e3e9eb3a0df2c15bbfc9020e0d269eaffdf51da05f8489e1e835679cb5d6bd21

Sharing

Copy URL Twitter E-mail

General

Target

e3e9eb3a0df2c15bbfc9020e0d269eaffdf51da05f8489e1e835679cb5d6bd21
Size

238KB
MD5

219625e60b1343d0dfcf3884416e6110
SHA1

74945a8fb14a850802079b4118820fbf86861a9e
SHA256

e3e9eb3a0df2c15bbfc9020e0d269eaffdf51da05f8489e1e835679cb5d6bd21
SHA512

0ba622ac4fe3c5c4b5e769c94a72ba77830efe032211f812e9663e1df7f92e42bc4bd05e98cbdea4584fe50079c337a1873c0877af4671e043ff4fc831c3cd4d
SSDEEP

6144:lj/F2jev1hXmWd5ttjq8zLozB/XEeLtnSzJb/zBAf/fuS:hd2iDXz5jpQ1Ztqb9Af/Z

Score

N/A

Malware Config

Signatures

Files

e3e9eb3a0df2c15bbfc9020e0d269eaffdf51da05f8489e1e835679cb5d6bd21
.exe windows x86

3b7bd8757d6679c0657a1845d7c4b902

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStringsA
SetSystemPowerState
LocalShrink
GetTempPathW
RegisterWowExec
GetLocaleInfoA
GetProcessId
ChangeTimerQueueTimer
LoadLibraryW
EnumCalendarInfoExW
SetConsoleScreenBufferSize
GetWindowsDirectoryA
CreateConsoleScreenBuffer
EnterCriticalSection

mscat32

CryptCATGetCatAttrInfo
CryptCATAdminAddCatalog
CryptCATGetMemberInfo
CryptCATCDFEnumAttributesWithCDFTag
CryptCATAdminEnumCatalogFromHash
CryptCATAdminAcquireContext
CryptCATAdminReleaseContext
CryptCATCDFEnumCatAttributes
CatalogCompactHashDatabase
CryptCATCDFEnumMembers
CryptCATGetAttrInfo
CryptCATCDFEnumMembersByCDFTagEx
CryptCATEnumerateCatAttr
CryptCATCatalogInfoFromContext
CryptCATCDFEnumMembersByCDFTag
DllUnregisterServer
CryptCATAdminCalcHashFromFileHandle
CryptCATOpen
CryptCATCDFClose
DllRegisterServer
CryptCATPersistStore

t2embed

_TTEmbedFontFromFileA@52
_TTRunValidationTests@8
_TTIsEmbeddingEnabledForFacename@8
_TTCharToUnicode@24
TTRunValidationTests
_TTGetEmbeddingType@8
TTGetEmbeddingType
TTGetNewFontName
TTEmbedFont
_TTGetEmbeddedFontInfo@28
_TTLoadEmbeddedFont@40
TTIsEmbeddingEnabled
_TTIsEmbeddingEnabled@8
TTRunValidationTestsEx
_TTDeleteEmbeddedFont@12
TTEmbedFontEx
TTLoadEmbeddedFont
_TTEmbedFont@44
TTDeleteEmbeddedFont
TTEmbedFontFromFileA
TTCharToUnicode
_TTEnableEmbeddingForFacename@8
TTGetEmbeddedFontInfo
TTEnableEmbeddingForFacename
TTIsEmbeddingEnabledForFacename

sqlunirl

_RegLoadKey_@12
_PostMessage@16
_PolyTextOut_@12
_DrawText@20
AllocConvertMultiSZNameToA
_EnumDependentServices_@24
_Shell_NotifyIcon_@8
_BroadcastSystemMessage_@20
_GetVolumeInformation_@32
_EnumResourceLanguages_@20
_OpenFileMapping_@12
_MoveFile@8
_FatalAppExit_@8

crypt32

CertGetValidUsages
CertSetCRLContextProperty
CertFindCertificateInStore
CryptSignAndEncodeCertificate
CryptInstallDefaultContext
I_CryptInstallOssGlobal
CertGetPublicKeyLength
CertFreeCertificateContext
CertFreeCertificateChain
CertGetCTLContextProperty

crtdll

atan2
_mbctype
_getdiskfree
_stricmp
_clearfp
isxdigit
mbtowc
_wtol
_lrotr
modf
wcschr
_c_exit
strspn
_mbsnicmp
_kbhit

Sections

.text
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b7bd8757d6679c0657a1845d7c4b902

Headers

File Characteristics

Imports

kernel32

mscat32

t2embed

sqlunirl

crypt32

crtdll

Sections

.text Size: 113KB - Virtual size: 112KB

.rdata Size: 29KB - Virtual size: 28KB

.data Size: 84KB - Virtual size: 83KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 113KB - Virtual size: 112KB

.rdata
Size: 29KB - Virtual size: 28KB

.data
Size: 84KB - Virtual size: 83KB

.rsrc
Size: 10KB - Virtual size: 9KB