6dbdcccf84b617b737e3feb5157fd3db6b262bdd7d98523ac4daf99bbf98bb03

Sharing

Copy URL Twitter E-mail

General

Target

6dbdcccf84b617b737e3feb5157fd3db6b262bdd7d98523ac4daf99bbf98bb03
Size

410KB
MD5

9f8e98f72e557a92649f1d8b92f9c6bf
SHA1

a0af744dd579ba697416f0a5adf5676f9ff4b9e6
SHA256

6dbdcccf84b617b737e3feb5157fd3db6b262bdd7d98523ac4daf99bbf98bb03
SHA512

e2d09380739ca77347f7e01832db02aab6b56037a8e2b69675cbb02a5c2d21a3f40d19776d5f864d196645251a8c2a5e3b4c10167ba400b8127ab9fc137b512b
SSDEEP

6144:5fS1T7dHgExcz9rmRQhPQgRnVW6d0u3dHJx7NpI5BjG0YnR7XSzuxQ6PCpQPvK1:5fuT7dYFqQBlRsJONgSRnxQ6qn

Score

N/A

Malware Config

Signatures

Files

6dbdcccf84b617b737e3feb5157fd3db6b262bdd7d98523ac4daf99bbf98bb03
.exe windows x86

773b794448afc4b2394f0e06faa87e3c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

apphelp

SdbReadMsiTransformInfo
ApphelpFreeFileAttributes
SdbReadDWORDTagRef
SdbReadEntryInformation
ApphelpGetNTVDMInfo
SdbResolveDatabase
SdbEnumMsiTransforms
SdbGrabMatchingInfo
SdbCloseDatabase
SdbGetPermLayerKeys
SdbQueryApphelpInformation
SdbGetFirstChild
SdbQueryDataEx
SdbOpenApphelpDetailsDatabase
SdbUnregisterDatabase
SdbFindNextTag
SdbGetMsiPackageInformation

msvcirt

?getline@istream@@QAEAAV1@PACHD@Z
??0istrstream@@QAE@PADH@Z
?close@filebuf@@QAEPAV1@XZ
?setbuf@fstream@@QAEPAVstreambuf@@PADH@Z
??5istream@@QAEAAV0@AAI@Z
??4fstream@@QAEAAV0@AAV0@@Z
??_Distrstream@@QAEXXZ
?close@ofstream@@QAEXXZ
??0ostrstream@@QAE@XZ
??1ostream@@UAE@XZ
??_Elogic_error@@UAEPAXI@Z
?underflow@strstreambuf@@UAEHXZ
??0istream_withassign@@QAE@PAVstreambuf@@@Z
??4istream_withassign@@QAEAAVistream@@PAVstreambuf@@@Z
??_8stdiostream@@7Bostream@@@
??4stdiostream@@QAEAAV0@AAV0@@Z
??Bios@@QBEPAXXZ
??1iostream@@UAE@XZ
?unsetf@ios@@QAEJJ@Z
??0logic_error@@QAE@ABQBD@Z
?sync@stdiobuf@@UAEHXZ
??4istrstream@@QAEAAV0@ABV0@@Z
?rdbuf@ofstream@@QBEPAVfilebuf@@XZ
??_Gstreambuf@@UAEPAXI@Z

msdart

?FindKey@CLKRLinearHashTable@@QBE?AW4LK_RETCODE@@KPAPBX@Z
FXMemAttach
?_TryWriteLock@CReaderWriterLock3@@AAE_NJ@Z
?_DeleteRecord@CLKRLinearHashTable@@AAE?AW4LK_RETCODE@@PBXK@Z
?_CalcKeyHash@CLKRLinearHashTable@@ABEKK@Z
?ReadOrWriteLock@CFakeLock@@QAE_NXZ
?GetStatistics@CLKRLinearHashTable@@QBE?AVCLKRHashTableStats@@XZ
?ConvertExclusiveToShared@CLKRHashTable@@QBEXXZ
?ReadLock@CSpinLock@@QAEXXZ
??1CDoubleList@@QAE@XZ
?Lock@CLockedDoubleList@@QAEXXZ
?GetDefaultSpinCount@CReaderWriterLock@@SGGXZ
?IsLocked@CLockedDoubleList@@QBE_NXZ
?CreateHolder@@YGJPAUIGPDispenser@@HIPAPAUIGPHolder@@@Z
?IsWin95@CMdVersionInfo@@SAHXZ
?ReadUnlock@CSmallSpinLock@@QAEXXZ
FXMemDetach
?Size@CLKRLinearHashTable@@QBEKXZ
?Pop@CSingleList@@QAEQAVCSingleListEntry@@XZ
?ConvertSharedToExclusive@CSpinLock@@QAEXXZ
?_TryLock@CSpinLock@@AAE_NXZ
?WriteUnlock@CReaderWriterLock@@QAEXXZ
?sm_dblDfltSpinAdjFctr@CReaderWriterLock@@1NA
?IsEmpty@CLockedDoubleList@@QBE_NXZ

wsnmp32

SnmpClose
SnmpEncodeMsg
SnmpStrToEntity
SnmpFreeDescriptor
SnmpCountVbl
SnmpRegister
SnmpStrToOid
SnmpSetVb
SnmpGetVendorInfo
SnmpListen
_SnmpSetAgentAddress@4
SnmpDecodeMsg
SnmpCreateSession
SnmpGetTranslateMode
SnmpGetPduData
SnmpCleanup
SnmpGetRetry
SnmpDuplicatePdu
SnmpFreeEntity
SnmpSetTimeout
SnmpCreatePdu
SnmpOidCopy
SnmpSetPduData
SnmpSetRetry
SnmpSetRetransmitMode
SnmpGetTimeout

netapi32

NetpGetConfigTStrArray
NetpwPathType
NetServerDiskEnum
NetApiBufferAllocate
NetUserSetInfo
NetUserGetLocalGroups
NetpDbgPrint
DsAddressToSiteNamesA
NetShareGetInfo
NetLocalGroupDelMember
Netbios
NetReplSetInfo
NetDfsAddFtRoot

kernel32

WriteConsoleOutputAttribute
GetThreadTimes
LoadLibraryW
GetCurrentThread
lstrcpyn
GetLongPathNameA
FindNextVolumeMountPointW
FreeEnvironmentStringsA
CreateIoCompletionPort
WriteProfileSectionA
QueryPerformanceCounter
GetModuleHandleW
GetLocaleInfoW
GetConsoleInputExeNameA

Sections

.text
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

773b794448afc4b2394f0e06faa87e3c

Headers

File Characteristics

Imports

apphelp

msvcirt

msdart

wsnmp32

netapi32

kernel32

Sections

.text Size: 166KB - Virtual size: 166KB

.rdata Size: 88KB - Virtual size: 87KB

.data Size: 14KB - Virtual size: 14KB

.rsrc Size: 139KB - Virtual size: 138KB

.text
Size: 166KB - Virtual size: 166KB

.rdata
Size: 88KB - Virtual size: 87KB

.data
Size: 14KB - Virtual size: 14KB

.rsrc
Size: 139KB - Virtual size: 138KB