50d5db61981e5a3f5b549d906fa57ebd42f7ca11238bc622c0d38cd7207f7238

Sharing

Copy URL Twitter E-mail

General

Target

50d5db61981e5a3f5b549d906fa57ebd42f7ca11238bc622c0d38cd7207f7238
Size

123KB
MD5

2666ff65f349160b69af33d706da5d83
SHA1

041ca08c754d4558eaa1b521947e408a24c3bc8a
SHA256

50d5db61981e5a3f5b549d906fa57ebd42f7ca11238bc622c0d38cd7207f7238
SHA512

aca4d645b67325939101f520a508dfbf1a34ee6a0c5d82dc2220dbf9bce003384a7d4d21623b5630a8da41fa268ab1ba46764514a4c37e38eb0f9bfd012ca9ad
SSDEEP

3072:huS57hS7WhhLnLI6awjcNoF0oVnFvjGWl6v7+wMiLvGX:QWjnRawgNoZjZla5dz

Score

N/A

Malware Config

Signatures

Files

50d5db61981e5a3f5b549d906fa57ebd42f7ca11238bc622c0d38cd7207f7238
.exe windows x86

3e6897df656df85ea6de84b5cd84830b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt20

_CIasin

rtm

RtmCreateRouteList
RtmGetRouteAge
RtmLookupIPDestination
RtmReleaseRoutes
RtmInvokeMethod
RtmUpdateAndUnlockRoute
RtmGetNextHopInfo
DumpTable
RtmDeleteRouteList
MgmInitialize
RtmGetAddressFamilyInfo
RtmCloseEnumerationHandle
RtmGetChangeStatus
DeleteFromTable
MgmGetMfe
RtmGetNextHopPointer
RtmGetNetworkCount
RtmWriteInstanceConfig
RtmGetFirstRoute
RtmGetInstanceInfo
RtmReleaseDestInfo
RtmEnumerateGetNextRoute
RtmFindNextHop
RtmGetEnumDests

kernel32

SetConsoleCursorMode
Process32FirstW
GetCalendarInfoW
RegisterConsoleOS2
SetConsoleInputExeNameW
VirtualAlloc
CreateWaitableTimerA
LoadModule
lstrcpyA
DnsHostnameToComputerNameW
OpenWaitableTimerA
SetTermsrvAppInstallMode
SetWaitableTimer
NlsGetCacheUpdateCount
EnumResourceTypesW
GetConsoleCharType
GetConsoleInputWaitHandle
GetTimeFormatA
PulseEvent
GetStringTypeA
WaitForMultipleObjects
IsDebuggerPresent
FreeLibraryAndExitThread
GetWindowsDirectoryA
SetProcessAffinityMask
FillConsoleOutputCharacterW
Module32NextW
GetTapeParameters
GetDefaultCommConfigA
InterlockedExchange
lstrcpynA
MoveFileWithProgressW
SetHandleCount
SetConsoleTitleA
GetCommandLineA
OpenJobObjectW
EnumResourceTypesA

advpack

GetVersionFromFile

d3d9

D3DPERF_GetStatus
D3DPERF_SetRegion
DebugSetLevel
D3DPERF_BeginEvent
D3DPERF_SetOptions
DebugSetMute
Direct3DShaderValidatorCreate9
D3DPERF_EndEvent
PSGPError
D3DPERF_SetMarker
Direct3DCreate9
PSGPSampleTexture
D3DPERF_QueryRepeatFrame

lz32

LZOpenFileA
LZSeek
CopyLZFile
LZStart
GetExpandedNameA
LZClose
GetExpandedNameW
LZCopy
LZInit
LZDone
LZCreateFileW
LZOpenFileW
LZRead
LZCloseFile

sqlwid

_lopen_
OpenFile_
_ttof
_hwrite_
_lcreat_
wstrlen
GetEnvironmentStrings_
GetProcAddress_
strerror_
_lwrite_

perfnet

CloseNetSvcsObject

cabview

DllCanUnloadNow
DllGetClassObject
Uninstall

htui

HTUI_DeviceColorAdjustmentW
HTUI_DeviceColorAdjustment
HTUI_ColorAdjustmentA
HTUI_ColorAdjustment
HTUI_ColorAdjustmentW
HTUI_DeviceColorAdjustmentA

Sections

.data
Size: - Virtual size: 496KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1024B - Virtual size: 604B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 76B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rdata
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3e6897df656df85ea6de84b5cd84830b

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt20

rtm

kernel32

advpack

d3d9

lz32

sqlwid

perfnet

cabview

htui

Sections

.data Size: - Virtual size: 496KB

.text Size: 1024B - Virtual size: 604B

.reloc Size: 512B - Virtual size: 76B

.rdata Size: 119KB - Virtual size: 119KB

.rsrc Size: 1024B - Virtual size: 724B

.data
Size: - Virtual size: 496KB

.text
Size: 1024B - Virtual size: 604B

.reloc
Size: 512B - Virtual size: 76B

.rdata
Size: 119KB - Virtual size: 119KB

.rsrc
Size: 1024B - Virtual size: 724B