b494c955ee16e5696d5853bde8368d15596377c1994e717a580a22918d6fd033

Sharing

Copy URL Twitter E-mail

General

Target

b494c955ee16e5696d5853bde8368d15596377c1994e717a580a22918d6fd033
Size

366KB
MD5

5d5faa6f7d5961d8d4e447eb0851d76e
SHA1

c75921dc5900344d6581fe4961fb1a3709b22a86
SHA256

b494c955ee16e5696d5853bde8368d15596377c1994e717a580a22918d6fd033
SHA512

37b82c3b97d6ab7f783ac3d9edc0e6e3f331d15508905b1dee6238c6d123c5d7f411ea3c7c76446ee0db04f7219ce57ec0a0852e08e1577bc725db6d34bbfd1e
SSDEEP

6144:H7fxg27177AYV1kTWtFRdjVnww1nfyeafFj9dcOtHTp2jPKYp3jgGvsRZ7PSx3dl:ba2BNjk6tFRdBNnT6d/tHTpgKjl/PW

Score

N/A

Malware Config

Signatures

Files

b494c955ee16e5696d5853bde8368d15596377c1994e717a580a22918d6fd033
.exe windows x86

9edd3ac80f83e315fda3e985a7f83424

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oledlg

OleUIPasteSpecialW
OleUIChangeIconW
OleUIAddVerbMenuA
OleUIUpdateLinksW
OleUIBusyA
OleUIAddVerbMenuW
OleUIBusyW
OleUIChangeSourceA
OleUIObjectPropertiesW
OleUIConvertA
OleUIInsertObjectW
OleUIChangeSourceW
OleUIObjectPropertiesA
OleUIUpdateLinksA
OleUIInsertObjectA
OleUIConvertW
OleUIEditLinksW
OleUICanConvertOrActivateAs
OleUIPromptUserA
OleUIEditLinksA
OleUIChangeIconA
OleUIPromptUserW
OleUIPasteSpecialA

kernel32

VirtualAlloc
ReadConsoleW
GetNumberOfConsoleFonts
UnlockFileEx
SetProcessAffinityMask
GetLocaleInfoW
WaitNamedPipeW
GetStringTypeA
QueryDepthSList
GetNextVDMCommand
Module32NextW
HeapCompact
GetThreadLocale
OpenMutexW
GetCommModemStatus
VirtualQueryEx
GetConsoleDisplayMode
SetComputerNameA
SetUserGeoID
CreateEventW
SetCommConfig
GetComputerNameExW
ConnectNamedPipe
GetPrivateProfileSectionNamesA
SetLocalPrimaryComputerNameA
FreeResource
GetThreadSelectorEntry
LoadLibraryA
QueryPerformanceCounter
DebugBreakProcess
GetSystemWindowsDirectoryA
GetUserDefaultLCID
GetProcAddress
VerLanguageNameW
GetFullPathNameA
GetConsoleAliasW
SetStdHandle
TermsrvAppInstallMode
MoveFileWithProgressA
QueryMemoryResourceNotification
SetConsolePalette
EnumSystemCodePagesA
IsBadHugeReadPtr
CallNamedPipeA
WTSGetActiveConsoleSessionId
GetEnvironmentVariableW
ExpungeConsoleCommandHistoryW
lstrcpyW
AddLocalAlternateComputerNameW
FindClose
SetConsoleNumberOfCommandsW
UnmapViewOfFile
GetCurrentThread
QueryActCtxW
SetThreadContext
SetProcessWorkingSetSize
ContinueDebugEvent
SetConsoleCursorMode
lstrcpynW
IsBadWritePtr
LocalAlloc
GetFileSizeEx
GetEnvironmentStringsW
LZOpenFileW

msvcrt40

??6ostream@@QAEAAV0@K@Z
?xsgetn@streambuf@@UAEHPADH@Z
?precision@ios@@QAEHH@Z
??6ostream@@QAEAAV0@F@Z
?binary@filebuf@@2HB
??4istream@@IAEAAV0@PAVstreambuf@@@Z
raise
__getmainargs
??_Dostream@@QAEXXZ
_mbsdec
??_Efilebuf@@UAEPAXI@Z
_setmbcp
wcsspn
??4ostream_withassign@@QAEAAVostream@@ABV1@@Z
?ipfx@istream@@QAEHH@Z
_fdopen
_mbsnbcoll
_safe_fprem
??_Gexception@@UAEPAXI@Z
_isatty
??6ostream@@QAEAAV0@N@Z
towupper
?open@filebuf@@QAEPAV1@PBDHH@Z
?gbump@streambuf@@IAEXH@Z
_chgsign
?put@ostream@@QAEAAV1@C@Z
abs
??0streambuf@@QAE@ABV0@@Z
_dup2
__p__wenviron
??_7ostream_withassign@@6B@
??1ios@@UAE@XZ
_dstbias

ntdll

NtSetIntervalProfile
DbgBreakPoint
ZwSetEvent
RtlDnsHostNameToComputerName
RtlEnlargedIntegerMultiply
NtQueryInformationThread
isalnum
LdrQueryImageFileExecutionOptions
RtlAnsiCharToUnicodeChar
RtlConsoleMultiByteToUnicodeN
NtAlertResumeThread
RtlInitializeBitMap
ZwCreateDebugObject
swprintf
RtlIpv4AddressToStringA
ZwWaitForDebugEvent
RtlEqualLuid
NtOpenThreadTokenEx
NtSetQuotaInformationFile
NtAdjustPrivilegesToken
NlsMbCodePageTag
RtlInsertElementGenericTableAvl
RtlTraceDatabaseCreate
RtlInterlockedPushEntrySList
ZwSetHighEventPair
RtlCreateTagHeap
NtQueryMutant
wcstombs
ZwUnlockFile
NtPowerInformation
RtlLengthSecurityDescriptor
NtCreateProcess
NtUnloadDriver
ZwCreateWaitablePort
ZwSignalAndWaitForSingleObject
ZwWriteRequestData

wiadss

FindFirstImportDS
CloseFindContext
UnloadImportDS
FindImportDSByDeviceName
FindNextImportDS
GetLoaderStatus
LoadImportDS

crtdll

__doserrno
memcpy
_strspnp
_strnextc
_ctype
_makepath
_mbctype
_heapset
vswprintf
ungetwc
_logb
signal
_heapwalk
_XcptFilter
_global_unwind2
_beep
_osminor_dll
fmod
_execv
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
vwprintf
strxfrm
_ismbcspace
fgets
_mbsnset
_chdir
putchar
log10
_scalb
_snwprintf
scanf
_mbsrchr
memset
_assert
__iscsym
_mbslwr
remove
strtoul

Sections

.text
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 484KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9edd3ac80f83e315fda3e985a7f83424

Headers

File Characteristics

Imports

oledlg

kernel32

msvcrt40

ntdll

wiadss

crtdll

Sections

.text Size: 71KB - Virtual size: 71KB

.rdata Size: 116KB - Virtual size: 116KB

.data Size: 1024B - Virtual size: 484KB

.rsrc Size: 177KB - Virtual size: 177KB

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 71KB - Virtual size: 71KB

.rdata
Size: 116KB - Virtual size: 116KB

.data
Size: 1024B - Virtual size: 484KB

.rsrc
Size: 177KB - Virtual size: 177KB

.reloc
Size: 1024B - Virtual size: 1024B