a3c42506fbdead322bd28391195f5f9a0bdc44fdd42213748106e5e6daf94d9e

Sharing

Copy URL Twitter E-mail

General

Target

a3c42506fbdead322bd28391195f5f9a0bdc44fdd42213748106e5e6daf94d9e
Size

403KB
MD5

30976331b7c33904b6b8fb8c41fdd01e
SHA1

e9d26b462542401f12d900046a449846b54f4470
SHA256

a3c42506fbdead322bd28391195f5f9a0bdc44fdd42213748106e5e6daf94d9e
SHA512

87af2661307d933d6a850e33a5de9a7e7ac8a5d5d735b43cff259ad93292c1eb55171062532725ba39dd8dd357aa897d67103ba7be5294afa120b77bfc28e1c0
SSDEEP

6144:5pBogIUocU4JF4OOj8dpHfz0ldMLsn7Y3eipWKon8BqlDS/sNkeehIoESVG:6gI8f4TQbz0Ssn7oeipWBYaDyNhV9VG

Score

N/A

Malware Config

Signatures

Files

a3c42506fbdead322bd28391195f5f9a0bdc44fdd42213748106e5e6daf94d9e
.exe windows x86

9987268d236780ffe46b8c6f853c73f2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveOutGetVolume
waveOutClose
waveOutPrepareHeader
waveOutOpen
waveOutGetPitch
waveOutUnprepareHeader
waveOutReset
waveOutWrite
waveOutSetVolume

ws2_32

WSANSPIoctl
WSAIoctl
getaddrinfo
WSALookupServiceEnd
freeaddrinfo
WSALookupServiceBeginW
WSALookupServiceNextW

wtsapi32

WTSRegisterSessionNotification
WTSUnRegisterSessionNotification

esent

JetBackup

rpcrt4

NdrDllGetClassObject
NdrMesTypeEncode2
MesHandleFree
NdrMesTypeDecode2
NdrDllUnregisterProxy
CStdStubBuffer_DebugServerRelease
NdrCStdStubBuffer_Release
MesDecodeBufferHandleCreate
MesEncodeDynBufferHandleCreate
IUnknown_AddRef_Proxy
CStdStubBuffer_CountRefs
CStdStubBuffer_Invoke
CStdStubBuffer_QueryInterface
IUnknown_Release_Proxy
NdrDllCanUnloadNow
NdrOleAllocate
NdrOleFree
CStdStubBuffer_Connect
CStdStubBuffer_Disconnect
CStdStubBuffer_AddRef
NdrDllRegisterProxy
CStdStubBuffer_IsIIDSupported
IUnknown_QueryInterface_Proxy
CStdStubBuffer_DebugServerQueryInterface
NdrMesTypeFree2

crypt32

CryptMsgClose
CryptSignMessage
CertFindExtension
CertDuplicateCertificateContext
CryptMsgOpenToDecode
CertFreeCertificateContext
CertGetNameStringW
CryptDecodeObject
CertFindCertificateInStore
CryptStringToBinaryW
CryptProtectData
CertGetCertificateContextProperty
CertDuplicateCertificateChain
CryptBinaryToStringW
CertOpenStore
CertGetCertificateChain
CertCreateCertificateContext
CryptVerifyDetachedMessageSignature
CertFreeCertificateChain
CertCompareCertificate
CertCloseStore
CertGetEnhancedKeyUsage
CertVerifyCertificateChainPolicy
CryptMsgUpdate
CertAddCertificateContextToStore
CertVerifySubjectCertificateContext

setupapi

SetupDiGetClassDevsW
SetupDiOpenDevRegKey
SetupDiOpenClassRegKeyExW
SetupDiEnumDeviceInterfaces
SetupDiOpenDeviceInfoW
SetupDiGetDeviceInterfaceDetailW
SetupDiGetDeviceRegistryPropertyW
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInstanceIdW
SetupDiEnumDeviceInfo
SetupDiCreateDeviceInfoList

urlmon

CopyStgMedium

kernel32

GetLastError
BackupRead
VirtualAlloc
AddConsoleAliasA

cryptui

CryptUIDlgViewCertificateW

user32

DlgDirListComboBoxA
EnumPropsA

wininet

InternetGetCookieW

shell32

SHAppBarMessage
ExtractIconW
SHFileOperationW
DragQueryFileW
Shell_NotifyIconW

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 266KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9987268d236780ffe46b8c6f853c73f2

Headers

DLL Characteristics

File Characteristics

Imports

winmm

ws2_32

wtsapi32

esent

rpcrt4

crypt32

setupapi

urlmon

kernel32

cryptui

user32

wininet

shell32

Sections

.text Size: 1KB - Virtual size: 1KB

.data Size: 11KB - Virtual size: 2.4MB

.reloc Size: 512B - Virtual size: 28B

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 119KB - Virtual size: 118KB

.rdata Size: 266KB - Virtual size: 265KB

.text
Size: 1KB - Virtual size: 1KB

.data
Size: 11KB - Virtual size: 2.4MB

.reloc
Size: 512B - Virtual size: 28B

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 119KB - Virtual size: 118KB

.rdata
Size: 266KB - Virtual size: 265KB