bc41e0a7bc317aff9b595019f5e8125c47fc5684a6944debbaad06cffdca4a49

Sharing

Copy URL Twitter E-mail

General

Target

bc41e0a7bc317aff9b595019f5e8125c47fc5684a6944debbaad06cffdca4a49
Size

50KB
MD5

907cad6db2b0c0fdc66181c55d8e8009
SHA1

bc84bbca5f3bf90ac114397ae9abc8e6cde53d1e
SHA256

bc41e0a7bc317aff9b595019f5e8125c47fc5684a6944debbaad06cffdca4a49
SHA512

c38d36932319a3c55b853df12cb2e9324aa79279f6356bb39466442eb0cdf8569b066b68f7aee5ff47df899e3705f4bed848a9eeb44cf44704c23ef50c27de7f
SSDEEP

768:SkBpJl18mx1MHHNyalBIPsG34w+9Mdl2Q8x0n5ATr+L21ul+8b0Txs:xJzrUNyHPsUfd8u5A+LMf8es

Score

N/A

Malware Config

Signatures

Files

bc41e0a7bc317aff9b595019f5e8125c47fc5684a6944debbaad06cffdca4a49
.exe windows x86

3d8a140234e1faefc93b24590410a789

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

snmpapi

SnmpUtilOidToA
SnmpSvcGetEnterpriseOID
SnmpSvcSetLogLevel
SnmpSvcGetUptimeFromTime
SnmpTfxQuery
SnmpSvcGetUptime
SnmpUtilMemFree
SnmpUtilOctetsCmp
SnmpUtilIdsToA
SnmpTfxClose
SnmpUtilUnicodeToUTF8
SnmpSvcAddrIsIpx
SnmpUtilOidAppend
SnmpSvcInitUptime
SnmpUtilOctetsNCmp
SnmpUtilOctetsCpy
SnmpUtilUTF8ToUnicode
SnmpUtilPrintAsnAny
SnmpUtilOctetsFree
SnmpUtilVarBindListCpy
SnmpUtilAsnAnyCpy
SnmpUtilOidCmp
SnmpUtilOidNCmp
SnmpUtilVarBindFree
SnmpUtilMemReAlloc
SnmpUtilOidCpy
SnmpUtilVarBindListFree
SnmpUtilPrintOid
SnmpUtilDbgPrint
SnmpTfxOpen
SnmpUtilAnsiToUnicode
SnmpSvcAddrToSocket

msvcrt

__set_app_type
_sleep
__setusermatherr
_mbccpy
_cabs
wprintf
_mbctohira
_vsnwprintf
__getmainargs
_telli64
_strtoui64
_ismbcprint
ungetwc
_wcserror
strcmp
_tell
exit
__p__commode
_CIcos
_filelengthi64
_wexecl
_cwscanf
_get_sbh_threshold
__p__fileinfo
tolower
wcstok
setbuf
gmtime
_Gettnames
_execvp
_unlink

rtm

RtmDeleteRouteToDest
DumpTable
MgmGroupEnumerationStart
RtmGetEnumRoutes
RtmGetRegisteredEntities
RtmGetListEnumRoutes
MgmGetFirstMfeStats
RtmLockDestination
RtmReleaseEntityInfo
RtmGetInstanceInfo
RtmGetEntityMethods
RtmIsMarkedForChangeNotification
RtmUpdateAndUnlockRoute
SearchInTable
RtmDeleteNextHop
RtmReleaseRouteInfo
MgmDeRegisterMProtocol
RtmHoldDestination
RtmGetNextHopPointer
RtmReleaseEntities
RtmDeleteEnumHandle
RtmGetLessSpecificDestination
RtmLookupIPDestination
RtmGetEntityInfo
RtmBlockMethods
MgmGetMfe
CheckTable
RtmGetAddressFamilyInfo
MgmDeleteGroupMembershipEntry
RtmGetExactMatchRoute

