b5f5502a2e3762171f79d210a4d1b0db5b796f7ac038df8df62bce6eba740df4

Sharing

Copy URL Twitter E-mail

General

Target

b5f5502a2e3762171f79d210a4d1b0db5b796f7ac038df8df62bce6eba740df4
Size

410KB
MD5

44c6c668c60df76cdc3e691e7e9bf59d
SHA1

4a8757550c89b6f8004fdac52ffc3c11e7a4bda3
SHA256

b5f5502a2e3762171f79d210a4d1b0db5b796f7ac038df8df62bce6eba740df4
SHA512

27cf3e7ab72b59739158ca6743ee1437c26ebda610d894b20adbfe6034a19758923ce296d7c0a48196da2ee1de41a38280daf703539532b14c1e7941b0ad6062
SSDEEP

6144:5fS1T7dHgExcz9rmRQhPQgRnVW6d0u3dHJx7NpI5BjG0YnR7XSzuxQ6PCpQPvKg:5fuT7dYFqQBlRsJONgSRnxQ6qa

Score

N/A

Malware Config

Signatures

Files

b5f5502a2e3762171f79d210a4d1b0db5b796f7ac038df8df62bce6eba740df4
.exe windows x86

773b794448afc4b2394f0e06faa87e3c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

apphelp

SdbReadMsiTransformInfo
ApphelpFreeFileAttributes
SdbReadDWORDTagRef
SdbReadEntryInformation
ApphelpGetNTVDMInfo
SdbResolveDatabase
SdbEnumMsiTransforms
SdbGrabMatchingInfo
SdbCloseDatabase
SdbGetPermLayerKeys
SdbQueryApphelpInformation
SdbGetFirstChild
SdbQueryDataEx
SdbOpenApphelpDetailsDatabase
SdbUnregisterDatabase
SdbFindNextTag
SdbGetMsiPackageInformation

msvcirt

?getline@istream@@QAEAAV1@PACHD@Z
??0istrstream@@QAE@PADH@Z
?close@filebuf@@QAEPAV1@XZ
?setbuf@fstream@@QAEPAVstreambuf@@PADH@Z
??5istream@@QAEAAV0@AAI@Z
??4fstream@@QAEAAV0@AAV0@@Z
??_Distrstream@@QAEXXZ
?close@ofstream@@QAEXXZ
??0ostrstream@@QAE@XZ
??1ostream@@UAE@XZ
??_Elogic_error@@UAEPAXI@Z
?underflow@strstreambuf@@UAEHXZ
??0istream_withassign@@QAE@PAVstreambuf@@@Z
??4istream_withassign@@QAEAAVistream@@PAVstreambuf@@@Z
??_8stdiostream@@7Bostream@@@
??4stdiostream@@QAEAAV0@AAV0@@Z
??Bios@@QBEPAXXZ
??1iostream@@UAE@XZ
?unsetf@ios@@QAEJJ@Z
??0logic_error@@QAE@ABQBD@Z
?sync@stdiobuf@@UAEHXZ
??4istrstream@@QAEAAV0@ABV0@@Z
?rdbuf@ofstream@@QBEPAVfilebuf@@XZ
??_Gstreambuf@@UAEPAXI@Z

msdart

?FindKey@CLKRLinearHashTable@@QBE?AW4LK_RETCODE@@KPAPBX@Z
FXMemAttach
?_TryWriteLock@CReaderWriterLock3@@AAE_NJ@Z
?_DeleteRecord@CLKRLinearHashTable@@AAE?AW4LK_RETCODE@@PBXK@Z
?_CalcKeyHash@CLKRLinearHashTable@@ABEKK@Z
?ReadOrWriteLock@CFakeLock@@QAE_NXZ
?GetStatistics@CLKRLinearHashTable@@QBE?AVCLKRHashTableStats@@XZ
?ConvertExclusiveToShared@CLKRHashTable@@QBEXXZ
?ReadLock@CSpinLock@@QAEXXZ
??1CDoubleList@@QAE@XZ
?Lock@CLockedDoubleList@@QAEXXZ
?GetDefaultSpinCount@CReaderWriterLock@@SGGXZ
?IsLocked@CLockedDoubleList@@QBE_NXZ
?CreateHolder@@YGJPAUIGPDispenser@@HIPAPAUIGPHolder@@@Z
?IsWin95@CMdVersionInfo@@SAHXZ
?ReadUnlock@CSmallSpinLock@@QAEXXZ
FXMemDetach
?Size@CLKRLinearHashTable@@QBEKXZ
?Pop@CSingleList@@QAEQAVCSingleListEntry@@XZ
?ConvertSharedToExclusive@CSpinLock@@QAEXXZ
?_TryLock@CSpinLock@@AAE_NXZ
?WriteUnlock@CReaderWriterLock@@QAEXXZ
?sm_dblDfltSpinAdjFctr@CReaderWriterLock@@1NA
?IsEmpty@CLockedDoubleList@@QBE_NXZ

wsnmp32

SnmpClose
SnmpEncodeMsg
SnmpStrToEntity
SnmpFreeDescriptor
SnmpCountVbl
SnmpRegister
SnmpStrToOid
SnmpSetVb
SnmpGetVendorInfo
SnmpListen
_SnmpSetAgentAddress@4
SnmpDecodeMsg
SnmpCreateSession
SnmpGetTranslateMode
SnmpGetPduData
SnmpCleanup
SnmpGetRetry
SnmpDuplicatePdu
SnmpFreeEntity
SnmpSetTimeout
SnmpCreatePdu
SnmpOidCopy
SnmpSetPduData
SnmpSetRetry
SnmpSetRetransmitMode
SnmpGetTimeout

netapi32

NetpGetConfigTStrArray
NetpwPathType
NetServerDiskEnum
NetApiBufferAllocate
NetUserSetInfo
NetUserGetLocalGroups
NetpDbgPrint
DsAddressToSiteNamesA
NetShareGetInfo
NetLocalGroupDelMember
Netbios
NetReplSetInfo
NetDfsAddFtRoot

kernel32

WriteConsoleOutputAttribute
GetThreadTimes
LoadLibraryW
GetCurrentThread
lstrcpyn
GetLongPathNameA
FindNextVolumeMountPointW
FreeEnvironmentStringsA
CreateIoCompletionPort
WriteProfileSectionA
QueryPerformanceCounter
GetModuleHandleW
GetLocaleInfoW
GetConsoleInputExeNameA

Sections

.text
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

773b794448afc4b2394f0e06faa87e3c

Headers

File Characteristics

Imports

apphelp

msvcirt

msdart

wsnmp32

netapi32

kernel32

Sections

.text Size: 166KB - Virtual size: 166KB

.rdata Size: 88KB - Virtual size: 87KB

.data Size: 14KB - Virtual size: 14KB

.rsrc Size: 139KB - Virtual size: 138KB

.text
Size: 166KB - Virtual size: 166KB

.rdata
Size: 88KB - Virtual size: 87KB

.data
Size: 14KB - Virtual size: 14KB

.rsrc
Size: 139KB - Virtual size: 138KB