c83f71f866fcab0ae8f9d1613279abb9164ba2d61ede535402226f942eddc8d5

Sharing

Copy URL Twitter E-mail

General

Target

c83f71f866fcab0ae8f9d1613279abb9164ba2d61ede535402226f942eddc8d5
Size

51KB
MD5

e9688ff21ab6200221000662c054d689
SHA1

b39e679dd62488e870c4b1ddd3816578651453c2
SHA256

c83f71f866fcab0ae8f9d1613279abb9164ba2d61ede535402226f942eddc8d5
SHA512

cf96b4d98b0bb3a7c81eaf86f760f8bb4a129d1684edc1e6ff2ff67ff034a3bea1e857b2f193d3ca5053ba54742138fc29ebfcfb6c1b873506db74a325721ae2
SSDEEP

1536:VDuUPywBjUvNzMyojd3roxbSUApc4qpDna1:cUPywBInox38UFJqZa

Score

N/A

Malware Config

Signatures

Files

c83f71f866fcab0ae8f9d1613279abb9164ba2d61ede535402226f942eddc8d5
.exe windows x86

b6e2d026bb84f5f6014f5de884d828df

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

apphelp

SdbFindFirstTag
SdbInitDatabase
SdbReadWORDTagRef
SdbGetDatabaseMatch
ApphelpShowDialog
SdbReadWORDTag
SdbTagRefToTagID
SdbTagToString
SdbGetMsiPackageInformation
SdbGetStandardDatabaseGUID
SdbQueryDataEx
ApphelpUpdateCacheEntry
SdbCloseApphelpInformation
SdbReadBYTETagRef
SdbReadStringTag
SdbOpenDatabase
SdbFindFirstNamedTag
ApphelpCheckShellObject
SdbFindFirstTagRef
SdbCreateMsiTransformFile
SdbReadDWORDTag
ApphelpFixMsiPackage
ApphelpFreeFileAttributes
ApphelpCheckExe
AllowPermLayer
SdbReadStringTagRef

kernel32

LoadLibraryA
FindNextFileA
BaseUpdateAppcompatCache
RequestDeviceWakeup
ExitProcess
SetFileTime
GetNumaHighestNodeNumber
OpenEventA
AddVectoredExceptionHandler
ScrollConsoleScreenBufferW
CloseConsoleHandle
WriteTapemark
RegisterWaitForSingleObject
GetModuleHandleA
EnumCalendarInfoExW
InitializeCriticalSectionAndSpinCount
GetACP
GetConsoleCommandHistoryLengthA
OutputDebugStringW
GetLogicalDrives
FatalAppExitA
SetComputerNameExA
VirtualAlloc
EnumTimeFormatsA
OpenSemaphoreA
FreeLibrary
DebugBreak
GetConsoleInputExeNameW
GetSystemWindowsDirectoryW
RemoveDirectoryW

gdi32

GetTextExtentExPointI
SetBitmapAttributes
GetBitmapDimensionEx
EngLoadModule
GdiSetBatchLimit
EnumICMProfilesA
GdiGetDevmodeForPage
EngGetPrinterDataFileName
GetGlyphOutlineA
EngAssociateSurface
CreateBitmap
PolyPolyline
AngleArc
SelectFontLocal
GetSystemPaletteEntries
GdiGetBatchLimit
GetMiterLimit
GetTextExtentPoint32A
CopyMetaFileA
DdEntry49
DdEntry34
SetMapMode
GetICMProfileW
GdiSetPixelFormat
GdiEntry11
XFORMOBJ_bApplyXform
GetDIBits
DdEntry51
GdiEntry6
AbortDoc
DdEntry10

netapi32

NetApiBufferReallocate
I_BrowserDebugCall
NetFileGetInfo
NetConfigGet
NetReplExportDirUnlock
NetLocalGroupEnum
RxNetAccessGetInfo
NetUnregisterDomainNameChangeNotification
NetConfigGetAll
NetpGetConfigDword
I_BrowserDebugTrace
I_NetServerAuthenticate
I_NetlogonComputeServerDigest
NetGroupDel
RxNetUserPasswordSet
NetShareEnum
I_NetServerSetServiceBits
NetSetPrimaryComputerName
DsRoleDcAsDc
DsRoleDnsNameToFlatName
NetpCloseConfigData
NetApiBufferAllocate
NetErrorLogRead
NetReplImportDirDel
DsAddressToSiteNamesExA
NetMessageNameAdd
I_NetServerPasswordSet2
NetGroupEnum
I_BrowserQueryOtherDomains
NetMessageNameDel
DsRoleUpgradeDownlevelServer

ws2_32

sendto
WSCEnumProtocols
inet_addr
WSAAsyncSelect
getprotobyname
WSCDeinstallProvider
WSAStartup
gethostbyaddr
WSACancelAsyncRequest
WSCWriteNameSpaceOrder
getprotobynumber
WSAAccept
WSAStringToAddressW
WSAAsyncGetServByPort
WSASetLastError
WSAAsyncGetProtoByNumber
WSAAsyncGetServByName
recvfrom
socket
bind
WSCGetProviderPath
WSCUpdateProvider
WSASocketA
WSCInstallProvider
WSAEnumProtocolsA

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b6e2d026bb84f5f6014f5de884d828df

Headers

DLL Characteristics

File Characteristics

Imports

apphelp

kernel32

gdi32

netapi32

ws2_32

Sections

.text Size: 31KB - Virtual size: 31KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 31KB - Virtual size: 31KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 10KB - Virtual size: 10KB