405cb9003b9901868ecb665aed63799a10f786db147ba229a03ce1109d1a8366

Sharing

Copy URL Twitter E-mail

General

Target

405cb9003b9901868ecb665aed63799a10f786db147ba229a03ce1109d1a8366
Size

155KB
MD5

0bc7b79d15a7a177fefc6c3b99611310
SHA1

57d99a01a98f9f7a9bf467faf7574cf2cd5d2f6f
SHA256

405cb9003b9901868ecb665aed63799a10f786db147ba229a03ce1109d1a8366
SHA512

3d18382b70939a11689d73a43ed99f3fd94b18c7f83b2a1ca6814720d422895242b19f6d8eff37f77638984b287766302a2cd743554120c2f2971377f1b8b4f7
SSDEEP

3072:rRPAhwe36C/9wBP0HtLOAqi6mjq60cwFyzrjLV7:rRIoGNLT6RVcwIjp7

Score

N/A

Malware Config

Signatures

Files

405cb9003b9901868ecb665aed63799a10f786db147ba229a03ce1109d1a8366
.exe windows x86

97b6f81a72cf403ef590322cd8ae0d5e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

urlmon

WriteHitLogging
SetSoftwareUpdateAdvertisementState
URLDownloadToCacheFileW
CoInternetGetSession

ole32

OleCreateFromDataEx
OleCreateEx
CoRegisterMallocSpy
CoLoadLibrary

ws2_32

htonl
ntohl
connect
accept
bind
closesocket
getprotobyname

opengl32

glColor4us
glRotatef
glGetFloatv
glColor4iv
glSelectBuffer
glRects
glGetBooleanv
glCallList

crypt32

CertCreateSelfSignCertificate
CryptSetOIDFunctionValue
CryptHashPublicKeyInfo
CertSerializeCRLStoreElement
CryptMsgGetParam
CryptProtectData

mpr

WNetDisconnectDialog
WNetCancelConnectionW
WNetCancelConnectionA
WNetCloseEnum
WNetGetUniversalNameA

kernel32

LoadLibraryW
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
GetACP
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetOEMCP
IsValidCodePage
HeapReAlloc
RtlUnwind
HeapSize
QueryPerformanceCounter
GetProcAddress
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
SetLastError
TlsFree
GetLastError
HeapFree
HeapAlloc
InterlockedDecrement
GetCPInfo
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapCreate
GetModuleHandleW
ExitProcess
DecodePointer
WriteFile
GetStdHandle
GetModuleFileNameW
EncodePointer
WideCharToMultiByte
LCMapStringW
MultiByteToWideChar
GetStringTypeW
Sleep
InterlockedIncrement
TlsAlloc
TlsGetValue
TlsSetValue

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

97b6f81a72cf403ef590322cd8ae0d5e

Headers

DLL Characteristics

File Characteristics

Imports

user32

urlmon

ole32

ws2_32

opengl32

crypt32

mpr

kernel32

Sections

.text Size: 18KB - Virtual size: 17KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 3KB - Virtual size: 6KB

.rsrc Size: 120KB - Virtual size: 119KB

.text
Size: 18KB - Virtual size: 17KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 3KB - Virtual size: 6KB

.rsrc
Size: 120KB - Virtual size: 119KB