a7c9aac3f90411722965eda752c64f7a65314d9a470d3bbccf415d23c49948f0

Sharing

Copy URL

Twitter E-mail

General

Target

a7c9aac3f90411722965eda752c64f7a65314d9a470d3bbccf415d23c49948f0
Size

410KB
MD5

7395ea8b4d9e3fd862e7340d4f127283
SHA1

218008234e89fa324d753fb7debfb3a41ecab4c1
SHA256

a7c9aac3f90411722965eda752c64f7a65314d9a470d3bbccf415d23c49948f0
SHA512

364c247db5f782fa0e6d8f31f527e3ac3edaaead1e2bec1d78cf704210e78e460c12c481a231a5363c1f869507f9db93669cad4260abdb64e664a125215fbb76
SSDEEP

6144:5fS1T7dHgExcz9rmRQhPQgRnVW6d0u3dHJx7NpI5BjG0YnR7XSzuxQ6PCpQPvKY:5fuT7dYFqQBlRsJONgSRnxQ6qC

Score

N/A

Malware Config

Signatures

Files

a7c9aac3f90411722965eda752c64f7a65314d9a470d3bbccf415d23c49948f0
.exe windows x86

773b794448afc4b2394f0e06faa87e3c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

apphelp

SdbReadMsiTransformInfo
ApphelpFreeFileAttributes
SdbReadDWORDTagRef
SdbReadEntryInformation
ApphelpGetNTVDMInfo
SdbResolveDatabase
SdbEnumMsiTransforms
SdbGrabMatchingInfo
SdbCloseDatabase
SdbGetPermLayerKeys
SdbQueryApphelpInformation
SdbGetFirstChild
SdbQueryDataEx
SdbOpenApphelpDetailsDatabase
SdbUnregisterDatabase
SdbFindNextTag
SdbGetMsiPackageInformation

msvcirt

?getline@istream@@QAEAAV1@PACHD@Z
??0istrstream@@QAE@PADH@Z
?close@filebuf@@QAEPAV1@XZ
?setbuf@fstream@@QAEPAVstreambuf@@PADH@Z
??5istream@@QAEAAV0@AAI@Z
??4fstream@@QAEAAV0@AAV0@@Z
??_Distrstream@@QAEXXZ
?close@ofstream@@QAEXXZ
??0ostrstream@@QAE@XZ
??1ostream@@UAE@XZ
??_Elogic_error@@UAEPAXI@Z
?underflow@strstreambuf@@UAEHXZ
??0istream_withassign@@QAE@PAVstreambuf@@@Z
??4istream_withassign@@QAEAAVistream@@PAVstreambuf@@@Z
??_8stdiostream@@7Bostream@@@
??4stdiostream@@QAEAAV0@AAV0@@Z
??Bios@@QBEPAXXZ
??1iostream@@UAE@XZ
?unsetf@ios@@QAEJJ@Z
??0logic_error@@QAE@ABQBD@Z
?sync@stdiobuf@@UAEHXZ
??4istrstream@@QAEAAV0@ABV0@@Z
?rdbuf@ofstream@@QBEPAVfilebuf@@XZ
??_Gstreambuf@@UAEPAXI@Z

msdart

?FindKey@CLKRLinearHashTable@@QBE?AW4LK_RETCODE@@KPAPBX@Z
FXMemAttach
?_TryWriteLock@CReaderWriterLock3@@AAE_NJ@Z
?_DeleteRecord@CLKRLinearHashTable@@AAE?AW4LK_RETCODE@@PBXK@Z
?_CalcKeyHash@CLKRLinearHashTable@@ABEKK@Z
?ReadOrWriteLock@CFakeLock@@QAE_NXZ
?GetStatistics@CLKRLinearHashTable@@QBE?AVCLKRHashTableStats@@XZ
?ConvertExclusiveToShared@CLKRHashTable@@QBEXXZ
?ReadLock@CSpinLock@@QAEXXZ
??1CDoubleList@@QAE@XZ
?Lock@CLockedDoubleList@@QAEXXZ
?GetDefaultSpinCount@CReaderWriterLock@@SGGXZ
?IsLocked@CLockedDoubleList@@QBE_NXZ
?CreateHolder@@YGJPAUIGPDispenser@@HIPAPAUIGPHolder@@@Z
?IsWin95@CMdVersionInfo@@SAHXZ
?ReadUnlock@CSmallSpinLock@@QAEXXZ
FXMemDetach
?Size@CLKRLinearHashTable@@QBEKXZ
?Pop@CSingleList@@QAEQAVCSingleListEntry@@XZ
?ConvertSharedToExclusive@CSpinLock@@QAEXXZ
?_TryLock@CSpinLock@@AAE_NXZ
?WriteUnlock@CReaderWriterLock@@QAEXXZ
?sm_dblDfltSpinAdjFctr@CReaderWriterLock@@1NA
?IsEmpty@CLockedDoubleList@@QBE_NXZ

wsnmp32

SnmpClose
SnmpEncodeMsg
SnmpStrToEntity
SnmpFreeDescriptor
SnmpCountVbl
SnmpRegister
SnmpStrToOid
SnmpSetVb
SnmpGetVendorInfo
SnmpListen
_SnmpSetAgentAddress@4
SnmpDecodeMsg
SnmpCreateSession
SnmpGetTranslateMode
SnmpGetPduData
SnmpCleanup
SnmpGetRetry
SnmpDuplicatePdu
SnmpFreeEntity
SnmpSetTimeout
SnmpCreatePdu
SnmpOidCopy
SnmpSetPduData
SnmpSetRetry
SnmpSetRetransmitMode
SnmpGetTimeout

netapi32

NetpGetConfigTStrArray
NetpwPathType
NetServerDiskEnum
NetApiBufferAllocate
NetUserSetInfo
NetUserGetLocalGroups
NetpDbgPrint
DsAddressToSiteNamesA
NetShareGetInfo
NetLocalGroupDelMember
Netbios
NetReplSetInfo
NetDfsAddFtRoot

kernel32

WriteConsoleOutputAttribute
GetThreadTimes
LoadLibraryW
GetCurrentThread
lstrcpyn
GetLongPathNameA
FindNextVolumeMountPointW
FreeEnvironmentStringsA
CreateIoCompletionPort
WriteProfileSectionA
QueryPerformanceCounter
GetModuleHandleW
GetLocaleInfoW
GetConsoleInputExeNameA

Sections

.text
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

773b794448afc4b2394f0e06faa87e3c

Headers

File Characteristics

Imports

apphelp

msvcirt

msdart

wsnmp32

netapi32

kernel32

Sections

.text Size: 166KB - Virtual size: 166KB

.rdata Size: 88KB - Virtual size: 87KB

.data Size: 14KB - Virtual size: 14KB

.rsrc Size: 139KB - Virtual size: 138KB

.text
Size: 166KB - Virtual size: 166KB

.rdata
Size: 88KB - Virtual size: 87KB

.data
Size: 14KB - Virtual size: 14KB

.rsrc
Size: 139KB - Virtual size: 138KB