e2abe29e9a0cf786e1bca93c0c402b6af3cc9ef78d122ba1eb78d4fb6f695cfa

Sharing

Copy URL

Twitter E-mail

General

Target

e2abe29e9a0cf786e1bca93c0c402b6af3cc9ef78d122ba1eb78d4fb6f695cfa
Size

56KB
MD5

a47a61005a867dc1be3d2f8d42c74582
SHA1

0dbeb4cec203c939404f483cbc3d23f261e931ba
SHA256

e2abe29e9a0cf786e1bca93c0c402b6af3cc9ef78d122ba1eb78d4fb6f695cfa
SHA512

416e29d01cfe7df713c661ccc6ffa8fa14cd8ecfd8a1f232ed8ddef8c8b47e5e6d2c69a863f80dda88e081b19de2741ee10652a81add1f080b58cf87da4113d4
SSDEEP

1536:tYDBchT/21k+VJNc3vHbgCm4BLTPEMO/4a:eDKT/2ucJNc3v1mSM2a

Score

N/A

Malware Config

Signatures

Files

e2abe29e9a0cf786e1bca93c0c402b6af3cc9ef78d122ba1eb78d4fb6f695cfa
.exe windows x86

843f48e880a57b16fd864ead16dfdc35

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetCommState
ConnectNamedPipe
HeapCreate
WriteConsoleInputVDMW
EnumCalendarInfoExA
HeapWalk
GetVolumeNameForVolumeMountPointW
GetSystemInfo
AddLocalAlternateComputerNameW
SetTimeZoneInformation
PostQueuedCompletionStatus
VirtualAlloc
CreateJobObjectW
ScrollConsoleScreenBufferA
GetConsoleScreenBufferInfo
Process32NextW
CallNamedPipeA
ReadConsoleInputExA
HeapReAlloc
LoadLibraryA
SetStdHandle
LocalSize
MoveFileExA
GetNumberFormatW
BackupSeek
SetConsoleMaximumWindowSize
GetShortPathNameW
VirtualUnlock
GetModuleHandleW
GetPrivateProfileStructA

rastapi

DeviceWork
PortClose
PortDisconnect
DeviceListen
PortConnect
PortReceiveComplete
PortReceive
PortClearStatistics
PortCompressionSetInfo
PortSend
GetConnectInfo
RastapiSetCalledID
PortGetPortState
PortChangeCallback
DeviceConnect
DeviceDone
PortGetInfo
RemovePort
UnloadRastapiDll
PortGetStatistics
DeviceGetInfo
EnableDeviceForDialIn
PortSetInfo
GetZeroDeviceInfo
RastapiGetCalledID
DeviceSetInfo
DeviceEnum
PortEnum
PortGetIOHandle

msvcrt20

_stricoll
?rdbuf@istrstream@@QBEPAVstrstreambuf@@XZ
__seh_longjmp_unwind@4
?clrlock@ios@@QAAXXZ
_mbscat
?fd@ofstream@@QBEHXZ
wcscspn
??_Eifstream@@UAEPAXI@Z
rewind
_creat
_ltoa
__pxcptinfoptrs
??5istream@@QAEAAV0@AAC@Z
abs
_swab
_global_unwind2
??_Distream_withassign@@QAEXXZ
??4istream_withassign@@QAEAAV0@ABV0@@Z
?_set_new_mode@@YAHH@Z
_mbclen
wcstol
_tcschr
_mbsrchr

wintrust

CryptCATCDFOpen
CryptCATCDFClose
TrustDecode
CryptSIPGetSignedDataMsg
CryptCATCatalogInfoFromContext
WTHelperOpenKnownStores
DriverFinalPolicy
CryptCATPutAttrInfo
WVTAsn1SpcStatementTypeDecode
MsCatConstructHashTag
CryptCATAdminAcquireContext
OfficeCleanupPolicy
WVTAsn1SpcIndirectDataContentEncode
mscat32DllRegisterServer
SoftpubLoadDefUsageCallData
WVTAsn1CatMemberInfoEncode
CryptCATAdminAddCatalog
WintrustLoadFunctionPointers
WVTAsn1SpcMinimalCriteriaInfoEncode
CryptSIPPutSignedDataMsg
CryptCATAdminResolveCatalogPath
CryptCATGetAttrInfo
WVTAsn1SpcSigInfoEncode

wldap32

ber_skip_tag
ldap_search_init_pageW
ldap_parse_result
ldap_rename_extA
ldap_searchW
ldap_rename_ext
ldap_initW
ldap_delete_sW
ldap_compare_extA
ldap_perror
ldap_control_freeA
ldap_search_ext_s
ldap_add_s
ldap_search_s
ldap_abandon
ldap_parse_vlv_controlA
ldap_encode_sort_controlW
cldap_openA
ldap_parse_sort_controlA
ldap_get_dnA

htui

HTUI_DeviceColorAdjustmentW
HTUI_ColorAdjustmentW
HTUI_ColorAdjustmentA
HTUI_DeviceColorAdjustmentA
HTUI_DeviceColorAdjustment
HTUI_ColorAdjustment

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

843f48e880a57b16fd864ead16dfdc35

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

rastapi

msvcrt20

wintrust

wldap32

htui

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 13KB - Virtual size: 12KB

.data Size: 18KB - Virtual size: 86KB

.rsrc Size: 19KB - Virtual size: 18KB

.reloc Size: 512B - Virtual size: 240B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 13KB - Virtual size: 12KB

.data
Size: 18KB - Virtual size: 86KB

.rsrc
Size: 19KB - Virtual size: 18KB

.reloc
Size: 512B - Virtual size: 240B