57b48e322531b32231a89facf51cb10a8e816d9d270439fc323bdde28d04ba1c

Sharing

Copy URL Twitter E-mail

General

Target

57b48e322531b32231a89facf51cb10a8e816d9d270439fc323bdde28d04ba1c
Size

174KB
MD5

d8f0cfaf5cc5f306da01f14ba386bb31
SHA1

bf65129d63271a4334f862eb613724ee02066bca
SHA256

57b48e322531b32231a89facf51cb10a8e816d9d270439fc323bdde28d04ba1c
SHA512

f1267d8b7de46d31c0efb13b0772891f0ad57fbfcf2c8c15b3b27ad02e6141a92ce96aefc5c67b49bda0722605ae0893c34804623628b628837fbe7a269aa87e
SSDEEP

3072:wdiIeh8T48A2/yHTyH06BWJDq9C7nfKEBnyMixoLkgc74VYDaIQ+POt:Vd2/qyU6BWJDEC7nnzLtcuYDaIA

Score

N/A

Malware Config

Signatures

Files

57b48e322531b32231a89facf51cb10a8e816d9d270439fc323bdde28d04ba1c
.exe windows x86

b101db3dca472a6b87fb1faa2a979e83

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

?classCCachedDataPathProperty@CCachedDataPathProperty@@2UCRuntimeClass@@B
DllCanUnloadNow
?classCDataPathProperty@CDataPathProperty@@2UCRuntimeClass@@B
DllUnregisterServer
DllRegisterServer

inseng

CheckTrust
DownloadFile
DllGetClassObject
GetICifRWFileFromFile
GetICifFileFromFile

user32

GetWindowTextW
FindWindowW
GetWindowTextA
GetDesktopWindow
GetClientRect
GetForegroundWindow
GetWindowRect
FindWindowA

sqlwoa

_TranslateAccelerator@12
_GetTextMetrics@8
_CommDlg_OpenSave_GetFolderPath@12
_GetWindowTextLength@4
_StartDoc@8

msoeacct

GetDllMajorVersion
DllGetClassObject
HrCreateAccountManager
ValidEmailAddress
DllCanUnloadNow

shlwapi

StrStrIA
StrCSpnA
PathRemoveBlanksA
PathStripToRootA
PathFindExtensionA

powrprof

WritePwrScheme
LoadCurrentPwrScheme
SetActivePwrScheme
IsPwrSuspendAllowed
ReadGlobalPwrPolicy

hid

HidD_GetProductString
HidP_GetLinkCollectionNodes
HidD_GetPhysicalDescriptor
HidP_GetExtendedAttributes
HidP_GetData

kernel32

Thread32Next
TerminateProcess
VirtualAlloc
SetConsoleCursorPosition
lstrlenA

tapi32

lineCreateAgentW
lineDevSpecificFeature
phoneGetStatusW
phoneGetHookSwitch
lineGetAgentCapsW

Sections

.text
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b101db3dca472a6b87fb1faa2a979e83

Headers

DLL Characteristics

File Characteristics

Imports

mfc42

inseng

user32

sqlwoa

msoeacct

shlwapi

powrprof

hid

kernel32

tapi32

Sections

.text Size: 118KB - Virtual size: 118KB

.reloc Size: 2KB - Virtual size: 1KB

.data Size: 53KB - Virtual size: 65KB

.text
Size: 118KB - Virtual size: 118KB

.reloc
Size: 2KB - Virtual size: 1KB

.data
Size: 53KB - Virtual size: 65KB