1cdeda075d83ffef868ffb255b12f192122752c4ba27b9b57939db830b5c7d7b

Sharing

Copy URL Twitter E-mail

General

Target

1cdeda075d83ffef868ffb255b12f192122752c4ba27b9b57939db830b5c7d7b
Size

835KB
MD5

20c287278362fe6196e45c18dda6922f
SHA1

0e9b6dcc475d913f079db59ad3159406a1ee0e68
SHA256

1cdeda075d83ffef868ffb255b12f192122752c4ba27b9b57939db830b5c7d7b
SHA512

bcd77df1d66151a79e5057614ca24bf98b8ecc5e71661ed248b1fbf18ecec0bdd7800a041a895e949482a9f8f763936836988f986a521193f64bd0b181f59e76
SSDEEP

24576:Bc8SkFr7F6snq/n9kYF2L4ahcORf4M9Cw:BcHkHElFGcMNX

Score

N/A

Malware Config

Signatures

Files

1cdeda075d83ffef868ffb255b12f192122752c4ba27b9b57939db830b5c7d7b
.exe windows x86

e8d6759e6b62b8f1e0c9558668398071

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msdart

MpGetHeapHandle
??4CReaderWriterLock2@@QAEAAV0@ABV0@@Z
MpHeapDestroy
?TryReadLock@CSpinLock@@QAE_NXZ
?_LockSpin@CReaderWriterLock2@@AAEX_N@Z
?IsWriteUnlocked@CSmallSpinLock@@QBE_NXZ
??4CReaderWriterLock3@@QAEAAV0@ABV0@@Z
?IsEmpty@CLockedSingleList@@QBE_NXZ
??1CReaderWriterLock3@@QAE@XZ
?ApplyIf@CLKRHashTable@@QAEKP6G?AW4LK_PREDICATE@@PBXPAX@ZP6G?AW4LK_ACTION@@01@Z1W4LK_LOCKTYPE@@@Z
?_Contract@CLKRLinearHashTable@@AAE?AW4LK_RETCODE@@XZ
?IsWin98@CMdVersionInfo@@SAHXZ
?ReadLock@CReaderWriterLock@@QAEXXZ
?SetDefaultSpinAdjustmentFactor@CFakeLock@@SGXN@Z
?IsWinNt4orLater@CMdVersionInfo@@SAHXZ
?SetSpinCount@CReaderWriterLock@@QAE_NG@Z
?GetDefaultSpinAdjustmentFactor@CSpinLock@@SGNXZ

kernel32

SetLastError
SetFileAttributesA
IsDebuggerPresent
GetNextVDMCommand
GetFileAttributesExA
GenerateConsoleCtrlEvent
GlobalAlloc
LockFile
SetFileTime
GetThreadPriority
DebugBreak
EnumResourceTypesW
GlobalUnWire
GetProcAddress
SetFileApisToOEM
BaseCleanupAppcompatCacheSupport
GlobalFindAtomW
PeekNamedPipe
WriteFileGather
GetHandleContext
HeapSetInformation
LZSeek
CreateWaitableTimerW
LoadLibraryW
QueryDepthSList
ReadConsoleInputExW
IsBadStringPtrA
CreateHardLinkA
GetPrivateProfileStringA
LZDone
GetStringTypeW
IsBadWritePtr
GetCurrencyFormatA
GetConsoleNlsMode
GetCommState
GetConsoleCursorMode

rasser

PortChangeCallback
PortClose
PortClearStatistics
PortReceiveComplete
PortSend
PortInit
PortGetStatistics
PortDisconnect
PortSetInfo
PortSetFraming
PortOpen
PortReceive
PortGetInfo
PortConnect
PortEnum
PortCompressionSetInfo
PortSetINetCfg
PortTestSignalState
PortGetPortState

opengl32

wglGetCurrentDC
glFrontFace
glPixelZoom
glColor3bv
glIndexi
glTexParameteri
glTexCoord4i
glPushMatrix
glLightModelf
glOrtho
glTexCoord4fv
glIsTexture

imagehlp

SymGetLinePrev64
ImageGetCertificateData
CheckSumMappedFile
ImageUnload
SymEnumTypes
ImageRvaToSection
ImageRvaToVa
ImageNtHeader
TouchFileTimes
BindImageEx
SymGetSymFromAddr
SymGetSymPrev64
SymFunctionTableAccess
ImagehlpApiVersionEx
ImageGetCertificateHeader
SymGetModuleInfo
SetImageConfigInformation
SymUnloadModule
SymSetOptions
ImagehlpApiVersion
SymGetModuleInfo64
ImageGetDigestStream
SymGetModuleBase
SymFunctionTableAccess64
SymGetOptions

mprapi

MprDomainQueryRasServer
MprConfigInterfaceTransportGetHandle
MprAdminInterfaceSetCredentials
MprAdminPortDisconnect
MprAdminUserServerConnect
MprInfoCreate
MprAdminPortEnum
MprAdminPortGetInfo
MprAdminInterfaceGetCredentialsEx
MprAdminTransportSetInfo
MprAdminUserOpen
MprConfigInterfaceGetHandle
MprAdminIsDomainRasServer
MprConfigInterfaceTransportEnum
MprConfigTransportGetHandle
MprAdminGetErrorString
MprInfoDelete
MprAdminInterfaceUpdatePhonebookInfo
MprConfigTransportDelete
MprAdminMIBEntryGet
MprAdminPortClearStats

oleaut32

VarCyFromUI2
VarR4FromDisp
UnRegisterTypeLib
VarFix
OleLoadPicturePath
VarUI2FromI4
VariantCopy
VarR4FromCy
VarDecFromI2
VarUI4FromI2
VarUI4FromI4
VarCyCmp
VarUI8FromUI4
SafeArrayDestroyDescriptor
VarCyFromUI1
VarI2FromI8
VarUI2FromI8

Sections

.text
Size: 396KB - Virtual size: 396KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 173KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e8d6759e6b62b8f1e0c9558668398071

Headers

DLL Characteristics

File Characteristics

Imports

msdart

kernel32

rasser

opengl32

imagehlp

mprapi

oleaut32

Sections

.text Size: 396KB - Virtual size: 396KB

.rdata Size: 146KB - Virtual size: 146KB

.data Size: 173KB - Virtual size: 1.6MB

.rsrc Size: 116KB - Virtual size: 116KB

.reloc Size: 1024B - Virtual size: 844B

.text
Size: 396KB - Virtual size: 396KB

.rdata
Size: 146KB - Virtual size: 146KB

.data
Size: 173KB - Virtual size: 1.6MB

.rsrc
Size: 116KB - Virtual size: 116KB

.reloc
Size: 1024B - Virtual size: 844B