bd09d42d4ca6fa06ddf3fd95d8708dff2b8d5c9ad44d31b5700eaecd1beb7b9c

Sharing

Copy URL Twitter E-mail

General

Target

bd09d42d4ca6fa06ddf3fd95d8708dff2b8d5c9ad44d31b5700eaecd1beb7b9c
Size

238KB
MD5

4343d923a7a0acc05d2904999f9938c3
SHA1

1c06484891eb68db4180a2653574ac2dad9ef23a
SHA256

bd09d42d4ca6fa06ddf3fd95d8708dff2b8d5c9ad44d31b5700eaecd1beb7b9c
SHA512

8a9e72dbc33ba8675678c4a112870eced57c52680becd7bd1669b5e5c04447fbce56cbb6bbffcdfa937efa883434e52c571ca3cd39783bcdb2d24492312f8c2d
SSDEEP

6144:lj/F2jev1hXmWd5ttjq8zLozB/XEeLtnSzJb/zBAf/fuC:hd2iDXz5jpQ1Ztqb9Af/F

Score

N/A

Malware Config

Signatures

Files

bd09d42d4ca6fa06ddf3fd95d8708dff2b8d5c9ad44d31b5700eaecd1beb7b9c
.exe windows x86

3b7bd8757d6679c0657a1845d7c4b902

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStringsA
SetSystemPowerState
LocalShrink
GetTempPathW
RegisterWowExec
GetLocaleInfoA
GetProcessId
ChangeTimerQueueTimer
LoadLibraryW
EnumCalendarInfoExW
SetConsoleScreenBufferSize
GetWindowsDirectoryA
CreateConsoleScreenBuffer
EnterCriticalSection

mscat32

CryptCATGetCatAttrInfo
CryptCATAdminAddCatalog
CryptCATGetMemberInfo
CryptCATCDFEnumAttributesWithCDFTag
CryptCATAdminEnumCatalogFromHash
CryptCATAdminAcquireContext
CryptCATAdminReleaseContext
CryptCATCDFEnumCatAttributes
CatalogCompactHashDatabase
CryptCATCDFEnumMembers
CryptCATGetAttrInfo
CryptCATCDFEnumMembersByCDFTagEx
CryptCATEnumerateCatAttr
CryptCATCatalogInfoFromContext
CryptCATCDFEnumMembersByCDFTag
DllUnregisterServer
CryptCATAdminCalcHashFromFileHandle
CryptCATOpen
CryptCATCDFClose
DllRegisterServer
CryptCATPersistStore

t2embed

_TTEmbedFontFromFileA@52
_TTRunValidationTests@8
_TTIsEmbeddingEnabledForFacename@8
_TTCharToUnicode@24
TTRunValidationTests
_TTGetEmbeddingType@8
TTGetEmbeddingType
TTGetNewFontName
TTEmbedFont
_TTGetEmbeddedFontInfo@28
_TTLoadEmbeddedFont@40
TTIsEmbeddingEnabled
_TTIsEmbeddingEnabled@8
TTRunValidationTestsEx
_TTDeleteEmbeddedFont@12
TTEmbedFontEx
TTLoadEmbeddedFont
_TTEmbedFont@44
TTDeleteEmbeddedFont
TTEmbedFontFromFileA
TTCharToUnicode
_TTEnableEmbeddingForFacename@8
TTGetEmbeddedFontInfo
TTEnableEmbeddingForFacename
TTIsEmbeddingEnabledForFacename

sqlunirl

_RegLoadKey_@12
_PostMessage@16
_PolyTextOut_@12
_DrawText@20
AllocConvertMultiSZNameToA
_EnumDependentServices_@24
_Shell_NotifyIcon_@8
_BroadcastSystemMessage_@20
_GetVolumeInformation_@32
_EnumResourceLanguages_@20
_OpenFileMapping_@12
_MoveFile@8
_FatalAppExit_@8

crypt32

CertGetValidUsages
CertSetCRLContextProperty
CertFindCertificateInStore
CryptSignAndEncodeCertificate
CryptInstallDefaultContext
I_CryptInstallOssGlobal
CertGetPublicKeyLength
CertFreeCertificateContext
CertFreeCertificateChain
CertGetCTLContextProperty

crtdll

atan2
_mbctype
_getdiskfree
_stricmp
_clearfp
isxdigit
mbtowc
_wtol
_lrotr
modf
wcschr
_c_exit
strspn
_mbsnicmp
_kbhit

Sections

.text
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b7bd8757d6679c0657a1845d7c4b902

Headers

File Characteristics

Imports

kernel32

mscat32

t2embed

sqlunirl

crypt32

crtdll

Sections

.text Size: 113KB - Virtual size: 112KB

.rdata Size: 29KB - Virtual size: 28KB

.data Size: 84KB - Virtual size: 83KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 113KB - Virtual size: 112KB

.rdata
Size: 29KB - Virtual size: 28KB

.data
Size: 84KB - Virtual size: 83KB

.rsrc
Size: 10KB - Virtual size: 9KB