d0dbeda9e47c15a654fe2f7d298937fa6054c5a85d8b3aa98f4901bc778e645b

Sharing

Copy URL Twitter E-mail

General

Target

d0dbeda9e47c15a654fe2f7d298937fa6054c5a85d8b3aa98f4901bc778e645b
Size

147KB
MD5

7726f3b02a864131d4c7a9137072d6b8
SHA1

213374c27860810b685151ede8da5ed0a0a3805f
SHA256

d0dbeda9e47c15a654fe2f7d298937fa6054c5a85d8b3aa98f4901bc778e645b
SHA512

434c6a29606d03d8e3e9719937771103b4c50e327b4b0c76f542d8adc077daf1af93639aad34a501ea32bd9bccb597f00898e73b7b784e3e928db5c6db301e73
SSDEEP

3072:S9nCkh+ZiAogLZ7qa28uixDWlFxVv8vNVl5BvHWNUtBEHaBb+WRPk:S5Ckh+QAFtq75SMFxtANJNHWNUtzO

Score

N/A

Malware Config

Signatures

Files

d0dbeda9e47c15a654fe2f7d298937fa6054c5a85d8b3aa98f4901bc778e645b
.exe windows x86

2480fa2df410ee9825aa9525dc6b7ebf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mtxoci

ocan
odescr
odefin
MTxOciRegisterCursor
MTxolog
obndrn
orol
oexn
ocof
oopen
oermsg
MTxOciInit
oopt
oclose
oparse
ocom
oerhms
ofetch
oflng
obindps
Enlist
ofen
osetpi
oexec
oexfet
ogetpi
obndra
ocon
obndrv
olog

msvcrt

__set_app_type
_endthread
__getmainargs
_mbctolower
getc
_get_osfhandle
_Getmonths
fputws
system
vfwprintf
_ismbcpunct
exit
_ismbbpunct
swscanf
_strnicoll
fgetpos
_chgsign
_wcstoi64
_callnewh
wcsspn
_mbsdec
_EH_prolog
fscanf
ceil
towupper
wcspbrk
__p__commode
_seh_longjmp_unwind
_nextafter
longjmp
_wfopen

user32

MessageBoxW
EndDialog

atmlib

ATMFontAvailableA
ATMGetOutline
ATMGetGlyphListA
ATMGetBuildStr
ATMRemoveFontA
ATMClient
ATMGetNtmFieldsA
ATMFontStatusW
ATMSetFlags
ATMAddFontExW
ATMGetPostScriptNameW
ATMEnumMMFontsA
ATMGetVersionExW
ATMEnumFontsA

atl

AtlDevModeW2A
AtlModuleGetClassObject
AtlIPersistStreamInit_Load
AtlModuleRevokeClassObjects
AtlModuleTerm
AtlAxGetHost
AtlModuleAddCreateWndData
AtlHiMetricToPixel
AtlModuleUpdateRegistryFromResourceD
AtlPixelToHiMetric
AtlModuleUnRegisterTypeLib
AtlModuleRegisterWndClassInfoW
AtlAxAttachControl
AtlModuleRegisterClassObjects
AtlUnadvise
AtlAxDialogBoxA
AtlModuleUnregisterServer
AtlAxDialogBoxW
AtlGetVersion
AtlModuleInit
AtlModuleExtractCreateWndData
AtlModuleUnregisterServerEx
AtlIPersistPropertyBag_Load
AtlModuleRegisterWndClassInfoA
AtlGetObjectSourceInterface
AtlWaitWithMessageLoop

kernel32

IsBadReadPtr
GetProcessWorkingSetSize
GetOEMCP
GetProcessTimes
FileTimeToSystemTime
SetEvent
VirtualUnlock
CancelDeviceWakeupRequest
RemoveDirectoryW
LoadLibraryW
CreateFileMappingA
UnmapViewOfFile
DeviceIoControl
BindIoCompletionCallback
GetProfileSectionA
DefineDosDeviceW
SetFileShortNameA
RtlZeroMemory
Heap32ListFirst
GetExitCodeProcess
HeapCreate
GlobalHandle
EnumCalendarInfoA
EnumSystemCodePagesA

msdart

?RemoveTail@CLockedDoubleList@@QAEQAVCListEntry@@XZ
?_TryWriteLock@CReaderWriterLock2@@AAE_NJ@Z
?SetDefaultSpinCount@CSmallSpinLock@@SGXG@Z
MpHeapFree
?SetSpinCount@CSpinLock@@QAE_NG@Z
?_H1@CLKRLinearHashTable@@ABEKK@Z
?GetDefaultSpinAdjustmentFactor@CFakeLock@@SGNXZ
?ReadUnlock@CCritSec@@QAEXXZ
?SetDefaultSpinCount@CSpinLock@@SGXG@Z
?MaxSize@CLKRHashTable@@QBEKXZ

shell32

SHGetMalloc

Sections

.text
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2480fa2df410ee9825aa9525dc6b7ebf

Headers

File Characteristics

Imports

mtxoci

msvcrt

user32

atmlib

atl

kernel32

msdart

shell32

Sections

.text Size: 91KB - Virtual size: 90KB

.rdata Size: 36KB - Virtual size: 36KB

.data Size: 13KB - Virtual size: 81KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 91KB - Virtual size: 90KB

.rdata
Size: 36KB - Virtual size: 36KB

.data
Size: 13KB - Virtual size: 81KB

.rsrc
Size: 4KB - Virtual size: 3KB