73d1b196c2de58884b5dfc392f2f402ea94866178882f87a580becaca59bdce9

Sharing

Copy URL

Twitter E-mail

General

Target

73d1b196c2de58884b5dfc392f2f402ea94866178882f87a580becaca59bdce9
Size

38KB
MD5

8c8405ce19735e37eb17aac885346b29
SHA1

13194c7a90d01b822aad3350793968d27a43e10c
SHA256

73d1b196c2de58884b5dfc392f2f402ea94866178882f87a580becaca59bdce9
SHA512

e0a1be7e806d473a43ffeb63c119d776d6793c0c182bdc15729e85660308dd84fd809dcecc7dba94a041ed9fef1464ca27cb08ce882e3aee77bd4f64ac00201b
SSDEEP

768:Xv6smtLTq6QgzPuzoQJc8TqQSYMvQyWapvbA9U6O:/Wbz+mQ7A8a6O

Score

N/A

Malware Config

Signatures

Files

73d1b196c2de58884b5dfc392f2f402ea94866178882f87a580becaca59bdce9
.exe windows x86

ab4d44cf75d1c70a6702cc67653e8782

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

StrCmpNIA
RealShellExecuteW
SHGetPathFromIDListA
OpenAs_RunDLL
DragQueryFileW
SHCreateQueryCancelAutoPlayMoniker
SHGetIconOverlayIndexA
SheGetDirA
StrNCmpA
ShellExecuteExW
PrintersGetCommand_RunDLLW
SHQueryRecycleBinA
SHFreeNameMappings
SHGetSpecialFolderLocation
SHCreateProcessAsUserW
ShellExecuteW
ShellHookProc
Options_RunDLL
SHInvokePrinterCommandA
WOWShellExecute
StrStrW
ShellExecuteA
StrRStrIW
StrCmpNIW
SHExtractIconsW
SHParseDisplayName
SHFileOperationA
DoEnvironmentSubstA

kernel32

CopyLZFile
FreeResource
SetConsoleCursorMode
OpenSemaphoreA
SetCalendarInfoW
GetModuleHandleW
FindNextVolumeA
GetLocaleInfoA
GetCPInfoExA
SetVolumeLabelW
SetVolumeMountPointW
HeapSummary
GetPrivateProfileStringA
LoadLibraryW
GetPrivateProfileStructA
CreateJobSet
SetProcessPriorityBoost
ResetEvent
VerLanguageNameW
_lopen
GetNamedPipeInfo
BaseUpdateAppcompatCache
lstrcpyW
UnmapViewOfFile
GetCurrentThread
GetExitCodeThread
GetAtomNameA
BaseDumpAppcompatCache

winsta

_WinStationBreakPoint
_WinStationShadowTarget
_NWLogonSetAdmin
WinStationSetInformationW
WinStationServerPing
WinStationGetLanAdapterNameA
WinStationInstallLicense
WinStationShadowStop
ServerLicensingGetPolicyInformationA

msvcirt

??0ifstream@@QAE@ABV0@@Z
??0strstreambuf@@QAE@PADH0@Z
?osfx@ostream@@QAEXXZ
??4istream@@IAEAAV0@ABV0@@Z
??0fstream@@QAE@ABV0@@Z
??5istream@@QAEAAV0@AAN@Z
??6ostream@@QAEAAV0@I@Z
??_Eexception@@UAEPAXI@Z
??_Estdiobuf@@UAEPAXI@Z
??_Efilebuf@@UAEPAXI@Z
?endl@@YAAAVostream@@AAV1@@Z
?get@istream@@QAEAAV1@PACHD@Z
??_Dfstream@@QAEXXZ
??0fstream@@QAE@PBDHH@Z
?doallocate@strstreambuf@@MAEHXZ
?get@istream@@QAEAAV1@AAD@Z
?setbuf@strstreambuf@@UAEPAVstreambuf@@PADH@Z
?close@filebuf@@QAEPAV1@XZ
?fd@ofstream@@QBEHXZ
_mtunlock
?unlock@streambuf@@QAEXXZ
??1ostream_withassign@@UAE@XZ
??_Gifstream@@UAEPAXI@Z
??6ostream@@QAEAAV0@PAVstreambuf@@@Z
??0stdiobuf@@QAE@PAU_iobuf@@@Z
??_7istrstream@@6B@
??_Dostream@@QAEXXZ

crtdll

_amsg_exit
clearerr
strtod
??2@YAPAXI@Z
wscanf
_mbsdec
_mbctombb
_tempnam
ceil
strncpy
_isnan
asctime
perror
time
strcat
gmtime
fmod
iscntrl
_CIlog
wcstoul
wcstok
_mbstrlen
_onexit
_mbspbrk
strtol
wcsncpy

msoert2

HrCopyStreamCB
HrStreamSeekCur
DeleteTempFileOnShutdownEx
UlStripWhitespace
HrFindInetTimeZone
AppendTempFileList
HrGetStyleSheet
HrCopyStreamToByte
FIsSpaceW
PszSkipWhiteA
PszScanToWhiteA
HrFillRasCombo
HrStreamToByte
OpenFileStreamShare
FBuildTempPath
HrIsStreamUnicode
HrGetCertKeyUsage
UpdateRebarBandColors
ReplaceCharsW

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ab4d44cf75d1c70a6702cc67653e8782

Headers

DLL Characteristics

File Characteristics

Imports

shell32

kernel32

winsta

msvcirt

crtdll

msoert2

Sections

.text Size: 30KB - Virtual size: 29KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 284B

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 30KB - Virtual size: 29KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 284B

.rsrc
Size: 4KB - Virtual size: 3KB