968ddf1c389612b67666286b7374830c2d6f4ebf1be0167eca9ffe6f51bd41dd

Sharing

Copy URL Twitter E-mail

General

Target

968ddf1c389612b67666286b7374830c2d6f4ebf1be0167eca9ffe6f51bd41dd
Size

840KB
MD5

a1421fd48e10a51a887e6b0834d37f90
SHA1

f033ce5386fa17d6958d4ba7b62e276ec64d7f32
SHA256

968ddf1c389612b67666286b7374830c2d6f4ebf1be0167eca9ffe6f51bd41dd
SHA512

6a70388316bd7d7605bd0d54df9960686d55e01850cfc3f140aca18f511e6d5d4ed4304f00b32e2336642ba86f175061379d74e7b9f7bdfba53d87aca14b358c
SSDEEP

12288:tcRXVjrr0u7yE2Q8C0ISRp/8g36ifg1SWz4BL+3G0gYRMgmvHjAqLsIywTohEd:t2ZrZ/ZpbSP/8gKifgmi3saXogwTQEd

Score

N/A

Malware Config

Signatures

Files

968ddf1c389612b67666286b7374830c2d6f4ebf1be0167eca9ffe6f51bd41dd
.exe windows x86

07b50dde4a337db308bf8c297a3af64c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidLocale
GetCommandLineW
WaitForMultipleObjectsEx
VerifyConsoleIoHandle
VirtualFree
WriteFile
FreeConsole
WideCharToMultiByte
InitializeCriticalSection
SetConsoleCursorInfo
GetConsoleCommandHistoryA
DnsHostnameToComputerNameW
DeleteFileW
Heap32First
GetCompressedFileSizeW
PostQueuedCompletionStatus
SetThreadPriority
GetSystemWow64DirectoryA
VDMConsoleOperation
LoadLibraryA
SetConsoleKeyShortcuts
VirtualAlloc
RemoveLocalAlternateComputerNameW
GetStringTypeExW

msdtcuiu

DtcPerfCollect
DtcPerfClose
PerfDllRegisterServer
DtcPerfOpen

mapistub

WrapCompressedRTFStream@12
FGetComponentPath
UNKOBJ_FreeRows@8
FtgRegisterIdleRoutine@20
OpenTnefStreamEx
FreePadrlist@4
ScBinFromHexBounded@12
EnableIdleRoutine@8
HrAllocAdviseSink@12
UNKOBJ_ScSzFromIdsAlloc@20
FPropExists@8
ScMAPIXFromSMAPI
MAPISaveMail
cmc_read
BMAPIFindNext
ScRelocProps@20
FBadRowSet@4
HrGetOmiProvidersFlags@8

scecli

SceCommitTransaction
SceSvcUpdateInfo
SceSvcFree
SceBrowseDatabaseTable
SceGetObjectChildren
SceRegisterRegValues
SceSetDatabaseSetting
SceEnumerateServices
DeltaNotify
SceSetupGenerateTemplate
SceSetupMoveSecurityFile
SceAnalyzeSystem
SceCreateDirectory
InitializeChangeNotify
SceGetServerProductType
SceAddToObjectList
SceRollbackTransaction
SceFreeProfileMemory
SceAppendSecurityProfileInfo
SceGetDatabaseSetting
SceSvcConvertSDToText
SceConfigureConvertedFileSecurity
SceSvcSetInformationTemplate

imm32

ImmGetIMCLockCount
ImmEscapeW
ImmActivateLayout
ImmReleaseContext
ImmSimulateHotKey
ImmSystemHandler
ImmIMPQueryIMEW
ImmUnlockImeDpi
ImmRegisterClient
ImmUnregisterWordA
ImmInstallIMEW
ImmIMPSetIMEW
ImmGetGuideLineW
ImmEscapeA
ImmGetIMCCLockCount
ImmTranslateMessage
ImmGetConversionListW
ImmSetStatusWindowPos

imagehlp

MapFileAndCheckSumW
EnumerateLoadedModules64
SymGetLineFromAddr64
SymFindFileInPath
SymUnloadModule
SymGetLineFromName
SymGetSymNext64
StackWalk
SymRegisterCallback64
SymRegisterFunctionEntryCallback
ImageGetCertificateHeader
ImageGetDigestStream
SymMatchFileName
SymGetSymFromAddr
GetImageConfigInformation
SymEnumerateModules
SymUnDName
StackWalk64
ReBaseImage
SymFunctionTableAccess
SymEnumerateModules64

msvcrt

exit

Sections

.text
Size: 486KB - Virtual size: 486KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 346KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

07b50dde4a337db308bf8c297a3af64c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msdtcuiu

mapistub

scecli

imm32

imagehlp

msvcrt

Sections

.text Size: 486KB - Virtual size: 486KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 346KB - Virtual size: 1.8MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 272B

.text
Size: 486KB - Virtual size: 486KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 346KB - Virtual size: 1.8MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 272B