940211d035894cfb57cada1a0aad8a363a210bdebfbc55f3e2e30420779a0fc2

Sharing

Copy URL Twitter E-mail

General

Target

940211d035894cfb57cada1a0aad8a363a210bdebfbc55f3e2e30420779a0fc2
Size

44KB
MD5

b3abf6abaea0cc5d56efb30777893af9
SHA1

ff5947198d4bae531f1209ee2882f7345b05185b
SHA256

940211d035894cfb57cada1a0aad8a363a210bdebfbc55f3e2e30420779a0fc2
SHA512

0e267c9ef179866fb529c993e48ae0ad84d615886f475fafa54dbdbefc16bb2c9fa9a6fa7a2b9ddb281a034f7054cb2d6fcd340104dd103180f61fe588f5e37a
SSDEEP

768:Rp49sItvTw+ZRUdjVcxGRMVqqQqQ0db3WkBV/8J9xLhvhvhvebW:3csItvTvRUdjVccuVqqQJeb31BQ9xLEC

Score

N/A

Malware Config

Signatures

Files

940211d035894cfb57cada1a0aad8a363a210bdebfbc55f3e2e30420779a0fc2
.exe windows x86

270598bbed871a72f5dabbc11e198a2c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

olesvr32

DocWndProc
OleQueryServerVersion
OleRevokeObject
WEP
OleRevokeServerDoc
EnumForTerminate
OleUnblockServer
SendRenameMsg
OleSavedServerDoc
SrvrWndProc
ItemWndProc
OleRegisterServerDoc
OleRegisterServer
TerminateClients
OleRenameServerDoc
FindItemWnd

xolehlp

DtcGetTransactionManagerEx
DtcGetTransactionManagerExW
GetDtcLocaleResourceHandle
DtcGetTransactionManagerExA
DtcGetTransactionManagerC
DtcGetTransactionManager

wininet

UnlockUrlCacheEntryFile
InternetQueryDataAvailable
InternetSetCookieExW
SetUrlCacheEntryInfoA
InternetSetStatusCallbackA
InternetConfirmZoneCrossingW
InternetAutodial
FtpCreateDirectoryA
GetUrlCacheEntryInfoW
InternetTimeToSystemTimeW
InternetOpenUrlA
InternetSetPerSiteCookieDecisionW
FtpRenameFileA
ReadUrlCacheEntryStream
InternetGoOnline
GopherFindFirstFileW
InternetGetCertByURL
InternetGetLastResponseInfoW
FtpDeleteFileA
InternetLockRequestFile
ShowCertificate
GopherFindFirstFileA
FtpFindFirstFileW
InternetCrackUrlW

kernel32

DosDateTimeToFileTime
GetEnvironmentStringsA
LockResource
GetExitCodeProcess
GetVersion
GetCurrentThread
HeapSetInformation
FillConsoleOutputCharacterA
SetComputerNameA
lstrcat
_hwrite
LoadLibraryW
LocalShrink
GlobalAddAtomA
GetVolumePathNameA
DeleteFileA
WriteProfileStringW
GetConsoleCommandHistoryA
ActivateActCtx
GetLocaleInfoA
SetConsoleKeyShortcuts

rpcns4

RpcNsMgmtBindingUnexportW
RpcNsMgmtBindingUnexportA
RpcNsGroupDeleteA
RpcNsGroupMbrAddA
RpcNsProfileEltRemoveW
RpcNsProfileEltInqNextA
RpcNsMgmtHandleSetExpAge
RpcNsBindingLookupBeginW
RpcNsProfileEltAddA
RpcIfIdVectorFree
RpcNsBindingUnexportW
RpcNsGroupMbrInqDone
RpcNsGroupMbrInqNextW
RpcNsBindingImportBeginA
RpcNsBindingExportA
RpcNsProfileEltInqDone
RpcNsMgmtEntryInqIfIdsA
RpcNsEntryObjectInqNext
RpcNsMgmtEntryInqIfIdsW
RpcNsGroupMbrInqBeginA
RpcNsBindingUnexportPnPW
RpcNsMgmtEntryDeleteW

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

270598bbed871a72f5dabbc11e198a2c

Headers

DLL Characteristics

File Characteristics

Imports

olesvr32

xolehlp

wininet

kernel32

rpcns4

Sections

.text Size: 34KB - Virtual size: 34KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 272B

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 34KB - Virtual size: 34KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 272B

.rsrc
Size: 6KB - Virtual size: 6KB