a1539eedca31edf48521712ece6eafae3b4a7fce3467f64fed4317cad0d58c99

Sharing

Copy URL Twitter E-mail

General

Target

a1539eedca31edf48521712ece6eafae3b4a7fce3467f64fed4317cad0d58c99
Size

330KB
MD5

91f303f4687e0b0022f259bd94ff811a
SHA1

94c09600e0002a024faa26c033fed14754f169fc
SHA256

a1539eedca31edf48521712ece6eafae3b4a7fce3467f64fed4317cad0d58c99
SHA512

79b57c86da9989236aa7ca301487a23bcbe8c8b90cdb03bc4510f2f42276960d8befb9779286f78d158c5a8ca3b2ed7700f2938a64798aeadd208e05a5577072
SSDEEP

6144:4jqFjhfTG8IcIhr4WJ0UjMZz+OQfj8DEKtkZKSgvhzaw4nATR:4jGhzIcIhr4W5ApQwBtkZKPzaw4nAT

Score

N/A

Malware Config

Signatures

Files

a1539eedca31edf48521712ece6eafae3b4a7fce3467f64fed4317cad0d58c99
.exe windows x86

ed71197fb1328aa0e76cf05b3020c8ae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

ole32

SetConvertStg
CoTaskMemFree
HDC_UserMarshal
BindMoniker
MkParseDisplayName
HGLOBAL_UserUnmarshal
HMETAFILEPICT_UserUnmarshal
CoGetProcessIdentifier
FmtIdToPropStgName
SetErrorInfo
CoGetContextToken
CoGetObjectContext
IsValidInterface
CoGetApartmentID
CoGetCallerTID
OleCreateFromDataEx
GetRunningObjectTable
CoInstall
OleCreateDefaultHandler
WriteStringStream
HPALETTE_UserSize
HPALETTE_UserUnmarshal
StgCreatePropStg
HICON_UserFree
OleConvertIStorageToOLESTREAM

kernel32

GetTimeZoneInformation
ReadFileScatter
HeapLock
GetSystemTime
NlsGetCacheUpdateCount
CreateEventA
TryEnterCriticalSection
SetLocaleInfoW
VirtualAlloc
ReadProcessMemory
RegisterConsoleIME
Heap32First
LoadLibraryA
GetQueuedCompletionStatus
ScrollConsoleScreenBufferA
GetPrivateProfileSectionA
LocalAlloc
GetExitCodeThread
GetDiskFreeSpaceExA
IsDBCSLeadByteEx
OpenMutexA
PurgeComm
SetNamedPipeHandleState
GetModuleHandleA
MulDiv
RegisterWaitForInputIdle
GetLastError
SetWaitableTimer
SetConsoleInputExeNameW
GetNumaAvailableMemoryNode
GetCurrentDirectoryW

msvcrt

is_wctype
remove
_set_SSE2_enable
__CxxCallUnwindDtor
iscntrl
_fcloseall
islower
_wmkdir
_stat
strtol
??_Ebad_cast@@UAEPAXI@Z
_spawnvp
__badioinfo
ctime
__RTCastToVoid
_spawnvpe
_wfdopen
_spawnle
__p__timezone
_wunlink
_wpopen
_pipe
_execvp

winmm

mmGetCurrentTask
midiConnect
mciGetErrorStringA
DefDriverProc
timeGetTime
mciSendCommandW
midiInReset
sndPlaySoundA
mmioFlush
midiOutGetID
waveInGetPosition
timeBeginPeriod
waveOutPrepareHeader
NotifyCallbackData
DrvGetModuleHandle
mixerClose

user32

EndDialog

Sections

.text
Size: 190KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 117KB - Virtual size: 522KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ed71197fb1328aa0e76cf05b3020c8ae

Headers

File Characteristics

Imports

ole32

kernel32

msvcrt

winmm

user32

Sections

.text Size: 190KB - Virtual size: 190KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 117KB - Virtual size: 522KB

.rsrc Size: 18KB - Virtual size: 18KB

.text
Size: 190KB - Virtual size: 190KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 117KB - Virtual size: 522KB

.rsrc
Size: 18KB - Virtual size: 18KB