672968b4a970acbfb282fb5bc927f9537fe772c8873e4c9eb9f7f870db59f81f

Sharing

Copy URL Twitter E-mail

General

Target

672968b4a970acbfb282fb5bc927f9537fe772c8873e4c9eb9f7f870db59f81f
Size

796KB
MD5

19531de0f3fcd86deca211790718b387
SHA1

8ac1833d18b94be0d4e0ff110e1d62aed386c58a
SHA256

672968b4a970acbfb282fb5bc927f9537fe772c8873e4c9eb9f7f870db59f81f
SHA512

f3c1ea36e37a68dbe4978c6b28765d07d5c59b638f5e3d84d3d96c00069bb1192b156d03b86096feafcbe0f8fc28f6bb2df61d30e3a42c5e727b30d0aa0b60f8
SSDEEP

24576:Two51jqimNEeu2ZUwK5TWGHGPgOFjT7cgbb2YBaKT:TwqxINEeuwzK5T3mPgOZLbqYcc

Score

N/A

Malware Config

Signatures

Files

672968b4a970acbfb282fb5bc927f9537fe772c8873e4c9eb9f7f870db59f81f
.exe windows x86

e5a5dff6931a7a75c39314ed82dc6c62

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindAtomA
ResetEvent
_lopen
TransmitCommChar
VirtualAlloc
DebugActiveProcess
InterlockedIncrement
LoadLibraryA
SetComputerNameW
CancelWaitableTimer
DefineDosDeviceA
EnumTimeFormatsW
GetCurrentThread
GetStartupInfoA
GetStringTypeExA
FreeResource
GetFullPathNameW
IsValidLocale
RegisterConsoleOS2
OutputDebugStringA
GetSystemDefaultLCID
GetTickCount
GetUserDefaultLCID
GetBinaryTypeW
LocalSize
RaiseException
GetCurrentDirectoryA
WriteProcessMemory
ClearCommError
lstrcatA
ScrollConsoleScreenBufferW

ole32

OleSetClipboard
RegisterDragDrop
CoSetProxyBlanket
OleLoad
HMETAFILE_UserUnmarshal
OleGetIconOfFile
OleConvertIStorageToOLESTREAM
HBRUSH_UserMarshal
OleLockRunning
CreateAntiMoniker
ComPs_NdrDllRegisterProxy
CoDosDateTimeToFileTime
CreateGenericComposite
OleGetIconOfClass
HMETAFILEPICT_UserMarshal

msdart

?_CurrentThreadId@CReaderWriterLock3@@CGJXZ
?WriteUnlock@CLKRHashTable@@QBEXXZ
?_TryWriteLock@CReaderWriterLock3@@AAE_NJ@Z
?_DeleteKey@CLKRLinearHashTable@@AAE?AW4LK_RETCODE@@KK@Z
?_WriteLockSpin@CReaderWriterLock3@@AAEXXZ
?IsReadUnlocked@CReaderWriterLock@@QBE_NXZ
?sm_llGlobalList@CLKRLinearHashTable@@0VCLockedDoubleList@@A
?MaxSize@CLKRHashTable@@QBEKXZ
?CreateHolder@@YGJPAUIGPDispenser@@HIPAPAUIGPHolder@@@Z
?_CurrentThreadId@CSmallSpinLock@@CGJXZ
?_H0@CLKRLinearHashTable@@CGKKK@Z
?BucketIndex@CLKRHashTableStats@@SGJJ@Z
?IsWinNT4@CMdVersionInfo@@SAHXZ
?SetSpinCount@CReaderWriterLock2@@QAE_NG@Z
?_WriteLockSpin@CReaderWriterLock2@@AAEXXZ
??4CFakeLock@@QAEAAV0@ABV0@@Z
?IsMillnm@CMdVersionInfo@@SAHXZ
?sm_dblDfltSpinAdjFctr@CCritSec@@1NA

Sections

.text
Size: 412KB - Virtual size: 412KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 151KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e5a5dff6931a7a75c39314ed82dc6c62

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

msdart

Sections

.text Size: 412KB - Virtual size: 412KB

.rdata Size: 100KB - Virtual size: 100KB

.data Size: 151KB - Virtual size: 1.5MB

.rsrc Size: 129KB - Virtual size: 129KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 412KB - Virtual size: 412KB

.rdata
Size: 100KB - Virtual size: 100KB

.data
Size: 151KB - Virtual size: 1.5MB

.rsrc
Size: 129KB - Virtual size: 129KB

.reloc
Size: 1KB - Virtual size: 1KB