f034916dec6bd376fd5560df0eb9385585c17312e1083e9d4b3821ac8e09404d

Sharing

Copy URL Twitter E-mail

General

Target

f034916dec6bd376fd5560df0eb9385585c17312e1083e9d4b3821ac8e09404d
Size

278KB
MD5

371348ab86940dcf33e7a4925645e8cc
SHA1

48b38971923261d37fb9eefa99fca7496882324f
SHA256

f034916dec6bd376fd5560df0eb9385585c17312e1083e9d4b3821ac8e09404d
SHA512

a32f2ba70be7da8d73dc3de08325504de97fc2751d74603d6eb7161e906d43e1c64d8ea455ee0e1f4af0059e71a8dd7981cb50b3eb6785b538203aea851fd14c
SSDEEP

6144:9XBmoZdsXxNJsrU4T9dO1qdWY3gKbOk2H03+av:BEudELct9dtWnKbOkGmv

Score

N/A

Malware Config

Signatures

Files

f034916dec6bd376fd5560df0eb9385585c17312e1083e9d4b3821ac8e09404d
.exe windows x86

0e2c5704c41dbad2f12a75398fec22f1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VARIANT_UserMarshal
BSTR_UserUnmarshal
BSTR_UserFree
BSTR_UserSize
VARIANT_UserUnmarshal
VARIANT_UserSize
BSTR_UserMarshal
VARIANT_UserFree

ole32

HWND_UserUnmarshal
HWND_UserSize
HWND_UserFree
HWND_UserMarshal

rpcrt4

CStdStubBuffer_QueryInterface
CStdStubBuffer_Disconnect
NdrStubCall2
IUnknown_Release_Proxy
IUnknown_AddRef_Proxy
CStdStubBuffer_Invoke
IUnknown_QueryInterface_Proxy
CStdStubBuffer_CountRefs
CStdStubBuffer_AddRef
CStdStubBuffer_IsIIDSupported
NdrStubForwardingFunction
CStdStubBuffer_Connect
NdrDllUnregisterProxy
NdrOleFree
NdrClientCall2
NdrDllGetClassObject
NdrDllCanUnloadNow
CStdStubBuffer_DebugServerQueryInterface
NdrDllRegisterProxy
NdrCStdStubBuffer_Release
CStdStubBuffer_DebugServerRelease
NdrCStdStubBuffer2_Release
NdrOleAllocate

kernel32

GetFileType
InitializeCriticalSectionAndSpinCount
IsDebuggerPresent
DeleteCriticalSection
GetModuleHandleW
TlsAlloc
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
SetLastError
TlsSetValue
HeapReAlloc
LeaveCriticalSection
HeapAlloc
HeapFree
EnterCriticalSection
TlsFree
FreeEnvironmentStringsW
TlsGetValue
GetSystemTimeAsFileTime
WideCharToMultiByte
GetCommandLineA
UnhandledExceptionFilter
RtlUnwind
IsValidCodePage
GetCurrentThreadId
HeapDestroy
WriteFile
LCMapStringW
GetOEMCP
HeapSize
GetStdHandle
GetACP
SetHandleCount
IsValidLocale
VirtualAllocEx
LoadLibraryA
DuplicateHandle
OpenSemaphoreW
lstrcmpi
GetDateFormatW
lstrcatA
ConnectNamedPipe
OpenWaitableTimerW
EnumCalendarInfoA
GetNumberFormatA
CreateNamedPipeW
CreateDirectoryA
GetExpandedNameA
FindAtomW
GlobalFindAtomA
OpenMutexA
GetHandleInformation
lstrlenW
ExpandEnvironmentStringsA
OpenEventW
GetTimeFormatA
CreateMailslotA
SearchPathW
lstrcpynA
CreateThread
GetDateFormatA
CreateEventW
SetComputerNameW
SetCurrentDirectoryA
CreateMailslotW
FindResourceA
BeginUpdateResourceW
SetErrorMode
CopyFileA
GetAtomNameW
GetSystemDefaultLCID
GetLogicalDriveStringsA
GetSystemDefaultLangID
GetCalendarInfoW
FileTimeToSystemTime
GlobalGetAtomNameW
LocalAlloc
OpenWaitableTimerA
CreateMutexA
GetFullPathNameW
GetCalendarInfoA
EnumCalendarInfoW
GetTimeFormatW
ReplaceFileW
GetTempPathA
ExpandEnvironmentStringsW
ReplaceFileA
GetFullPathNameA
GetWindowsDirectoryW
MulDiv
DosDateTimeToFileTime
AddAtomW
GlobalFindAtomW
IsBadStringPtrW
CreateMutexW
lstrcmp
GetTempFileNameW
lstrcpyW
GetLongPathNameW
CreateSemaphoreW
lstrlenA
GetWindowsDirectoryA
MoveFileA
AddAtomA
GetTempPathW
EnumDateFormatsA
GetNumberFormatW
FindResourceW
QueryPerformanceFrequency
lstrcmpW
OpenFile
GetSystemDirectoryA
GetLocalTime
GetComputerNameA
GetSystemInfo
OpenSemaphoreA
WinExec
WaitForSingleObject
CreateDirectoryW
Beep
RaiseException
SetCalendarInfoW
DisconnectNamedPipe
GetCurrentDirectoryA
lstrcmpA
OpenEventA
GetTempFileNameA
GetLongPathNameA
WaitForMultipleObjects
ReadDirectoryChangesW
GetSystemDirectoryW
GetDiskFreeSpaceA
lstrcmpiW
GetVolumeInformationW
LoadResource
OpenMutexW
GetLogicalDriveStringsW
MoveFileW
LocalFree
lstrcpynW
EnumDateFormatsW
IsBadCodePtr
GetSystemTime
EnumTimeFormatsA
lstrcpy
SetCalendarInfoA
FileTimeToDosDateTime
SleepEx
lstrcpyA

cscdll

CSCEnumForStatsW
CSCIsServerOfflineW
CSCFindClose
CSCTransitionServerOnlineW
CSCUnpinFileW
CSCFindFirstFileW
CSCDeleteW

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 383KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 237KB - Virtual size: 5.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e2c5704c41dbad2f12a75398fec22f1

Headers

File Characteristics

Imports

oleaut32

ole32

rpcrt4

kernel32

cscdll

Sections

.text Size: 19KB - Virtual size: 19KB

.rdata Size: 5KB - Virtual size: 383KB

.data Size: 237KB - Virtual size: 5.7MB

.rsrc Size: 15KB - Virtual size: 14KB

.text
Size: 19KB - Virtual size: 19KB

.rdata
Size: 5KB - Virtual size: 383KB

.data
Size: 237KB - Virtual size: 5.7MB

.rsrc
Size: 15KB - Virtual size: 14KB