kernel32

EndUpdateResourceW
SetVolumeLabelW
HeapCreate
LoadLibraryA
FindActCtxSectionGuid
BaseCheckAppcompatCache
InitializeCriticalSection
FindActCtxSectionStringW
IsValidLocale
lstrcmpA
SetTimerQueueTimer
Toolhelp32ReadProcessMemory
GetStartupInfoW
VirtualAlloc
GetACP
GetSystemDefaultLCID
GetFileAttributesA
VirtualAllocEx
GetMailslotInfo
GetFileSize
IsDBCSLeadByteEx
SetCommConfig
HeapSize
OpenSemaphoreW
RemoveVectoredExceptionHandler
Module32First
WriteTapemark
OpenJobObjectA
VDMConsoleOperation
lstrcatA
GetPrivateProfileIntW
GetProcessAffinityMask

ureg

?SaveKeyToFile@REGISTRY@@QAEEW4_PREDEFINED_KEY@@PAVREGISTRY_KEY_INFO@@PBVWSTRING@@PAK@Z
?UnLoadHive@REGISTRY@@QAEEW4_PREDEFINED_KEY@@PAVREGISTRY_KEY_INFO@@PAK@Z
?Initialize@REGISTRY_KEY_INFO@@QAEEPBVWSTRING@@0K0PAU_SECURITY_ATTRIBUTES@@@Z
??0REGISTRY@@QAE@XZ
??0REGISTRY_KEY_INFO@@QAE@XZ
?QueryValues@REGISTRY@@QAEEW4_PREDEFINED_KEY@@PBVWSTRING@@1PAVARRAY@@PAK@Z
?UpdateKeyInfo@REGISTRY@@QAEEW4_PREDEFINED_KEY@@PAVREGISTRY_KEY_INFO@@PAK@Z
?RestoreKeyFromFile@REGISTRY@@QAEEW4_PREDEFINED_KEY@@PAVREGISTRY_KEY_INFO@@PBVWSTRING@@EPAK@Z
?DeleteKey@REGISTRY@@QAEEW4_PREDEFINED_KEY@@PAVREGISTRY_KEY_INFO@@PBVWSTRING@@PAK@Z
?Initialize@REGISTRY_VALUE_ENTRY@@QAEEPBVWSTRING@@KW4_REG_TYPE@@PBEK@Z
?Initialize@REGISTRY@@QAEEPBVWSTRING@@PAK@Z
?EnableRootNotification@REGISTRY@@QAEEW4_PREDEFINED_KEY@@PAXKE@Z
?QuerySubKeysInfo@REGISTRY@@QAEEW4_PREDEFINED_KEY@@PBVWSTRING@@1PAVARRAY@@PAK@Z
?CreateKey@REGISTRY@@QAEEW4_PREDEFINED_KEY@@PAVREGISTRY_KEY_INFO@@1PAKE@Z
?QueryKeySecurity@REGISTRY@@QAEEW4_PREDEFINED_KEY@@PBVREGISTRY_KEY_INFO@@KPAPAXPAK@Z
?DoesKeyExist@REGISTRY@@QAEEW4_PREDEFINED_KEY@@PBVWSTRING@@1PAK@Z
??0REGISTRY_VALUE_ENTRY@@QAE@XZ
?DeleteValueEntry@REGISTRY@@QAEEW4_PREDEFINED_KEY@@PAVREGISTRY_KEY_INFO@@PBVWSTRING@@PAK@Z
?QueryKeyInfo@REGISTRY@@QAEEW4_PREDEFINED_KEY@@PBVWSTRING@@1PAVREGISTRY_KEY_INFO@@PAK@Z
??1REGISTRY@@UAE@XZ
?SetKeySecurity@REGISTRY@@QAEEW4_PREDEFINED_KEY@@PAVREGISTRY_KEY_INFO@@KPAXPAKE@Z
?DoesValueExist@REGISTRY@@QAEEW4_PREDEFINED_KEY@@PBVWSTRING@@11PAK@Z
?LoadHive@REGISTRY@@QAEEW4_PREDEFINED_KEY@@PAVREGISTRY_KEY_INFO@@PBVWSTRING@@PAK@Z
?IsAccessAllowed@REGISTRY@@QAEEW4_PREDEFINED_KEY@@PAVREGISTRY_KEY_INFO@@KPAK@Z

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3d8a140234e1faefc93b24590410a789

Headers

DLL Characteristics

File Characteristics

Imports

snmpapi

msvcrt

rtm

kernel32

ureg

Sections

.text Size: 35KB - Virtual size: 34KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 35KB - Virtual size: 34KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 6KB - Virtual size: 6KB