31e2a0d3f6f13fc77c14fc88317965719d826d5be2ff1e8fa1168df7c4699e74

Sharing

Copy URL Twitter E-mail

General

Target

31e2a0d3f6f13fc77c14fc88317965719d826d5be2ff1e8fa1168df7c4699e74
Size

84KB
MD5

8f143779d5c0015e5b984b05a1085643
SHA1

1d10891e4fe703e2703741c52e24f9f6b5652f3b
SHA256

31e2a0d3f6f13fc77c14fc88317965719d826d5be2ff1e8fa1168df7c4699e74
SHA512

9fd8b22d4129cb8e7293e81f81c56eacc5411a3eca2e7e292997989c1aa5b2567d144631d6f0cba58b2f1e486fc6d9e5265e8618606bff48e4014dfccff9f21a
SSDEEP

1536:oPVwFgSbuXMnnI1cjlfSsKkM6TV0yXAJTa7pafvXyD/:oPVkgSaMnntSs3AJW0XiD/

Score

N/A

Malware Config

Signatures

Files

31e2a0d3f6f13fc77c14fc88317965719d826d5be2ff1e8fa1168df7c4699e74
.exe windows x86

f3df333a72185c58d7e4bc9584bd8591

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetTextExtentPoint32A
ChoosePixelFormat
ResetDCW

msvbvm60

__vbaR8Sgn
__vbaLdZeroAry
__vbaVarLikeVar
GetMemNewObj
rtcLowerCaseBstr
rtI2FromErrVar
__vbaCopyBytes
__vbaLsetFixstrFree
__vbaVargParmRef
__vbaR4Var
__vbaAryVarVarg
rtUI1FromErrVar
rtcFormatNumber
rtcRightTrimBstr
__vbaVarTextCmpGt
__vbaObjSetAddref
rtcCreateObject2
rtcRemoveDir
rtcRate
rtcGetDayOfWeek
__vbaAryLock
rtcChangeDrive
rtcGetObject
__vbaRecUniToAnsi
__vbaUdtVar
__vbaLateMemNamedCallSt
__vbaVarTextLikeVar
__vbaVarForInit
__vbaGenerateBoundsError
rtcSetDateVar
rtcAnsiValueBstr
PutMem8
_CIlog
__vbaUI1I4
Zombie_Invoke

kernel32

CreateFileW
GetLastError
VirtualAlloc
CreateMutexA
CloseHandle

msvidctl

DllUnregisterServer
GetProxyDllInfo
DllCanUnloadNow
DllRegisterServer
DllGetClassObject

ieakeng

BToolbar_Remove
GetFavoritesNumber
NewFolder
DisplayADMItem
ProcessFavSelChange
ModifyRatings
ModifyAuthCode
CheckForDupKeys
SaveADMItem
ErrorMessageBox
BToolbar_Edit
CreateADMWindow
SelectADMItem
MoveUpFavorite
ShowInetcpl
MoveADMWindow
DoReboot
ModifyZones
CheckField
GetAdmWindowHandle
DestroyADMWindow
GetFavoritesMaxNumber
MoveDownFavorite
ShowADMWindow
CanDeleteADM
IsFavoriteItem
BuildPalette

sisbkup

SisRestoredCommonStoreFile

avifil32

EditStreamSetInfo
AVIFileOpen

netshell

DllGetClassObject
NcIsValidConnectionName
HrCreateDesktopIcon
NcFreeNetconProperties
DllCanUnloadNow
HrLaunchConnection
HrRenameConnection
DllRegisterServer
DllUnregisterServer

qdvd

DllUnregisterServer
DllGetClassObject
DllRegisterServer
DllCanUnloadNow

iprtprio

GetPriorityInfo
ComputeRouteMetric
SetPriorityInfo

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 480KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 820B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rdata
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f3df333a72185c58d7e4bc9584bd8591

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

msvbvm60

kernel32

msvidctl

ieakeng

sisbkup

avifil32

netshell

qdvd

iprtprio

Sections

.text Size: 3KB - Virtual size: 3KB

.data Size: - Virtual size: 480KB

.rsrc Size: 1024B - Virtual size: 820B

.reloc Size: 512B - Virtual size: 36B

.rdata Size: 114KB - Virtual size: 113KB

.text
Size: 3KB - Virtual size: 3KB

.data
Size: - Virtual size: 480KB

.rsrc
Size: 1024B - Virtual size: 820B

.reloc
Size: 512B - Virtual size: 36B

.rdata
Size: 114KB - Virtual size: 113KB