9644d337294b5acd4fa727e36ac7b6997eedb6f4a6ce271e2dda9b696d2e7288

Sharing

Copy URL Twitter E-mail

General

Target

9644d337294b5acd4fa727e36ac7b6997eedb6f4a6ce271e2dda9b696d2e7288
Size

410KB
MD5

e8b256f31a92431f366a010c9362a36f
SHA1

63f526b7b3ee00524cf669b5695528f6690195de
SHA256

9644d337294b5acd4fa727e36ac7b6997eedb6f4a6ce271e2dda9b696d2e7288
SHA512

2dc0b2f3198266057c8bb83e48fb609d9423536157c204f7cef8765ba8829754f9b59ce33c1e5f617bb6d549c231bbbe9bac5e1a062b038750311595c48347f5
SSDEEP

6144:5fS1T7dHgExcz9rmRQhPQgRnVW6d0u3dHJx7NpI5BjG0YnR7XSzuxQ6PCpQPvKV:5fuT7dYFqQBlRsJONgSRnxQ6q7

Score

N/A

Malware Config

Signatures

Files

9644d337294b5acd4fa727e36ac7b6997eedb6f4a6ce271e2dda9b696d2e7288
.exe windows x86

773b794448afc4b2394f0e06faa87e3c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

apphelp

SdbReadMsiTransformInfo
ApphelpFreeFileAttributes
SdbReadDWORDTagRef
SdbReadEntryInformation
ApphelpGetNTVDMInfo
SdbResolveDatabase
SdbEnumMsiTransforms
SdbGrabMatchingInfo
SdbCloseDatabase
SdbGetPermLayerKeys
SdbQueryApphelpInformation
SdbGetFirstChild
SdbQueryDataEx
SdbOpenApphelpDetailsDatabase
SdbUnregisterDatabase
SdbFindNextTag
SdbGetMsiPackageInformation

msvcirt

?getline@istream@@QAEAAV1@PACHD@Z
??0istrstream@@QAE@PADH@Z
?close@filebuf@@QAEPAV1@XZ
?setbuf@fstream@@QAEPAVstreambuf@@PADH@Z
??5istream@@QAEAAV0@AAI@Z
??4fstream@@QAEAAV0@AAV0@@Z
??_Distrstream@@QAEXXZ
?close@ofstream@@QAEXXZ
??0ostrstream@@QAE@XZ
??1ostream@@UAE@XZ
??_Elogic_error@@UAEPAXI@Z
?underflow@strstreambuf@@UAEHXZ
??0istream_withassign@@QAE@PAVstreambuf@@@Z
??4istream_withassign@@QAEAAVistream@@PAVstreambuf@@@Z
??_8stdiostream@@7Bostream@@@
??4stdiostream@@QAEAAV0@AAV0@@Z
??Bios@@QBEPAXXZ
??1iostream@@UAE@XZ
?unsetf@ios@@QAEJJ@Z
??0logic_error@@QAE@ABQBD@Z
?sync@stdiobuf@@UAEHXZ
??4istrstream@@QAEAAV0@ABV0@@Z
?rdbuf@ofstream@@QBEPAVfilebuf@@XZ
??_Gstreambuf@@UAEPAXI@Z

msdart

?FindKey@CLKRLinearHashTable@@QBE?AW4LK_RETCODE@@KPAPBX@Z
FXMemAttach
?_TryWriteLock@CReaderWriterLock3@@AAE_NJ@Z
?_DeleteRecord@CLKRLinearHashTable@@AAE?AW4LK_RETCODE@@PBXK@Z
?_CalcKeyHash@CLKRLinearHashTable@@ABEKK@Z
?ReadOrWriteLock@CFakeLock@@QAE_NXZ
?GetStatistics@CLKRLinearHashTable@@QBE?AVCLKRHashTableStats@@XZ
?ConvertExclusiveToShared@CLKRHashTable@@QBEXXZ
?ReadLock@CSpinLock@@QAEXXZ
??1CDoubleList@@QAE@XZ
?Lock@CLockedDoubleList@@QAEXXZ
?GetDefaultSpinCount@CReaderWriterLock@@SGGXZ
?IsLocked@CLockedDoubleList@@QBE_NXZ
?CreateHolder@@YGJPAUIGPDispenser@@HIPAPAUIGPHolder@@@Z
?IsWin95@CMdVersionInfo@@SAHXZ
?ReadUnlock@CSmallSpinLock@@QAEXXZ
FXMemDetach
?Size@CLKRLinearHashTable@@QBEKXZ
?Pop@CSingleList@@QAEQAVCSingleListEntry@@XZ
?ConvertSharedToExclusive@CSpinLock@@QAEXXZ
?_TryLock@CSpinLock@@AAE_NXZ
?WriteUnlock@CReaderWriterLock@@QAEXXZ
?sm_dblDfltSpinAdjFctr@CReaderWriterLock@@1NA
?IsEmpty@CLockedDoubleList@@QBE_NXZ

wsnmp32

SnmpClose
SnmpEncodeMsg
SnmpStrToEntity
SnmpFreeDescriptor
SnmpCountVbl
SnmpRegister
SnmpStrToOid
SnmpSetVb
SnmpGetVendorInfo
SnmpListen
_SnmpSetAgentAddress@4
SnmpDecodeMsg
SnmpCreateSession
SnmpGetTranslateMode
SnmpGetPduData
SnmpCleanup
SnmpGetRetry
SnmpDuplicatePdu
SnmpFreeEntity
SnmpSetTimeout
SnmpCreatePdu
SnmpOidCopy
SnmpSetPduData
SnmpSetRetry
SnmpSetRetransmitMode
SnmpGetTimeout

netapi32

NetpGetConfigTStrArray
NetpwPathType
NetServerDiskEnum
NetApiBufferAllocate
NetUserSetInfo
NetUserGetLocalGroups
NetpDbgPrint
DsAddressToSiteNamesA
NetShareGetInfo
NetLocalGroupDelMember
Netbios
NetReplSetInfo
NetDfsAddFtRoot

kernel32

WriteConsoleOutputAttribute
GetThreadTimes
LoadLibraryW
GetCurrentThread
lstrcpyn
GetLongPathNameA
FindNextVolumeMountPointW
FreeEnvironmentStringsA
CreateIoCompletionPort
WriteProfileSectionA
QueryPerformanceCounter
GetModuleHandleW
GetLocaleInfoW
GetConsoleInputExeNameA

Sections

.text
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

773b794448afc4b2394f0e06faa87e3c

Headers

File Characteristics

Imports

apphelp

msvcirt

msdart

wsnmp32

netapi32

kernel32

Sections

.text Size: 166KB - Virtual size: 166KB

.rdata Size: 88KB - Virtual size: 87KB

.data Size: 14KB - Virtual size: 14KB

.rsrc Size: 139KB - Virtual size: 138KB

.text
Size: 166KB - Virtual size: 166KB

.rdata
Size: 88KB - Virtual size: 87KB

.data
Size: 14KB - Virtual size: 14KB

.rsrc
Size: 139KB - Virtual size: 138KB