93b6e77d661200d05c3fec9150af7a9ecb863df784732582b90039fe0419ea4c

Sharing

Copy URL Twitter E-mail

General

Target

93b6e77d661200d05c3fec9150af7a9ecb863df784732582b90039fe0419ea4c
Size

39KB
MD5

89a28c9f7212ab61d04fbd68ecdda32b
SHA1

c4cc01161c645c7240b4e90ff0283de85a9ad32d
SHA256

93b6e77d661200d05c3fec9150af7a9ecb863df784732582b90039fe0419ea4c
SHA512

8b9076d6509bd392f77f261c9eb269979b6fd66526602ab88a57cb7faac86aecfa1ae768a8bfe14dff1b16587f7b2b380fe83be949d7af5ca215a10a4a3a611f
SSDEEP

768:FOh4eZgER7yI0tyAujRhy9QTssbBi2V5SfyebIW8tH57+VnnPJWJ7lce4SWwrzMB:SgER7yI2yAORhy9QosFBSfNctH57knnl

Score

N/A

Malware Config

Signatures

Files

93b6e77d661200d05c3fec9150af7a9ecb863df784732582b90039fe0419ea4c
.exe windows x86

5ddae8d6461c23d88540f80aa82f1d58

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mprapi

MprConfigTransportDelete
MprAdminMIBBufferFree
MprAdminInterfaceGetHandle
MprAdminInterfaceCreate
MprInfoBlockAdd
MprAdminServerConnect
MprInfoBlockRemove
MprAdminInterfaceDisconnect
MprConfigServerRestore
MprGetUsrParams
MprAdminUserServerConnect
MprAdminTransportSetInfo
MprAdminInterfaceQueryUpdateResult
MprAdminPortEnum
MprConfigServerRefresh
MprConfigInterfaceTransportAdd
MprAdminInterfaceGetInfo
MprAdminInterfaceSetInfo
MprAdminInterfaceTransportRemove
MprAdminInterfaceConnect
MprAdminPortDisconnect
MprAdminMIBEntryGet
MprAdminMIBEntryDelete
MprAdminInterfaceUpdateRoutes

oleaut32

VarI1FromDec
VarCyFromI8
VarUI2FromDate
VarUI2FromI2
VarI8FromDate
VarBoolFromI4
VarDecRound
VarDateFromUdateEx
OleCreatePictureIndirect
VarDecFromI1
VarCyFromUI1
VarI4FromDisp
SystemTimeToVariantTime
VarUI1FromR8
CreateErrorInfo
VarBoolFromR8
VarR8FromR4
LPSAFEARRAY_Marshal
VarBoolFromI1
SafeArrayUnaccessData
VarI8FromUI8

catsrvut

??4CComPlusMethod@@QAEAAV0@ABV0@@Z
??_7CComPlusInterface@@6B@
??_7CComPlusObject@@6B@
??_7CComPlusMethod@@6B@
??0CComPlusMethod@@QAE@ABV0@@Z
QueryUserDllW
StartMTSTOCOM
RunMTSToCom
COMPlusUninstallActionW
??1CComPlusInterface@@UAE@XZ
FindAssemblyModulesW
RegDBBackup
??4CComPlusTypelib@@QAEAAV0@ABV0@@Z
??_7CComPlusComponent@@6B@
??0CComPlusComponent@@QAE@ABV0@@Z
??4CComPlusInterface@@QAEAAV0@ABV0@@Z

kernel32

lstrcat
GetLocaleInfoW
LocalAlloc
GetLocalTime
IsBadHugeReadPtr
LoadLibraryA
EnumLanguageGroupLocalesW
VirtualAlloc
SetCurrentDirectoryW
RemoveLocalAlternateComputerNameW
DosPathToSessionPathW
OpenSemaphoreW
CreateFileMappingW
SetFileShortNameW
GetPrivateProfileIntW
CreateTimerQueue
IsValidLocale
GetStartupInfoA
GetShortPathNameA
OpenWaitableTimerA
SetLocalPrimaryComputerNameA
GetTapePosition
GetConsoleInputWaitHandle
QueryPerformanceFrequency
EnumUILanguagesA
GetUserDefaultUILanguage
RegisterWowBaseHandlers
EnumUILanguagesW
DebugActiveProcess
CreateDirectoryExA
GetFileAttributesA
ReplaceFile
GetSystemTimeAsFileTime
DosDateTimeToFileTime
GlobalAlloc
PostQueuedCompletionStatus
GetCommandLineW
VerifyVersionInfoW
ActivateActCtx
EnumSystemCodePagesW
SignalObjectAndWait
lstrcpyA
UnlockFile

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ddae8d6461c23d88540f80aa82f1d58

Headers

DLL Characteristics

File Characteristics

Imports

mprapi

oleaut32

catsrvut

kernel32

Sections

.text Size: 30KB - Virtual size: 30KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 42KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 30KB - Virtual size: 30KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 42KB

.rsrc
Size: 1KB - Virtual size: 1KB