6dc884f3338c282c9163489bebcd35460ea6fc56d29860e300908d01991c63a8

Sharing

Copy URL Twitter E-mail

General

Target

6dc884f3338c282c9163489bebcd35460ea6fc56d29860e300908d01991c63a8
Size

80KB
MD5

f24e9a86f17d06a198f7e06fca1506f7
SHA1

fb1f6e7af8516a8f6d5dc35016db2f2d8c1b91d4
SHA256

6dc884f3338c282c9163489bebcd35460ea6fc56d29860e300908d01991c63a8
SHA512

aea84bd54be393d8706c3768eb4486cb48519fc4f5857b3df8692af4a97f3cb8e6b8215588e55d149fb7e52db27601547d3d188eda8fb16fce7d354f19b12a6d
SSDEEP

768:S99Y7uskb9io5Qb+all+a8gnLPgPleI5SWzIdna6Jp4Xn7cthvEqojVlChD1WtM3:PucOslnnj0oI5SgabJKLuEeN193

Score

N/A

Malware Config

Signatures

Files

6dc884f3338c282c9163489bebcd35460ea6fc56d29860e300908d01991c63a8
.exe windows x86

05426cbb816670777601f030a683d046

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mpr

WNetGetUserA
WNetDirectoryNotifyA
WNetSetConnectionA
WNetGetPropertyTextW
WNetGetLastErrorA
I_MprSaveConn
WNetFormatNetworkNameA
WNetGetUserW
WNetConnectionDialog
WNetGetNetworkInformationA
WNetAddConnection3W
WNetSetConnectionW
WNetSetLastErrorW
WNetCancelConnectionW
WNetCloseEnum
WNetAddConnectionA
WNetUseConnectionW
WNetAddConnectionW
WNetSetLastErrorA
WNetConnectionDialog1W
WNetUseConnectionA
MultinetGetConnectionPerformanceW
WNetGetDirectoryTypeA
WNetDisconnectDialog1A
WNetSupportGlobalEnum
WNetGetUniversalNameW

kernel32

FindAtomW
LocalReAlloc
CreateProcessInternalA
GlobalUnlock
GetCurrentThread
WriteFileGather
MapViewOfFile
BaseInitAppcompatCacheSupport
GetEnvironmentVariableA
FindFirstVolumeMountPointA
InitializeCriticalSection
GetConsoleTitleA
RestoreLastError
LoadLibraryA
GetThreadTimes
CreateDirectoryExA
LocalAlloc
CreateTimerQueue
SetLocalTime
GetNumaAvailableMemoryNode
LoadLibraryExW
SetProcessAffinityMask
GetVolumePathNamesForVolumeNameW
SetErrorMode
SetLastConsoleEventActive
GetMailslotInfo
SetTapeParameters
SetUnhandledExceptionFilter
GlobalFlags
VirtualAlloc
GetStartupInfoA
SetStdHandle
HeapCreate
FoldStringW
GetPrivateProfileIntA
IsBadReadPtr
SetConsoleTitleW

mscat32

CryptCATGetAttrInfo
CryptCATAdminAcquireContext
CryptCATCDFEnumMembersByCDFTag
CryptCATCDFEnumCatAttributes
CryptCATCDFEnumMembersByCDFTagEx
CryptCATAdminEnumCatalogFromHash
CryptCATPutCatAttrInfo
CryptCATPersistStore
CryptCATAdminCalcHashFromFileHandle
CryptCATCDFEnumAttributesWithCDFTag
CryptCATEnumerateAttr
CatalogCompactHashDatabase
IsCatalogFile
CryptCATCDFOpen
CryptCATGetMemberInfo
CryptCATVerifyMember
MsCatFreeHashTag
CryptCATEnumerateCatAttr
CryptCATCDFClose
CryptCATClose
CryptCATAdminAddCatalog
CryptCATPutAttrInfo
CryptCATCatalogInfoFromContext
CryptCATAdminReleaseContext
CryptCATOpen
CryptCATCDFEnumAttributes
MsCatConstructHashTag

gdi32

EngLockSurface
GetPolyFillMode
GetFontAssocStatus
GdiCleanCacheDC
SetViewportExtEx
WidenPath
GdiConvertBrush
GetLogColorSpaceW
GdiAlphaBlend
OffsetRgn
DdEntry22
GetOutlineTextMetricsW
GetRegionData
GetBitmapDimensionEx
DdEntry15
EnableEUDC
GdiEntry8
CreateDiscardableBitmap
ExtEscape
DdEntry48
gdiPlaySpoolStream
GetBrushOrgEx
GetObjectW
PATHOBJ_vEnumStart
EngQueryEMFInfo
GdiSetServerAttr
DdEntry13
DeleteMetaFile
HT_Get8BPPFormatPalette
DdEntry14
PathToRegion
CreateSolidBrush
bInitSystemAndFontsDirectoriesW

pdh

PdhBrowseCountersHW
PdhBindInputDataSourceA
PdhEnumMachinesA
PdhGetFormattedCounterArrayA
PdhGetRawCounterArrayA
PdhVbIsGoodStatus
PdhCalculateCounterFromRawValue
PdhGetCounterInfoW
PdhBindInputDataSourceW
PdhTranslateLocaleCounterW
PdhOpenQueryA
PdhSetDefaultRealTimeDataSource
PdhVbGetDoubleCounterValue
PdhAdd009CounterA
PdhEnumLogSetNamesA
PdhLookupPerfIndexByNameW
PdhBrowseCountersW
PdhGetDefaultPerfObjectHA
PdhEnumObjectItemsHW
PdhParseCounterPathW
PdhParseInstanceNameW
PdhEnumObjectItemsA
PdhGetLogFileTypeA
PdhRelogA
PdhVbGetCounterPathElements
PdhEnumObjectsHW
PdhRelogW

Sections

.text
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

maymncm
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

05426cbb816670777601f030a683d046

Headers

DLL Characteristics

File Characteristics

Imports

mpr

kernel32

mscat32

gdi32

pdh

Sections

.text Size: 42KB - Virtual size: 41KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 296B

.rsrc Size: 29KB - Virtual size: 31KB

maymncm Size: - Virtual size: 4KB

.text
Size: 42KB - Virtual size: 41KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 296B

.rsrc
Size: 29KB - Virtual size: 31KB

maymncm
Size: - Virtual size: 4KB