b489bd9c558bb1b082af9c8edae1ba315fccd9ccd6d54e71a96b1dbe21a61ddb

Sharing

Copy URL Twitter E-mail

General

Target

b489bd9c558bb1b082af9c8edae1ba315fccd9ccd6d54e71a96b1dbe21a61ddb
Size

68KB
MD5

d1fcda6dd5c8f54efb9de72ad0f51c29
SHA1

d0049fc897b4549d4328484d4666c34ed4d9441f
SHA256

b489bd9c558bb1b082af9c8edae1ba315fccd9ccd6d54e71a96b1dbe21a61ddb
SHA512

d44bb75f09a7d2bb3408191919b7774937956726dbbbc21f99d85524dfd67586d6b3b189b356111bcef3264e72662c3b211e064cae7a15d11b55b32bd71c73dc
SSDEEP

1536:9nIeq3349eVyTCLNQHQeyctRyTSQPLQwJLNBqS69uzB/tWHoXXXSa:9nCwRCLuHQuRcHBq/9+wHoXXXSa

Score

N/A

Malware Config

Signatures

Files

b489bd9c558bb1b082af9c8edae1ba315fccd9ccd6d54e71a96b1dbe21a61ddb
.exe windows x86

e157bdd2b7ba634bbd484acda0deb0a3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForDebugEvent
EnumResourceNamesW
LoadLibraryA
GetVolumePathNamesForVolumeNameA
EnumerateLocalComputerNamesW
GlobalAlloc
ExpungeConsoleCommandHistoryA
ConsoleMenuControl
DosDateTimeToFileTime
lstrcpyW
GetVolumeNameForVolumeMountPointA
CreateActCtxA
LZSeek
VirtualAlloc
SetConsoleFont
EnumLanguageGroupLocalesW
PrivMoveFileIdentityW
GetCalendarInfoA
GlobalCompact
GetEnvironmentStringsW
GetTapePosition
ResumeThread
FindClose
GetStartupInfoA
GetTempFileNameW
MulDiv
GetCommState
EnumDateFormatsW
Heap32ListNext
HeapDestroy
EnumSystemLanguageGroupsW
GetDiskFreeSpaceExA
VirtualFree
SetStdHandle
AddConsoleAliasA
LocalHandle
SetTapeParameters
FindFirstVolumeMountPointA
GetLocalTime
FindVolumeClose
DeleteFileA
GetCurrentThread
GetConsoleScreenBufferInfo
CreatePipe

oleaut32

VarI2FromUI1
OleLoadPicturePath
VarDateFromI2
VarUI4FromUI1
VarI1FromUI8
VarSub
VarDecAdd
VarUI8FromI1
VarDecNeg
VarI8FromUI8
VarUI4FromR4
VariantClear
VarR8FromI2
VariantTimeToDosDateTime
VarDecFromUI8
VarUI1FromStr
VarUI8FromR4
VarI4FromI2
OleLoadPicture

gdi32

OffsetClipRgn
GetEUDCTimeStamp
EngQueryLocalTime
TextOutW
SetBitmapDimensionEx
DeleteMetaFile
GdiDeleteLocalDC
GetCharWidth32W
GdiEntry12
UpdateICMRegKeyA
DdEntry26
DdEntry9
SetGraphicsMode
DdEntry11
PATHOBJ_vGetBounds
GetEnhMetaFileW
CreateBrushIndirect
SetPolyFillMode
EnumMetaFile
GetTextExtentPoint32W

mtxoci

oermsg
oexec
obndra
orol
olog
ologof
MTxOciRegisterCursor
ologTransacted
oerhms
oflng
oopt
oexn
oparse
odessp
ocan
GetXaSwitch
odescr
oexfet

apphelp

AllowPermLayer
SdbReadBYTETagRef
SdbReadDWORDTagRef
SdbInitDatabase
ApphelpCheckShellObject
SdbOpenApphelpInformation
GetPermLayers
SdbReadWORDTagRef
SdbTagToString
SdbReadQWORDTag
SdbFindNextTag
ApphelpGetFileAttributes
SdbGetBinaryTagData
ApphelpUpdateCacheEntry
ShimFlushCache
SdbFindNextTagRef
ApphelpCheckIME
SdbReadDWORDTag

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 194KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e157bdd2b7ba634bbd484acda0deb0a3

Headers

File Characteristics

Imports

kernel32

oleaut32

gdi32

mtxoci

apphelp

Sections

.text Size: 18KB - Virtual size: 18KB

Size: 20KB - Virtual size: 19KB

.data Size: 25KB - Virtual size: 194KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 18KB - Virtual size: 18KB

.data
Size: 25KB - Virtual size: 194KB

.rsrc
Size: 4KB - Virtual size: 3KB