747edda8660039c728c7f75e67acab33555136a223a81b34f0f10d3e54d72481

Sharing

Copy URL Twitter E-mail

General

Target

747edda8660039c728c7f75e67acab33555136a223a81b34f0f10d3e54d72481
Size

828KB
MD5

4919a3e111d1105c35308827081fbab5
SHA1

0d762bacdcbee9c49a39ff5b07e03bda9bd40cb9
SHA256

747edda8660039c728c7f75e67acab33555136a223a81b34f0f10d3e54d72481
SHA512

e6a38da3e96b9fe8e88342ca00130209a75cbee683b836f55cfa3c0b626635b7d21fe981c9d7184356ee473fa2c58e2095a370fda728edb7beab4cd92406ab7f
SSDEEP

24576:6cyI5SEqJNICI3zeuORN7fU2Fml4HcqcyFcb:YrEqJNIdEp7wqcyFc

Score

N/A

Malware Config

Signatures

Files

747edda8660039c728c7f75e67acab33555136a223a81b34f0f10d3e54d72481
.exe windows x86

9e4c82c9b0d9579ebda68f7c3bc0432e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VarImp
VarBoolFromUI4
VarDateFromI2
VarR4FromDec
VarI4FromBool
VarCyFromI8
VarFix
VarDecInt
SafeArrayCreateVectorEx
VarCyMul
LHashValOfNameSysA
VarUI1FromDisp
VarR8FromUI1
VarR4FromDate
DispGetParam
VarR4FromUI2
VarParseNumFromStr
VarBoolFromDec
SafeArrayAllocDescriptorEx
VarR4FromR8
SysAllocStringByteLen
VarXor
VarBoolFromUI8
VarDecFromI1
VarSub
VarDecFromDisp
OleLoadPictureFile
VarR8FromDate
VarI4FromDate
SysStringByteLen
OleLoadPicture
VarI4FromDec
VarUI2FromUI8
VarI4FromR8
VarR8FromCy
VarDecFromCy
VarR8FromDisp
VarUI2FromR4
VarFormatPercent
VarBstrFromUI8
VarI1FromI2
VarMul
VarUI4FromCy
VarBoolFromI2
SafeArrayCreateVector
VarNumFromParseNum
SafeArraySetIID
VarDateFromStr
VarDecFromBool
VarDateFromUI1
VarR4FromUI4

wintrust

TrustFindIssuerCertificate
CryptCATAdminEnumCatalogFromHash
CryptCATCDFOpen
WVTAsn1SpcSigInfoEncode
OfficeInitializePolicy
CryptCATPersistStore
WintrustGetDefaultForUsage
WTHelperGetProvCertFromChain
CryptCATGetMemberInfo
CryptCATVerifyMember
CryptCATCDFClose
CryptCATAdminCalcHashFromFileHandle
WVTAsn1SpcLinkEncode
CryptCATCDFEnumAttributes
SoftpubCleanup
CryptCATClose
WVTAsn1CatNameValueDecode
CryptCATCDFEnumMembersByCDFTag
CryptCATGetCatAttrInfo
CryptCATHandleFromStore
HTTPSFinalProv
CryptCATEnumerateMember
CryptSIPCreateIndirectData
mssip32DllUnregisterServer
mssip32DllRegisterServer
TrustDecode

kernel32

_llseek
LoadLibraryW
FindAtomA
GetStringTypeA
DosDateTimeToFileTime
SetLastError
IsDBCSLeadByteEx
GetTickCount
EnumDateFormatsA
GetLongPathNameA
SetErrorMode
GetComputerNameA
WritePrivateProfileStructW
SetConsoleTextAttribute
CreateJobObjectA
BeginUpdateResourceA
FindVolumeClose
lstrcat
DeviceIoControl
FindResourceExW
HeapDestroy
CommConfigDialogA
GetProcessShutdownParameters
FileTimeToDosDateTime
QueryPerformanceCounter
BackupWrite
GetTimeZoneInformation
lstrcatA
ShowConsoleCursor

clusapi

ClusterCloseEnum
ClusterRegEnumValue
GetClusterGroupKey
GetClusterGroupState
EvictClusterNode
CloseClusterGroup
OpenCluster
ClusterGetEnumCount
RemoveClusterResourceDependency

olecli32

SrvrWndProc
DefLoadFromStream
OleRevokeClientDoc
ErrQueryOpen
ErrSetUpdateOptions
LeSetBounds
PbEnumFormats
DefCreate
DibGetData
PbCreateFromClip
LeCreateInvisible
OleLoadFromStream
LeShow

winmm

OpenDriver
mciSendCommandA
mixerGetControlDetailsW
midiStreamRestart
midiInGetDevCapsA
joyGetPosEx
mmTaskSignal
joyReleaseCapture
mciSetDriverData
mciGetYieldProc

Sections

.text
Size: 345KB - Virtual size: 344KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 157KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 191KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 884B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9e4c82c9b0d9579ebda68f7c3bc0432e

Headers

DLL Characteristics

File Characteristics

Imports

oleaut32

wintrust

kernel32

clusapi

olecli32

winmm

Sections

.text Size: 345KB - Virtual size: 344KB

.rdata Size: 132KB - Virtual size: 132KB

.data Size: 157KB - Virtual size: 1.6MB

.rsrc Size: 191KB - Virtual size: 191KB

.reloc Size: 1024B - Virtual size: 884B

.text
Size: 345KB - Virtual size: 344KB

.rdata
Size: 132KB - Virtual size: 132KB

.data
Size: 157KB - Virtual size: 1.6MB

.rsrc
Size: 191KB - Virtual size: 191KB

.reloc
Size: 1024B - Virtual size: 884B