b866cfa3df5945374c08d5816cc66fc50cae8511e4e665139aa9ab9e6872aaf1

Sharing

Copy URL

Twitter E-mail

General

Target

b866cfa3df5945374c08d5816cc66fc50cae8511e4e665139aa9ab9e6872aaf1
Size

410KB
MD5

8dc86183c11e13c47c177cd556ea038b
SHA1

537a2a9c4d32e19d1b59e8aad882b1da193d37e7
SHA256

b866cfa3df5945374c08d5816cc66fc50cae8511e4e665139aa9ab9e6872aaf1
SHA512

d8531dbb97bc12408b74f4fc56de3f4099034e162bd1938dd10354f2dbe4ef823ca7529c6ad44b6afcae75bd2c004ccbb8381c7b8f8ea6e18c5d6ec7e051ad6e
SSDEEP

6144:5fS1T7dHgExcz9rmRQhPQgRnVW6d0u3dHJx7NpI5BjG0YnR7XSzuxQ6PCpQPvKDF:5fuT7dYFqQBlRsJONgSRnxQ6q9F

Score

N/A

Malware Config

Signatures

Files

b866cfa3df5945374c08d5816cc66fc50cae8511e4e665139aa9ab9e6872aaf1
.exe windows x86

773b794448afc4b2394f0e06faa87e3c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

apphelp

SdbReadMsiTransformInfo
ApphelpFreeFileAttributes
SdbReadDWORDTagRef
SdbReadEntryInformation
ApphelpGetNTVDMInfo
SdbResolveDatabase
SdbEnumMsiTransforms
SdbGrabMatchingInfo
SdbCloseDatabase
SdbGetPermLayerKeys
SdbQueryApphelpInformation
SdbGetFirstChild
SdbQueryDataEx
SdbOpenApphelpDetailsDatabase
SdbUnregisterDatabase
SdbFindNextTag
SdbGetMsiPackageInformation

msvcirt

?getline@istream@@QAEAAV1@PACHD@Z
??0istrstream@@QAE@PADH@Z
?close@filebuf@@QAEPAV1@XZ
?setbuf@fstream@@QAEPAVstreambuf@@PADH@Z
??5istream@@QAEAAV0@AAI@Z
??4fstream@@QAEAAV0@AAV0@@Z
??_Distrstream@@QAEXXZ
?close@ofstream@@QAEXXZ
??0ostrstream@@QAE@XZ
??1ostream@@UAE@XZ
??_Elogic_error@@UAEPAXI@Z
?underflow@strstreambuf@@UAEHXZ
??0istream_withassign@@QAE@PAVstreambuf@@@Z
??4istream_withassign@@QAEAAVistream@@PAVstreambuf@@@Z
??_8stdiostream@@7Bostream@@@
??4stdiostream@@QAEAAV0@AAV0@@Z
??Bios@@QBEPAXXZ
??1iostream@@UAE@XZ
?unsetf@ios@@QAEJJ@Z
??0logic_error@@QAE@ABQBD@Z
?sync@stdiobuf@@UAEHXZ
??4istrstream@@QAEAAV0@ABV0@@Z
?rdbuf@ofstream@@QBEPAVfilebuf@@XZ
??_Gstreambuf@@UAEPAXI@Z

msdart

?FindKey@CLKRLinearHashTable@@QBE?AW4LK_RETCODE@@KPAPBX@Z
FXMemAttach
?_TryWriteLock@CReaderWriterLock3@@AAE_NJ@Z
?_DeleteRecord@CLKRLinearHashTable@@AAE?AW4LK_RETCODE@@PBXK@Z
?_CalcKeyHash@CLKRLinearHashTable@@ABEKK@Z
?ReadOrWriteLock@CFakeLock@@QAE_NXZ
?GetStatistics@CLKRLinearHashTable@@QBE?AVCLKRHashTableStats@@XZ
?ConvertExclusiveToShared@CLKRHashTable@@QBEXXZ
?ReadLock@CSpinLock@@QAEXXZ
??1CDoubleList@@QAE@XZ
?Lock@CLockedDoubleList@@QAEXXZ
?GetDefaultSpinCount@CReaderWriterLock@@SGGXZ
?IsLocked@CLockedDoubleList@@QBE_NXZ
?CreateHolder@@YGJPAUIGPDispenser@@HIPAPAUIGPHolder@@@Z
?IsWin95@CMdVersionInfo@@SAHXZ
?ReadUnlock@CSmallSpinLock@@QAEXXZ
FXMemDetach
?Size@CLKRLinearHashTable@@QBEKXZ
?Pop@CSingleList@@QAEQAVCSingleListEntry@@XZ
?ConvertSharedToExclusive@CSpinLock@@QAEXXZ
?_TryLock@CSpinLock@@AAE_NXZ
?WriteUnlock@CReaderWriterLock@@QAEXXZ
?sm_dblDfltSpinAdjFctr@CReaderWriterLock@@1NA
?IsEmpty@CLockedDoubleList@@QBE_NXZ

wsnmp32

SnmpClose
SnmpEncodeMsg
SnmpStrToEntity
SnmpFreeDescriptor
SnmpCountVbl
SnmpRegister
SnmpStrToOid
SnmpSetVb
SnmpGetVendorInfo
SnmpListen
_SnmpSetAgentAddress@4
SnmpDecodeMsg
SnmpCreateSession
SnmpGetTranslateMode
SnmpGetPduData
SnmpCleanup
SnmpGetRetry
SnmpDuplicatePdu
SnmpFreeEntity
SnmpSetTimeout
SnmpCreatePdu
SnmpOidCopy
SnmpSetPduData
SnmpSetRetry
SnmpSetRetransmitMode
SnmpGetTimeout

netapi32

NetpGetConfigTStrArray
NetpwPathType
NetServerDiskEnum
NetApiBufferAllocate
NetUserSetInfo
NetUserGetLocalGroups
NetpDbgPrint
DsAddressToSiteNamesA
NetShareGetInfo
NetLocalGroupDelMember
Netbios
NetReplSetInfo
NetDfsAddFtRoot

kernel32

WriteConsoleOutputAttribute
GetThreadTimes
LoadLibraryW
GetCurrentThread
lstrcpyn
GetLongPathNameA
FindNextVolumeMountPointW
FreeEnvironmentStringsA
CreateIoCompletionPort
WriteProfileSectionA
QueryPerformanceCounter
GetModuleHandleW
GetLocaleInfoW
GetConsoleInputExeNameA

Sections

.text
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

773b794448afc4b2394f0e06faa87e3c

Headers

File Characteristics

Imports

apphelp

msvcirt

msdart

wsnmp32

netapi32

kernel32

Sections

.text Size: 166KB - Virtual size: 166KB

.rdata Size: 88KB - Virtual size: 87KB

.data Size: 14KB - Virtual size: 14KB

.rsrc Size: 139KB - Virtual size: 138KB

.text
Size: 166KB - Virtual size: 166KB

.rdata
Size: 88KB - Virtual size: 87KB

.data
Size: 14KB - Virtual size: 14KB

.rsrc
Size: 139KB - Virtual size: 138KB