d373bdcba289aa91713784a0cc486c2103885d3edaa2160f1af9865440d59aca

Sharing

Copy URL

Twitter E-mail

General

Target

d373bdcba289aa91713784a0cc486c2103885d3edaa2160f1af9865440d59aca
Size

147KB
MD5

d8bf915efe566e8e95bd8d03cca66e0b
SHA1

54a5f2b1a5f0fa9e1aa2091aba06dd7f8fbfb2dd
SHA256

d373bdcba289aa91713784a0cc486c2103885d3edaa2160f1af9865440d59aca
SHA512

aaf833c54a8b5613fb13132fb926143bf11039df5740a6443d24818c4669b9f023e811639bd8ac796bb733e63b7650e2b327ad88a30e8d59d389c28573fd53f1
SSDEEP

3072:S9nCkh+ZiAogLZ7qa28uixDWlFxVv8vNVl5BvHWNUtBEHaBb+WRQ:S5Ckh+QAFtq75SMFxtANJNHWNUtze

Score

N/A

Malware Config

Signatures

Files

d373bdcba289aa91713784a0cc486c2103885d3edaa2160f1af9865440d59aca
.exe windows x86

2480fa2df410ee9825aa9525dc6b7ebf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mtxoci

ocan
odescr
odefin
MTxOciRegisterCursor
MTxolog
obndrn
orol
oexn
ocof
oopen
oermsg
MTxOciInit
oopt
oclose
oparse
ocom
oerhms
ofetch
oflng
obindps
Enlist
ofen
osetpi
oexec
oexfet
ogetpi
obndra
ocon
obndrv
olog

msvcrt

__set_app_type
_endthread
__getmainargs
_mbctolower
getc
_get_osfhandle
_Getmonths
fputws
system
vfwprintf
_ismbcpunct
exit
_ismbbpunct
swscanf
_strnicoll
fgetpos
_chgsign
_wcstoi64
_callnewh
wcsspn
_mbsdec
_EH_prolog
fscanf
ceil
towupper
wcspbrk
__p__commode
_seh_longjmp_unwind
_nextafter
longjmp
_wfopen

user32

MessageBoxW
EndDialog

atmlib

ATMFontAvailableA
ATMGetOutline
ATMGetGlyphListA
ATMGetBuildStr
ATMRemoveFontA
ATMClient
ATMGetNtmFieldsA
ATMFontStatusW
ATMSetFlags
ATMAddFontExW
ATMGetPostScriptNameW
ATMEnumMMFontsA
ATMGetVersionExW
ATMEnumFontsA

atl

AtlDevModeW2A
AtlModuleGetClassObject
AtlIPersistStreamInit_Load
AtlModuleRevokeClassObjects
AtlModuleTerm
AtlAxGetHost
AtlModuleAddCreateWndData
AtlHiMetricToPixel
AtlModuleUpdateRegistryFromResourceD
AtlPixelToHiMetric
AtlModuleUnRegisterTypeLib
AtlModuleRegisterWndClassInfoW
AtlAxAttachControl
AtlModuleRegisterClassObjects
AtlUnadvise
AtlAxDialogBoxA
AtlModuleUnregisterServer
AtlAxDialogBoxW
AtlGetVersion
AtlModuleInit
AtlModuleExtractCreateWndData
AtlModuleUnregisterServerEx
AtlIPersistPropertyBag_Load
AtlModuleRegisterWndClassInfoA
AtlGetObjectSourceInterface
AtlWaitWithMessageLoop

kernel32

IsBadReadPtr
GetProcessWorkingSetSize
GetOEMCP
GetProcessTimes
FileTimeToSystemTime
SetEvent
VirtualUnlock
CancelDeviceWakeupRequest
RemoveDirectoryW
LoadLibraryW
CreateFileMappingA
UnmapViewOfFile
DeviceIoControl
BindIoCompletionCallback
GetProfileSectionA
DefineDosDeviceW
SetFileShortNameA
RtlZeroMemory
Heap32ListFirst
GetExitCodeProcess
HeapCreate
GlobalHandle
EnumCalendarInfoA
EnumSystemCodePagesA

msdart

?RemoveTail@CLockedDoubleList@@QAEQAVCListEntry@@XZ
?_TryWriteLock@CReaderWriterLock2@@AAE_NJ@Z
?SetDefaultSpinCount@CSmallSpinLock@@SGXG@Z
MpHeapFree
?SetSpinCount@CSpinLock@@QAE_NG@Z
?_H1@CLKRLinearHashTable@@ABEKK@Z
?GetDefaultSpinAdjustmentFactor@CFakeLock@@SGNXZ
?ReadUnlock@CCritSec@@QAEXXZ
?SetDefaultSpinCount@CSpinLock@@SGXG@Z
?MaxSize@CLKRHashTable@@QBEKXZ

shell32

SHGetMalloc

Sections

.text
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2480fa2df410ee9825aa9525dc6b7ebf

Headers

File Characteristics

Imports

mtxoci

msvcrt

user32

atmlib

atl

kernel32

msdart

shell32

Sections

.text Size: 91KB - Virtual size: 90KB

.rdata Size: 36KB - Virtual size: 36KB

.data Size: 13KB - Virtual size: 81KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 91KB - Virtual size: 90KB

.rdata
Size: 36KB - Virtual size: 36KB

.data
Size: 13KB - Virtual size: 81KB

.rsrc
Size: 4KB - Virtual size: 3KB