bbd09052a575725baeafac744ca5cae5d4fb456d42ae8d279261a4b37290ab6b

Sharing

Copy URL Twitter E-mail

General

Target

bbd09052a575725baeafac744ca5cae5d4fb456d42ae8d279261a4b37290ab6b
Size

820KB
MD5

8290f48938199b1e3be63d95bfff56f4
SHA1

ceb4586c17c08f0e646a8d857a095fb597644d9d
SHA256

bbd09052a575725baeafac744ca5cae5d4fb456d42ae8d279261a4b37290ab6b
SHA512

e48e924fef75100048bb837484ae0df86765cf19918fc71b628061d9b3074843ef2b267d5da260c922c7dbd5ed2ce0b7b51760c4252556dc7d31158ca8f00dc9
SSDEEP

24576:IO9bPv1RYzB3xhcDXT5yRH7eA/FCczVhw:d9bPv1RYDhcDj5eDd5Vhw

Score

N/A

Malware Config

Signatures

Files

bbd09052a575725baeafac744ca5cae5d4fb456d42ae8d279261a4b37290ab6b
.exe windows x86

8b59ccf006294484fb1487060680c5e5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceExW
GlobalFindAtomW
GetProcAddress
IsProcessInJob
LoadLibraryA
TerminateJobObject
SetLastError
IsValidCodePage
WritePrivateProfileSectionW
GetUserDefaultUILanguage
SetConsoleKeyShortcuts

ole32

SetErrorInfo
OleSetContainedObject
CoIsHandlerConnected
OleGetIconOfFile
CoRevokeMallocSpy
OleMetafilePictFromIconAndLabel
HBRUSH_UserFree
HMETAFILEPICT_UserSize
CoEnableCallCancellation
HDC_UserUnmarshal

wintrust

CryptCATPersistStore
WTHelperGetProvCertFromChain
WTHelperIsInRootStore
WintrustRemoveActionID
MsCatConstructHashTag
WVTAsn1SpcSigInfoDecode
mssip32DllUnregisterServer
WTHelperGetProvPrivateDataFromChain
TrustIsCertificateSelfSigned
WintrustCertificateTrust
CryptCATAdminEnumCatalogFromHash
DriverFinalPolicy

msvcirt

?x_lockc@ios@@0U_CRT_CRITICAL_SECTION@@A
?unlock@streambuf@@QAEXXZ
?sunk_with_stdio@ios@@0HA
??5istream@@QAEAAV0@AAO@Z
??0ostream_withassign@@QAE@PAVstreambuf@@@Z
??6ostream@@QAEAAV0@PAVstreambuf@@@Z
??_Gstrstream@@UAEPAXI@Z
??_Distream_withassign@@QAEXXZ
?pptr@streambuf@@IBEPADXZ
??_8ostrstream@@7B@
??_Gistrstream@@UAEPAXI@Z
??_Eistream@@UAEPAXI@Z
??4istream_withassign@@QAEAAVistream@@PAVstreambuf@@@Z
?unbuffered@streambuf@@IBEHXZ
??4ifstream@@QAEAAV0@ABV0@@Z
??1ofstream@@UAE@XZ
?basefield@ios@@2JB
?seekoff@streambuf@@UAEJJW4seek_dir@ios@@H@Z
?getline@istream@@QAEAAV1@PADHD@Z
?rdbuf@stdiostream@@QBEPAVstdiobuf@@XZ
?sync@filebuf@@UAEHXZ
?width@ios@@QAEHH@Z
?seekp@ostream@@QAEAAV1@J@Z

msvcrt

__set_app_type
__getmainargs
__p__commode
exit

Sections

.text
Size: 387KB - Virtual size: 386KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 189KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8b59ccf006294484fb1487060680c5e5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

wintrust

msvcirt

msvcrt

Sections

.text Size: 387KB - Virtual size: 386KB

.rdata Size: 105KB - Virtual size: 104KB

.data Size: 189KB - Virtual size: 1.6MB

.rsrc Size: 137KB - Virtual size: 136KB

.reloc Size: 1024B - Virtual size: 912B

.text
Size: 387KB - Virtual size: 386KB

.rdata
Size: 105KB - Virtual size: 104KB

.data
Size: 189KB - Virtual size: 1.6MB

.rsrc
Size: 137KB - Virtual size: 136KB

.reloc
Size: 1024B - Virtual size: 912B