77f25c0ec5a18216ebcb9cbeb79d3d86c043ed5b5697c9d71feb8f9ce2e23080

Sharing

Copy URL Twitter E-mail

General

Target

77f25c0ec5a18216ebcb9cbeb79d3d86c043ed5b5697c9d71feb8f9ce2e23080
Size

829KB
MD5

4c2fcf76e73c7a360b9eb35a56d55427
SHA1

fd1ba6e30ae026546b61ca3d315be60803f4c92f
SHA256

77f25c0ec5a18216ebcb9cbeb79d3d86c043ed5b5697c9d71feb8f9ce2e23080
SHA512

589c53db20365fe8b8f2bdb5900fa2aa940ee7e47da2bd34c59d3745537c12e24c69cbdeeebe2cf3dc0965d68dbd000b40cb0aafe2bd69d73380726aeaec259a
SSDEEP

12288:6HqcjrvVF9rG+7HtRCxv/D37YDw7PAbLKTnqktx0sJ53I2oFdGriNqKThJt64FP:6KetFtGA7C9/b7YDsptasn2WiNJBN

Score

N/A

Malware Config

Signatures

Files

77f25c0ec5a18216ebcb9cbeb79d3d86c043ed5b5697c9d71feb8f9ce2e23080
.exe windows x86

e70c98b9838668f7b1785a3c4a0b4759

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscms

SetStandardColorSpaceProfileA
InternalGetDeviceConfig
TranslateColors
SetColorProfileElementSize
DisassociateColorProfileFromDeviceW
GetColorProfileHeader
SetStandardColorSpaceProfileW
GetPS2ColorSpaceArray
CreateColorTransformA
GetNamedProfileInfo
UninstallColorProfileW
GenerateCopyFilePaths

kernel32

SetTermsrvAppInstallMode
GetTimeFormatW
lstrcatW
CopyFileExW
LZStart
EnumDateFormatsA
ReadConsoleInputExA
GetProcAddress
Heap32ListNext
WriteFileGather
SetCurrentDirectoryA
GlobalFindAtomW
Thread32First
LoadLibraryW
BaseUpdateAppcompatCache
DnsHostnameToComputerNameA
IsBadHugeWritePtr
OutputDebugStringA
SetLastError
lstrlenW
SearchPathA
HeapCompact
RtlFillMemory
LocalUnlock
CreatePipe
GetProfileStringA
HeapUnlock
CreateDirectoryA
InterlockedExchangeAdd
AreFileApisANSI
MapUserPhysicalPages
ConnectNamedPipe
BaseDumpAppcompatCache
OpenEventA
LoadLibraryExW
GetCalendarInfoA
GetThreadLocale
OpenMutexW
SetConsoleDisplayMode
SetTimerQueueTimer
GetCommConfig
GetNumaProcessorNode

dbnetlib

ConnectionClose
TermSession
ConnectionFlushCache
ConnectionGetSvrUser
ConnectionSqlVer
ConnectionVer
ConnectionError
ConnectionServerEnumW
ConnectionOpen
ConnectionMode
ConnectionOpenW
GetNextEnumeration
ConnectionErrorW
CloseEnumServers
GenClientContext
ConnectionServerEnum
ConnectionWrite
TermSSPIPackage
InitSSPIPackage
ConnectionObjectSize

user32

RegisterRawInputDevices
AttachThreadInput
SetMenuItemInfoA
DdeGetLastError
CreateCursor
DdeCreateStringHandleW
GetClipboardFormatNameW
DisplayExitWindowsWarnings
ResolveDesktopForWOW
LoadIconW
TranslateMDISysAccel

imm32

ImmCreateSoftKeyboard
ImmLockClientImc
ImmGetDescriptionW
ImmGetIMEFileNameW
ImmGetIMEFileNameA
ImmGetCandidateListW
ImmUnregisterWordA
ImmConfigureIMEW
ImmUnlockClientImc
ImmGetImeMenuItemsW
ImmSetActiveContextConsoleIME
ImmGetCandidateWindow
ImmSetCandidateWindow
ImmSendIMEMessageExW
ImmAssociateContextEx
ImmGetVirtualKey
ImmDisableIme
ImmReleaseContext
ImmGetDefaultIMEWnd
ImmIMPQueryIMEW
ImmGetIMCCSize
ImmIsIME
ImmGetCandidateListCountA
ImmRequestMessageA
ImmIsUIMessageA

wintrust

WTHelperGetKnownUsages
WTHelperGetFileHash
WVTAsn1SpcIndirectDataContentDecode
CryptCATEnumerateAttr
WintrustCertificateTrust
CryptSIPGetRegWorkingFlags
WintrustRemoveActionID
WVTAsn1SpcMinimalCriteriaInfoDecode
OfficeCleanupPolicy

Sections

.text
Size: 395KB - Virtual size: 395KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 189KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 892B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e70c98b9838668f7b1785a3c4a0b4759

Headers

DLL Characteristics

File Characteristics

Imports

mscms

kernel32

dbnetlib

user32

imm32

wintrust

Sections

.text Size: 395KB - Virtual size: 395KB

.rdata Size: 106KB - Virtual size: 106KB

.data Size: 189KB - Virtual size: 1.5MB

.rsrc Size: 136KB - Virtual size: 136KB

.reloc Size: 1024B - Virtual size: 892B

.text
Size: 395KB - Virtual size: 395KB

.rdata
Size: 106KB - Virtual size: 106KB

.data
Size: 189KB - Virtual size: 1.5MB

.rsrc
Size: 136KB - Virtual size: 136KB

.reloc
Size: 1024B - Virtual size: 892B