240669fc1cde37958d99f1c03e352c469ad99ce2ada663b03a88869ac87ad542

Sharing

Copy URL Twitter E-mail

General

Target

240669fc1cde37958d99f1c03e352c469ad99ce2ada663b03a88869ac87ad542
Size

1.5MB
MD5

dd9dbd743ab4c3f7da3ab0ce2454c2a0
SHA1

01b01febc8b8db1742192af10c444448f9aee05d
SHA256

240669fc1cde37958d99f1c03e352c469ad99ce2ada663b03a88869ac87ad542
SHA512

c65a8242c248bd30891a6817e065e51374bae68815a6699d75406f533898655221fff9ba6c344acf3f8143708f7c48aaa9c01cb21a68f6851d337133a43d5c18
SSDEEP

49152:34sR0xOOiwEFxXFbTiiOu5Q3W0bitRiC7:3paUOiwEFxVbTiiONVbivis

Score

N/A

Malware Config

Signatures

Files

240669fc1cde37958d99f1c03e352c469ad99ce2ada663b03a88869ac87ad542
.exe windows x86

2dd34caed61d230c1842dafff525206c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

lpk

LpkTabbedTextOut
LpkPSMTextOut
LpkGetTextExtentExPoint
LpkDllInitialize
LpkInitialize
LpkDrawTextEx
ftsWordBreak
LpkEditControl
LpkGetCharacterPlacement
LpkExtTextOut
LpkUseGDIWidthCache

inetcomm

HrAthGetFileName
MimeOleGetInternat
EssContentHintDecodeEx
DllCanUnloadNow
MimeEditIsSafeToRun
MimeOleGenerateFileName
CreateRASTransport
MimeEditGetBackgroundImageUrl
MimeOleDecodeHeader
MimeOleSetPropA
MimeOleGetCertsFromThumbprints
MimeOleParseRfc822Address

dplayx

DllRegisterServer
DirectPlayLobbyCreateA
DirectPlayLobbyCreateW
DllCanUnloadNow
DirectPlayCreate
DllUnregisterServer
DirectPlayEnumerateA
DllGetClassObject
DirectPlayEnumerate
gdwDPlaySPRefCount
DirectPlayEnumerateW

msjetoledb40

DllUnregisterServer
DllCanUnloadNow
DllMain
DllRegisterServer

msi

MsiRecordSetStringA
MsiGetFeatureStateW
MsiConfigureFeatureA
MsiOpenPackageW
MsiGetTargetPathW
MsiProcessMessage
MsiDeleteUserDataW
MsiAdvertiseScriptA
MsiLoadStringA
MsiDatabaseApplyTransformA
MsiInstallMissingComponentA
MsiSequenceW
MsiReinstallFeatureFromDescriptorA
MsiSetExternalUIRecord
MsiOpenPackageExW
MsiGetFileHashA
MsiGetTargetPathA
MsiGetComponentPathA
MsiAdvertiseScriptW
MsiDetermineApplicablePatchesA
MsiQueryComponentStateA
MsiGetFeatureUsageA
MsiGetFeatureInfoW
MsiEnumProductsA
MsiEnumComponentCostsA
MsiLoadStringW
MsiGetPatchInfoExA
MsiSourceListClearAllExW
MsiProvideQualifiedComponentA
MsiOpenProductA
MsiCollectUserInfoW
MsiApplyMultiplePatchesA
MsiReinstallFeatureA
MsiSetFeatureAttributesW
MsiSourceListGetInfoW
MsiGetSummaryInformationW
MsiEnumComponentQualifiersW
MsiGetMode
MsiGetFeatureStateA
MsiDatabaseImportW
MsiCloseAllHandles
MsiGetProductInfoFromScriptW
MsiQueryFeatureStateFromDescriptorA
MsiIsProductElevatedW
MsiGetFileHashW

scecli

SceRegisterRegValues
SceSetupUpdateSecurityService
SceSetupBackupSecurity

gcdef

DllGetClassObject
DllCanUnloadNow

qdv

DllGetClassObject
DllRegisterServer
DllCanUnloadNow
DllUnregisterServer

dpmodemx

SPInit

syncui

DllGetClassObject
DllCanUnloadNow

msvcrt20

_CItanh

perfnet

CollectNetSvcsObjectData
OpenNetSvcsObject
CloseNetSvcsObject

kernel32

lstrcmpiA
GetProcAddress
EnumResourceNamesA
SetHandleInformation
GetCompressedFileSizeA
WritePrivateProfileSectionW
SetConsoleKeyShortcuts
WriteConsoleW
CompareFileTime
EnumCalendarInfoExW
GetCommProperties
LocalCompact
InitializeCriticalSection
LocalShrink
lstrcmpiW
HeapSummary
LoadLibraryA
FreeEnvironmentStringsA
SetConsoleHardwareState
EnumResourceNamesW
FlushViewOfFile
IsBadReadPtr
VirtualProtect
VirtualAlloc
lstrcpyW
Module32FirstW
SetLocaleInfoA
UnregisterConsoleIME
LoadModule
GetCalendarInfoW

xolehlp

DtcGetTransactionManagerEx
DtcGetTransactionManagerExW
DtcGetTransactionManagerExA
DtcGetTransactionManager
GetDtcLocaleResourceHandle
DtcGetTransactionManagerC

Sections

.data
Size: - Virtual size: 15.6MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1017KB - Virtual size: 1017KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2dd34caed61d230c1842dafff525206c

Headers

File Characteristics

Imports

lpk

inetcomm

dplayx

msjetoledb40

msi

scecli

gcdef

qdv

dpmodemx

syncui

msvcrt20

perfnet

kernel32

xolehlp

Sections

.data Size: - Virtual size: 15.6MB

.rdata Size: 40KB - Virtual size: 40KB

.tls Size: 512B - Virtual size: 4KB

.rsrc Size: 1017KB - Virtual size: 1017KB

.text Size: 1024B - Virtual size: 592B

.data
Size: - Virtual size: 15.6MB

.rdata
Size: 40KB - Virtual size: 40KB

.tls
Size: 512B - Virtual size: 4KB

.rsrc
Size: 1017KB - Virtual size: 1017KB

.text
Size: 1024B - Virtual size: 592B