ae4b8327c0feebe1652859cac652c9423edd3a5faafe76c7cc676b4a896b5011

Sharing

Copy URL Twitter E-mail

General

Target

ae4b8327c0feebe1652859cac652c9423edd3a5faafe76c7cc676b4a896b5011
Size

169KB
MD5

9462bbc2efa04f4ed09bf6c1c68c2c80
SHA1

569affa00dce108a9c0342ccbdac24bc4626c26a
SHA256

ae4b8327c0feebe1652859cac652c9423edd3a5faafe76c7cc676b4a896b5011
SHA512

4cfc1f191011162bf1e5156fde581e126abe6d96ea59d822d6d7fbbe5915a1cf6126c305a87739217e4c0f263ffbb104f099c11fef993fc2c8b0358317c6cf68
SSDEEP

3072:0tSXcPPllS14EQSbHzcg2/D756SmbSsoGIMsNOzNSnUMqx8Ne+:oJPPr22Ezc9/PsWMsNOZSnUM7

Score

N/A

Malware Config

Signatures

Files

ae4b8327c0feebe1652859cac652c9423edd3a5faafe76c7cc676b4a896b5011
.exe windows x86

b7a5832e6fd01e4a0bbf0fa66244beb7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msdart

?s_aBucketSizes@?1??BucketSizes@CLKRHashTableStats@@SGPBJXZ@4QBJB
?SetSpinCount@CReaderWriterLock2@@QAE_NG@Z
?GetDefaultSpinCount@CFakeLock@@SGGXZ
?Apply@CLKRHashTable@@QAEKP6G?AW4LK_ACTION@@PBXPAX@Z1W4LK_LOCKTYPE@@@Z
?GetDefaultSpinAdjustmentFactor@CCritSec@@SGNXZ
?_Lock@CSpinLock@@AAEXXZ
?WriteUnlock@CCritSec@@QAEXXZ
?IsReadLocked@CCritSec@@QBE_NXZ
?BucketSize@CLKRHashTableStats@@SGJJ@Z
?Clear@CLKRLinearHashTable@@QAEXXZ
?IsWin9x@CMdVersionInfo@@SAHXZ
??1CSpinLock@@QAE@XZ
?ReadOrWriteUnlock@CCritSec@@QAEX_N@Z
?DeleteIf@CLKRHashTable@@QAEKP6G?AW4LK_PREDICATE@@PBXPAX@Z1@Z
??0CLockedDoubleList@@QAE@XZ
MpGetHeapHandle
?_InsertThisIntoGlobalList@CLKRLinearHashTable@@AAEXXZ
?_SubTable@CLKRHashTable@@ABEPAVCLKRLinearHashTable@@K@Z
?IsWriteUnlocked@CLKRLinearHashTable@@QBE_NXZ
?RemoveEntry@CLockedDoubleList@@QAEXQAVCListEntry@@@Z
mpFree
??4CSingleList@@QAEAAV0@ABV0@@Z
??0CSmallSpinLock@@QAE@XZ
?_CmpExch@CReaderWriterLock3@@AAE_NJJ@Z
?InsertHead@CDoubleList@@QAEXQAVCListEntry@@@Z
?GetDefaultSpinAdjustmentFactor@CReaderWriterLock@@SGNXZ
MpHeapReAlloc
?_TryWriteLock2@CReaderWriterLock3@@AAE_NXZ
?_TryLock@CSpinLock@@AAE_NXZ
?Last@CDoubleList@@QBEQAVCListEntry@@XZ
?ConvertExclusiveToShared@CReaderWriterLock3@@QAEXXZ
?sm_wDefaultSpinCount@CFakeLock@@1GA
?WriteLock@CCritSec@@QAEXXZ

kernel32

SetVolumeMountPointW
LocalAlloc
SetThreadContext
GetCurrentThread
GetConsoleKeyboardLayoutNameW
ScrollConsoleScreenBufferW
LoadModule
IsBadCodePtr
CreateSemaphoreA
GetConsoleAliasExesLengthW
RemoveLocalAlternateComputerNameW
TzSpecificLocalTimeToSystemTime
SetConsoleInputExeNameW
VirtualAlloc
GetUserDefaultLCID
EnumerateLocalComputerNamesA
DeleteTimerQueueTimer
GetComputerNameExW
GetModuleHandleW
EnumCalendarInfoA
GetLongPathNameA
GlobalMemoryStatusEx
SetLocalPrimaryComputerNameW
DeleteFileA
LoadLibraryA
GetBinaryTypeW
GetFileAttributesExA
OpenConsoleW
Module32Next
CreateMailslotA
EnumDateFormatsW
SetLastConsoleEventActive
TlsSetValue
IsBadHugeReadPtr
GlobalHandle
GetConsoleNlsMode
FoldStringA
GetCommState
GetProcessShutdownParameters
SetComputerNameExA
CreateEventW
HeapSetInformation
BackupWrite

