2b0e499c6c7bc531221e25b03f2887d347a4e1ada7e2b732a910234fbfa2f905

Sharing

Copy URL Twitter E-mail

General

Target

2b0e499c6c7bc531221e25b03f2887d347a4e1ada7e2b732a910234fbfa2f905
Size

141KB
MD5

139f5bc29b56078f4a1013f0b4915020
SHA1

6308d86526a400ec361804b017ba75e2886917f8
SHA256

2b0e499c6c7bc531221e25b03f2887d347a4e1ada7e2b732a910234fbfa2f905
SHA512

f8c64594faab9aff14da2850a29c72b6036c1d6d4a2db10edad80231e604f776c319201c31f2149f9f951a3853d3d0a71cf62712487f0936f42c0889dbf6c666
SSDEEP

3072:O0jJkpGTIZ11yi3kuvxTDh5CCfiaUaBqhV1G+4TVjLhQYXdC9af:ZJKGTKd3ku1h5qzhVsxjLhvXdbf

Score

N/A

Malware Config

Signatures

Files

2b0e499c6c7bc531221e25b03f2887d347a4e1ada7e2b732a910234fbfa2f905
.exe windows x86

8a498ec1c470a825c70fb8dc816f78f8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

wcsftime
_ismbblead
_ctype
_ismbbpunct
_osplatform
_cputws
feof
system
tan
__p__commode
__getmainargs
??_V@YAXPAX@Z
wcsspn
_lsearch
__set_app_type
exit
_adj_fptan
_mbsnbicmp
__pxcptinfoptrs
_lock
_mbctype

wshrm

WSHGetSockaddrType
WSHOpenSocket2
WSHSetSocketInformation
WSHGetBroadcastSockaddr
WSHNotify
WSHGetProviderGuid
WSHGetWSAProtocolInfo
WSHGetWinsockMapping
WSHStringToAddress
WSHOpenSocket
WSHJoinLeaf
WSHIoctl

kernel32

SetComputerNameExW
IsValidLanguageGroup
GetModuleHandleW
GetBinaryTypeW
lstrcatW
GetOverlappedResult
GetCurrentDirectoryW
EnumerateLocalComputerNamesA
TerminateJobObject
SetEvent
GetLocaleInfoA
LoadLibraryW
GetCurrentThread

shlwapi

StrRChrIA
PathCompactPathExA
SHRegEnumUSKeyA
PathIsRootW
StrNCatW
PathStripPathW
PathIsNetworkPathW
SHRegSetPathW
PathCommonPrefixW
SHOpenRegStream2A
StrTrimA

msacm32

acmStreamPrepareHeader
acmFilterTagDetailsW
acmGetVersion
acmFormatTagDetailsW
acmFormatTagEnumA
acmStreamMessage
acmFilterTagEnumW
acmFormatTagDetailsA
acmDriverClose
acmDriverDetailsA
acmDriverPriority
acmFormatChooseA
acmStreamSize
acmDriverID
acmDriverAddA
acmStreamReset
acmFilterTagEnumA
acmFormatDetailsA
acmDriverOpen
acmDriverDetailsW

hhsetup

?SetLanguage@CFolder@@QAEXG@Z
?SetId@CLocation@@QAEXPBG@Z
?AddTitle@CCollection@@QAEPAVCTitle@@PBD0000GIPAVCLocation@@PAKH0@Z
?HandleCollection@CCollection@@AAEKPAVCParseXML@@PAD@Z
?AddFolder@CCollection@@QAEPAVCFolder@@PBGKPAKG@Z
??0CPointerList@@QAE@XZ
?Dirty@CCollection@@QAEXXZ
?bIsVisable@CFolder@@QAEHXZ
?GetVisableRootFolder@CCollection@@QAEPAVCFolder@@XZ
?DeleteTitle@CCollection@@AAEKPAVCTitle@@@Z
?HandleLocation@CCollection@@AAEKPAVCParseXML@@PAD@Z
?SetLanguage@CTitle@@QAEXG@Z
?WriteFolders@CCollection@@AAEHPAPAVCFolder@@@Z
?GetSampleLocation@CCollection@@QAEPADXZ
?CheckTitleRef@CCollection@@AAEKPBGG@Z
??1CPointerList@@QAE@XZ
?SetId@CLocation@@QAEXPBD@Z
?SetFindMergedCHMS@CCollection@@QAEXH@Z
?Close@CCollection@@QAEKXZ
?GetTitleW@CLocation@@QAEPBGXZ
?GetLanguage@CFolder@@QAEGXZ
?SetVolume@CLocation@@QAEXPBG@Z
?NewLocationHistory@CTitle@@QAEPAULocationHistory@@XZ
?DeleteChildren@CCollection@@AAEXPAPAVCFolder@@@Z
?AddTail@CFIFOString@@QAEKPAD@Z
??0CFolder@@QAE@XZ
?GetIdW@CTitle@@QAEPBGXZ
??4CPointerList@@QAEAAV0@ABV0@@Z

msasn1

ASN1_CreateDecoderEx
ASN1CEREncEndBlk
ASN1BEREncRemoveZeroBits
ASN1char16string_cmp
ASN1BEREoid2DotVal
ASN1intx2int32
ASN1BERDecBitString
ASN1BERDecOpenType

user32

DialogBoxIndirectParamA
CallWindowProcA
UnregisterClassA
UnregisterHotKey
UserRegisterWowHandlers
GetMenuItemInfoA
CheckMenuRadioItem
DrawAnimatedRects
GetCursorInfo
GetClipboardOwner
ReuseDDElParam
DefWindowProcW
PostQuitMessage
DrawMenuBarTemp
SetForegroundWindow
GetUpdateRgn
DlgDirSelectExA
SetDlgItemTextA
IsCharAlphaNumericW
SubtractRect
MessageBoxTimeoutW
RegisterClassW
GetMenu
OpenDesktopA

Sections

.code
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a498ec1c470a825c70fb8dc816f78f8

Headers

File Characteristics

Imports

msvcrt

wshrm

kernel32

shlwapi

msacm32

hhsetup

msasn1

user32

Sections

.code Size: 83KB - Virtual size: 82KB

.rdata Size: 43KB - Virtual size: 43KB

.data Size: 5KB - Virtual size: 4KB

.rsrc Size: 8KB - Virtual size: 7KB

.code
Size: 83KB - Virtual size: 82KB

.rdata
Size: 43KB - Virtual size: 43KB

.data
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 7KB