ad912a2ea79e75c8247e2f7aa2f228a0f6ff9d08a5ecaadba897907beb32483f

Sharing

Copy URL Twitter E-mail

General

Target

ad912a2ea79e75c8247e2f7aa2f228a0f6ff9d08a5ecaadba897907beb32483f
Size

832KB
MD5

e78be06d2ead2cd8ede3451fdbab40d4
SHA1

4d242693896a0e63d9d1ae3218cb0d8cee3d8974
SHA256

ad912a2ea79e75c8247e2f7aa2f228a0f6ff9d08a5ecaadba897907beb32483f
SHA512

e9b5848fc8502c66d1c11ac5fe345bb34e70317625d09721c923398fe6df041deaf88c1f1bb790cf4665760ecb2e372687549254ea92b8383749e932c2fbbbcb
SSDEEP

24576:gXbbzZmPVDBF5SsSuf1vlqZ3/qrfcI7IIaj:obbOFF5Nf2BSrfcI

Score

N/A

Malware Config

Signatures

Files

ad912a2ea79e75c8247e2f7aa2f228a0f6ff9d08a5ecaadba897907beb32483f
.exe windows x86

703a1fa6a631489b6da12d741953f8dd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_ismbcspace
__set_app_type
_ismbcl2
_wtoi64
_execve
_heapused
feof
_mbctokata
__p___wargv
isleadbyte
??0bad_typeid@@QAE@PBD@Z
fscanf
_chkesp
__winitenv
__uncaught_exception
__getmainargs
exit
_mbsnextc
_adj_fdiv_m32
time
__p__commode
__STRINGTOLD
wcspbrk

wininet

UpdateUrlCacheContentPath
InternetReadFileExA
FtpFindFirstFileA
HttpSendRequestExA
GetUrlCacheGroupAttributeA
HttpOpenRequestA
InternetShowSecurityInfoByURL
InternetCheckConnectionW
InternetShowSecurityInfoByURLA
InternetSetCookieA
FindFirstUrlCacheEntryW
InternetGetCookieW
InternetSetCookieExW
FtpCreateDirectoryA
SetUrlCacheGroupAttributeA
CommitUrlCacheEntryA
GopherCreateLocatorA

hid

HidP_GetSpecificButtonCaps
HidP_GetValueCaps
HidD_GetInputReport
HidD_GetProductString
HidP_UnsetUsages
HidD_Hello
HidP_SetUsages
HidP_UsageListDifference
HidD_GetPhysicalDescriptor
HidP_GetLinkCollectionNodes
HidD_SetNumInputBuffers
HidP_GetCaps
HidP_SetUsageValueArray
HidP_GetUsageValueArray
HidD_GetMsGenreDescriptor
HidD_SetFeature
HidD_GetNumInputBuffers
HidP_GetExtendedAttributes
HidD_GetFeature
HidP_SetData
HidP_GetUsagesEx
HidP_GetScaledUsageValue
HidP_InitializeReportForID
HidD_GetPreparsedData
HidD_GetConfiguration
HidD_GetHidGuid

mapistub

cmc_list
MAPIFindNext
CreateTable@36
OpenTnefStreamEx@32
GetAttribIMsgOnIStg@12
MAPIUninitialize
MAPIDetails
ScInitMapiUtil@4
SwapPword@8
FPropExists@8
OpenIMsgOnIStg@44
MAPIAllocateBuffer@8
OpenTnefStream
MAPIAllocateMore@12
EncodeID@12
HexFromBin@12

kernel32

LoadLibraryW
MoveFileWithProgressA
ActivateActCtx
GetTickCount
FlushViewOfFile
QueryActCtxW
GetFullPathNameA
RequestWakeupLatency
SetLastError
TryEnterCriticalSection
GetUserDefaultLCID
CreateNamedPipeA
Module32NextW
SetUserGeoID
GetOEMCP
GetProfileIntA
_lread
SetCommState
GetPrivateProfileIntA
SetThreadLocale

user32

EndDialog
MessageBoxA

mfc42u

?classCCachedDataPathProperty@CCachedDataPathProperty@@2UCRuntimeClass@@B
?classCDataPathProperty@CDataPathProperty@@2UCRuntimeClass@@B
DllUnregisterServer
DllRegisterServer
DllCanUnloadNow
DllGetClassObject

shell32

SHGetMalloc

iccvid

DriverProc

Sections

.text
Size: 397KB - Virtual size: 396KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 173KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 154KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 956B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

703a1fa6a631489b6da12d741953f8dd

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

wininet

hid

mapistub

kernel32

user32

mfc42u

shell32

iccvid

Sections

.text Size: 397KB - Virtual size: 396KB

.rdata Size: 105KB - Virtual size: 105KB

.data Size: 173KB - Virtual size: 1.5MB

.rsrc Size: 154KB - Virtual size: 153KB

.reloc Size: 1024B - Virtual size: 956B

.text
Size: 397KB - Virtual size: 396KB

.rdata
Size: 105KB - Virtual size: 105KB

.data
Size: 173KB - Virtual size: 1.5MB

.rsrc
Size: 154KB - Virtual size: 153KB

.reloc
Size: 1024B - Virtual size: 956B