxSize@CLKRHashTable@@QBEKXZ

shell32

SHGetMalloc

Sections

.text
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2480fa2df410ee9825aa9525dc6b7ebf

Headers

File Characteristics

Imports

mtxoci

msvcrt

user32

atmlib

atl

kernel32

msdart

shell32

Sections

.text Size: 91KB - Virtual size: 90KB

.rdata Size: 36KB - Virtual size: 36KB

.data Size: 13KB - Virtual size: 81KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 91KB - Virtual size: 90KB

.rdata
Size: 36KB - Virtual size: 36KB

.data
Size: 13KB - Virtual size: 81KB

.rsrc
Size: 4KB - Virtual size: 3KB