678af150c197ff3edd796084cefefa959eb97c1ad4f6a9a1440847133e74660c

Sharing

Copy URL

Twitter E-mail

General

Target

678af150c197ff3edd796084cefefa959eb97c1ad4f6a9a1440847133e74660c
Size

49KB
MD5

8395d1169df63d17930878210ac94558
SHA1

857c4f9d26fc90cbaf08792c8f029d05d4ddd487
SHA256

678af150c197ff3edd796084cefefa959eb97c1ad4f6a9a1440847133e74660c
SHA512

57860309b6e3cf43aebfe59d2a437c50fd5a2ada6e79b0b8e0586ac14ef6364be1175761fc72d791024dd6347a161ae1ecc83f68c894bf6f5889630354e73d54
SSDEEP

768:rfgOwrwXXL0zcJWJTG1a6wQGhGfTfIlo0xYqCJPAWZiIQIneFikTgYrxRKHR4X:rfTOE7Lcy1a6wQGgrwlo/9ZdnFEERY

Score

N/A

Malware Config

Signatures

Files

678af150c197ff3edd796084cefefa959eb97c1ad4f6a9a1440847133e74660c
.exe windows x86

a82408b5d6acde95f4e2ec997c0ed8ee

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mfcsubs

??ACStringArray@@QBE?AVCString@@H@Z
?LookupKey@CMapStringToPtr@@QBEHPBGAAPBG@Z
??0CSyncObject@@QAE@PBG@Z
??0CString@@QAE@PBGH@Z
?InsertAt@CStringArray@@QAEXHPAV1@@Z
??O@YG_NABVCString@@0@Z
??O@YG_NPBGABVCString@@@Z
?SpanIncluding@CString@@QBE?AV1@PBG@Z
?Compare@CString@@QBEHPBG@Z
??ACMapStringToPtr@@QAEAAPAXPBG@Z
?FormatMessageW@CString@@QAAXPBGZZ
??N@YG_NABVCString@@PBG@Z
??4CString@@QAEABV0@PBE@Z
?GetUpperBound@CStringArray@@QBEHXZ
?Right@CString@@QBE?AV1@H@Z
?AfxExtractSubString@@YGHAAVCString@@PBGHG@Z
?ConcatCopy@CString@@IAEXHPBGH0@Z
?GetAt@CString@@QBEGH@Z
??BCSyncObject@@QBEPAXXZ
?RemoveAll@CMapStringToPtr@@QAEXXZ
?Format@CString@@QAAXPBGZZ
?FormatMessageW@CString@@QAAXIZZ
??1CMapStringToPtr@@UAE@XZ
??8@YG_NABVCString@@PBG@Z

ole32

CoTaskMemFree
OleCreate
HBITMAP_UserMarshal
CoTreatAsClass
StgSetTimes
CreateStdProgressIndicator
CoInstall
STGMEDIUM_UserSize
OleNoteObjectVisible
HPALETTE_UserUnmarshal
OleCreateFromFileEx
OleRegEnumFormatEtc
CoGetPSClsid
GetHookInterface
CoPopServiceDomain
GetDocumentBitStg
PropVariantCopy
CoQueryProxyBlanket

mscat32

CryptCATAdminAcquireContext
CryptCATStoreFromHandle
CryptCATAdminEnumCatalogFromHash
CryptCATCDFEnumMembersByCDFTagEx
CryptCATGetCatAttrInfo
CryptCATAdminReleaseContext
CryptCATCatalogInfoFromContext
CryptCATCDFEnumCatAttributes
CryptCATGetMemberInfo
CryptCATHandleFromStore
CryptCATVerifyMember
CryptCATAdminReleaseCatalogContext
CryptCATCDFEnumAttributesWithCDFTag
CryptCATEnumerateMember
CryptCATClose
IsCatalogFile
CryptCATCDFEnumAttributes
CryptCATPersistStore
CryptCATCDFClose
MsCatFreeHashTag
CatalogCompactHashDatabase
CryptCATGetAttrInfo
MsCatConstructHashTag

kernel32

IsDebuggerPresent
GetSystemDefaultUILanguage
EnumLanguageGroupLocalesA
VirtualAlloc
ActivateActCtx
GetEnvironmentStringsW
FillConsoleOutputCharacterA
EscapeCommFunction
IsValidLocale
RegisterWowBaseHandlers
lstrcmpiA
WriteConsoleOutputW
IsValidCodePage
InitializeCriticalSection
GetVersionExW
GetConsoleAliasesA
_lwrite
OutputDebugStringA
ReadConsoleW
ChangeTimerQueueTimer
GetTapeParameters
SetLastError
GetConsoleAliasExesW
ExitProcess
LoadLibraryA
SetConsoleOS2OemFormat

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a82408b5d6acde95f4e2ec997c0ed8ee

Headers

DLL Characteristics

File Characteristics

Imports

mfcsubs

ole32

mscat32

kernel32

Sections

.text Size: 40KB - Virtual size: 40KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 40KB - Virtual size: 40KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 1KB