1460ab4f9df31c52e29b0c2814104c63bae8ed02b2ed80dde8159a75a1605161

Sharing

Copy URL Twitter E-mail

General

Target

1460ab4f9df31c52e29b0c2814104c63bae8ed02b2ed80dde8159a75a1605161
Size

43KB
MD5

f1830c91c459f5b32b3b00034916f319
SHA1

51f3df72f24ba734f75c809e464cdc00464ce129
SHA256

1460ab4f9df31c52e29b0c2814104c63bae8ed02b2ed80dde8159a75a1605161
SHA512

5aac4bc7818a961b7cc4e4fa8c9b4616006fd7bc36dc1cf0cfdacc6c8a4d4c6c1eb0c4b84216a6e7f8ca7df87d4d1d3cae683158888a54d2b16a8f450d5546f2
SSDEEP

768:UL0DRE8oPkw7xLrf5h3098TiBFGF0gCS9OVUcrWgcowcXsI4qhzgHyoxSAXj:UgDGzsw7x/hhE9dGSIOywWu5sI4qoxSY

Score

N/A

Malware Config

Signatures

Files

1460ab4f9df31c52e29b0c2814104c63bae8ed02b2ed80dde8159a75a1605161
.exe windows x86

8620764e7ccfb32e75029b9f60fb1435

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msdart

?DeleteRecord@CLKRHashTable@@QAE?AW4LK_RETCODE@@PBX@Z
?ReadLock@CReaderWriterLock3@@QAEXXZ
??1CDoubleList@@QAE@XZ
?GetDefaultSpinCount@CSpinLock@@SGGXZ
?_ExtractKey@CLKRLinearHashTable@@ABE?BKPBX@Z
??0CSingleList@@QAE@XZ
mpMalloc
?FindRecord@CLKRHashTable@@QBE?AW4LK_RETCODE@@PBX@Z
??1CFakeLock@@QAE@XZ
?ReadLock@CFakeLock@@QAEXXZ
??0CLockedSingleList@@QAE@XZ
?RemoveTail@CLockedDoubleList@@QAEQAVCListEntry@@XZ
?IsWin9x@CMdVersionInfo@@SAHXZ
?Size@CLKRHashTable@@QBEKXZ
?sm_wDefaultSpinCount@CSpinLock@@1GA
?ReadUnlock@CFakeLock@@QAEXXZ
?IsWriteUnlocked@CReaderWriterLock2@@QBE_NXZ
?IsUsable@CLKRLinearHashTable@@QBE_NXZ
?SetDefaultSpinCount@CSmallSpinLock@@SGXG@Z
?WriteUnlock@CSpinLock@@QAEXXZ
?sm_pfnTryEnterCriticalSection@CCriticalSection@@0P6GHPAU_RTL_CRITICAL_SECTION@@@ZA
?TryWriteLock@CReaderWriterLock@@QAE_NXZ
?TryReadLock@CSpinLock@@QAE_NXZ
?ReadLock@CSmallSpinLock@@QAEXXZ
??4CSingleList@@QAEAAV0@ABV0@@Z
?WriteUnlock@CFakeLock@@QAEXXZ

msvcrt

abort
__getmainargs
__p__commode
_chdrive
_wcsnicmp
__set_app_type
calloc
_wtof
_controlfp
___mb_cur_max_func
ldexp
_putenv
cosh
getchar
??0__non_rtti_object@@QAE@ABV0@@Z
__p___winitenv
_getwch
_memicmp
??_G__non_rtti_object@@UAEPAXI@Z
ctime
_wstat
_isnan
_ismbblead
_localtime64
iswdigit
?unexpected@@YAXXZ
_pclose
exit
_getdiskfree
_tell
wcscmp
_safe_fprem
_mbsspnp

shlwapi

PathRemoveFileSpecA
SHRegDeleteUSValueA
UrlGetPartW
SHCreateStreamOnFileW
PathAppendW
PathGetArgsA
PathIsDirectoryEmptyW
HashData
UrlApplySchemeW
SHRegWriteUSValueA
StrCmpNA
AssocQueryStringByKeyA
PathRelativePathToA
PathStripToRootA
StrFormatKBSizeW
ColorRGBToHLS
PathFindFileNameW
PathRemoveFileSpecW
SHQueryInfoKeyW
SHDeleteValueW
SHRegQueryUSValueW
DelayLoadFailureHook
PathFindSuffixArrayW
PathRenameExtensionA
PathIsUNCA
PathAddBackslashA
PathCombineW

kernel32

InterlockedPushEntrySList
BuildCommDCBW
FindAtomW
BaseUpdateAppcompatCache
GetModuleHandleA
WritePrivateProfileStringW
GetMailslotInfo
ExitProcess
AddAtomA
IsBadStringPtrW
QueryPerformanceCounter
Module32First
SetConsoleMenuClose
SetConsoleCursorPosition
RtlFillMemory
PurgeComm
GetComputerNameExA
GetUserDefaultLCID
LZDone
VirtualAlloc
GetComPlusPackageInstallStatus
LoadLibraryA
DeleteVolumeMountPointW
GetCommMask
SetComputerNameExW
BuildCommDCBAndTimeoutsW
GetSystemTimeAsFileTime
VDMOperationStarted
SetTapeParameters

winipsec

SetTransportFilter
DeleteTunnelFilter
DeleteQMPolicy
GetTunnelFilter
EnumMMAuthMethods
EnumTransportFilters
DeleteMMAuthMethods
OpenMMFilterHandle
SetQMPolicy
MatchTunnelFilter
CloseTransportFilterHandle
GetTransportFilter
EnumQMSAs
DeleteTransportFilter
SetTunnelFilter
GetQMPolicy
EnumMMPolicies
SetMMAuthMethods
DeleteMMPolicy
AddMMAuthMethods
OpenTunnelFilterHandle
AddTunnelFilter
SetMMPolicy
CloseMMFilterHandle
AddTransportFilter
AddMMPolicy
CloseTunnelFilterHandle
EnumIPSecInterfaces
GetMMAuthMethods
GetMMFilter
GetMMPolicyByID
DeleteMMFilter
MatchTransportFilter

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hwqkbcm
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8620764e7ccfb32e75029b9f60fb1435

Headers

DLL Characteristics

File Characteristics

Imports

msdart

msvcrt

shlwapi

kernel32

winipsec

Sections

.text Size: 30KB - Virtual size: 29KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 32KB

hwqkbcm Size: - Virtual size: 4KB

.text
Size: 30KB - Virtual size: 29KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 32KB

hwqkbcm
Size: - Virtual size: 4KB