oleaut32

VarNeg
VarI1FromI2
SysAllocStringLen
VarCyFix
SafeArrayCreate
VarUI2FromUI8
VarDecFromI2
VarCyFromUI1
VarUI8FromR4
VarCyMulI4
UnRegisterTypeLib
VarR4FromCy
VarBoolFromUI2
VarUI4FromI4
VarDateFromI1
DispGetParam
SafeArraySetRecordInfo
VarUI4FromI8
VarI1FromI4
VarUI1FromStr
VarCyRound
VarUI4FromBool
VarDecFromUI2
BstrFromVector
SafeArrayLock
SysReAllocStringLen
VarCyMul
VarR4FromDate
VarDecFromBool
VariantTimeToDosDateTime
VarR4CmpR8
VarIdiv
VarI4FromUI4
OleTranslateColor
VarUI4FromR4
VarR8Pow
VarI2FromI8
SafeArrayCopyData
VarUI1FromUI4
VarBstrCat
VarI4FromR4
VarBoolFromI8
VarBstrFromDate
VarUI2FromI2
LoadRegTypeLib
OleLoadPicture
VarDateFromI4
VarUI2FromI1
VarR4FromBool
SafeArrayGetRecordInfo
VariantChangeTypeEx
VarCyAdd
SafeArrayRedim
VarDecNeg
LPSAFEARRAY_Unmarshal
VarTokenizeFormatString
GetErrorInfo
VarCyFromStr
VarDateFromR8
VarBoolFromDec
VariantClear
VarUI8FromUI4
VarDecCmp
VarUI1FromCy
ClearCustData
VarCySub
VarDateFromUdate
SafeArrayGetElement
SafeArrayPtrOfIndex

user32

LoadStringW
GetRawInputDeviceList
PrivateExtractIconExW
DrawIcon
FindWindowExA
LoadKeyboardLayoutA
DlgDirSelectComboBoxExA
RegisterWindowMessageW
GetPropA
RegisterMessagePumpHook
GetScrollInfo
SetSystemMenu
ImpersonateDdeClientWindow
DrawCaptionTempA
SetWindowsHookA
CascadeWindows
SetWindowRgn
AlignRects
CharToOemA
GetUserObjectSecurity
GetShellWindow
GetSysColor
RegisterDeviceNotificationW
CharToOemW
WCSToMBEx
IMPGetIMEW
PostThreadMessageA
GetMessagePos
GetWindowTextLengthA
GetClassLongW
GetProcessWindowStation
OpenInputDesktop
LoadAcceleratorsW
TranslateMDISysAccel
PostThreadMessageW
MessageBoxExA
CharNextW
OemToCharBuffW
WinHelpW
EnumDisplaySettingsA
GetWindowPlacement
ShowStartGlass
GetDialogBaseUnits
DialogBoxParamW
GetDC
CreateWindowExA
CheckMenuRadioItem
GrayStringW
GetClassLongA
AllowForegroundActivation
UnregisterClassA
SetProgmanWindow
FindWindowExW
DdeGetLastError
IsDlgButtonChecked
SetShellWindowEx
GetMenuStringA
RegisterWindowMessageA
IsMenu
ModifyMenuA
PostQuitMessage

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 820B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7a5832e6fd01e4a0bbf0fa66244beb7

Headers

DLL Characteristics

File Characteristics

Imports

msdart

kernel32

oleaut32

user32

Sections

.text Size: 45KB - Virtual size: 44KB

.rdata Size: 31KB - Virtual size: 30KB

.data Size: 88KB - Virtual size: 253KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 1024B - Virtual size: 820B

.text
Size: 45KB - Virtual size: 44KB

.rdata
Size: 31KB - Virtual size: 30KB

.data
Size: 88KB - Virtual size: 253KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 1024B - Virtual size: 820B