82ea018697566bfbe34829f19eb75402fc102af7c275b7e23b3baf5fc104975d

Sharing

Copy URL Twitter E-mail

General

Target

82ea018697566bfbe34829f19eb75402fc102af7c275b7e23b3baf5fc104975d
Size

855KB
MD5

e4d447e7c3a654a0304033cd169e13e2
SHA1

179b936b004855d532f4568da598a527937988c0
SHA256

82ea018697566bfbe34829f19eb75402fc102af7c275b7e23b3baf5fc104975d
SHA512

1d4247872d96dcaeb905b07a86aeecd341d24da6b5ba65e94ce703df806a2cb886245e391d6493404d990285deadecaf43ff41d519fe39c2b7342e8b915aac7d
SSDEEP

24576:E9eNUXvXAo27gjrkYgysRhKRZSqMICPq9a:E9xvQo27gcbhKZJMIIq

Score

N/A

Malware Config

Signatures

Files

82ea018697566bfbe34829f19eb75402fc102af7c275b7e23b3baf5fc104975d
.exe windows x86

495295645d43728d00b93b5315eb6ac0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mfcsubs

?Unlock@CSyncObject@@UAEHJPAJ@Z
?FreeDataChain@CPlex@@QAEXXZ
??BCString@@QBEPBGXZ
??H@YG?AVCString@@DABV0@@Z
?Find@CString@@QBEHPBG@Z
??P@YG_NABVCString@@PBG@Z
??0CString@@QAE@PBE@Z
??BCSyncObject@@QBEPAXXZ
??9@YG_NABVCString@@PBG@Z
??0CString@@QAE@XZ
?GetData@CString@@IBEPAUCStringData@@XZ
?Lookup@CMapStringToPtr@@QBEHPBGAAPAX@Z
??0CString@@QAE@PBG@Z
?GetData@CStringArray@@QAEPAVCString@@XZ
??1CObject@@UAE@XZ
??9@YG_NABVCString@@0@Z
?AfxW2AHelper@@YGPADPADPBGH@Z
?RemoveAll@CMapStringToPtr@@QAEXXZ
??P@YG_NPBGABVCString@@@Z
?SpanExcluding@CString@@QBE?AV1@PBG@Z
?Release@CString@@IAEXXZ
??0CString@@QAE@PBGH@Z
??1CCriticalSection@@UAE@XZ
??M@YG_NPBGABVCString@@@Z

kernel32

GetConsoleCP
VirtualAlloc
IsValidLanguageGroup
RemoveDirectoryA
GetVDMCurrentDirectories
CreateHardLinkA
GetProfileSectionA
LoadLibraryA
ReplaceFileA
GlobalHandle
LZClose
GetCommMask
GetEnvironmentStringsW
CreateProcessInternalA
GetProcAddress
DeleteFileA
CancelWaitableTimer
CloseConsoleHandle
GetThreadSelectorEntry

ole32

CoUninitialize
ComPs_NdrDllCanUnloadNow
OleCreateLinkEx
StgCreateStorageEx
ProgIDFromCLSID
CoGetProcessIdentifier
CoRegisterPSClsid
StgGetIFillLockBytesOnFile
CreateClassMoniker
SNB_UserFree
CoInitializeWOW
OleSave
HDC_UserFree
StgPropertyLengthAsVariant
CoCreateFreeThreadedMarshaler
OleGetIconOfClass
ReadFmtUserTypeStg
CoInitializeEx
OleInitialize
OleRegGetMiscStatus
StgOpenStorageEx
CoGetContextToken
StgCreatePropStg
HMENU_UserFree
CLIPFORMAT_UserMarshal
OleFlushClipboard
StgIsStorageFile
DoDragDrop
CreateOleAdviseHolder
CoInstall
CoCancelCall
OleCreateFromDataEx
CoGetInstanceFromFile
OleCreateFromFile
StgOpenStorageOnHandle
CLIPFORMAT_UserFree
HACCEL_UserSize
HGLOBAL_UserUnmarshal
CoReactivateObject
OleSetAutoConvert

regapi

RegWinStationQueryEx
RegGetUserConfigFromUserParameters
RegDefaultUserConfigQueryW
RegWdEnumerateW
RegGetMachinePolicyEx
RegWdCreateW
RegCdEnumerateW
RegWinStationCreateW
RegPdQueryW
RegUserConfigSet
RegPdEnumerateA
RegWdDeleteA
RegConsoleShadowQueryA
RegWinStationEnumerateA
RegWinStationSetSecurityA
RegWinStationSetSecurityW
RegWinStationQuerySecurityA

msvcrt

_wfindfirst
__CxxLongjmpUnwind
getenv
_adj_fdiv_r
_wmktemp
_mbcjmstojis
_beginthreadex
_mbctolower
_wsetlocale
_ismbbkpunct
_cputws
__p__amblksiz
__iscsymf
_mbscoll
sin
_spawnv
puts
_execlpe
__crtGetStringTypeW
_ismbclower
_ismbcl2

Sections

.text
Size: 738KB - Virtual size: 738KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

495295645d43728d00b93b5315eb6ac0

Headers

DLL Characteristics

File Characteristics

Imports

mfcsubs

kernel32

ole32

regapi

msvcrt

Sections

.text Size: 738KB - Virtual size: 738KB

.rdata Size: 107KB - Virtual size: 107KB

.data Size: 5KB - Virtual size: 1.4MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 738KB - Virtual size: 738KB

.rdata
Size: 107KB - Virtual size: 107KB

.data
Size: 5KB - Virtual size: 1.4MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB