11d6a87f007e3f9dc7c369a3176791ae412ed4157d743ee0835487ccca614a83

Sharing

Copy URL Twitter E-mail

General

Target

11d6a87f007e3f9dc7c369a3176791ae412ed4157d743ee0835487ccca614a83
Size

147KB
MD5

271b01ec2944188dc386e7ce4a432412
SHA1

90b519f8f39358ddd02216e0de32208aebb25b80
SHA256

11d6a87f007e3f9dc7c369a3176791ae412ed4157d743ee0835487ccca614a83
SHA512

b418d022ce7b1b7139706010f3d3feb6898bfc0579c557d7fb01684605db4b6a2951364d205a34aacef027a26b35c55a2c94ee57689fd1e73009d9ce74198166
SSDEEP

3072:S9nCkh+ZiAogLZ7qa28uixDWlFxVv8vNVl5BvHWNUtBEHaBb+WROu8:S5Ckh+QAFtq75SMFxtANJNHWNUtz0r

Score

N/A

Malware Config

Signatures

Files

11d6a87f007e3f9dc7c369a3176791ae412ed4157d743ee0835487ccca614a83
.exe windows x86

2480fa2df410ee9825aa9525dc6b7ebf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mtxoci

ocan
odescr
odefin
MTxOciRegisterCursor
MTxolog
obndrn
orol
oexn
ocof
oopen
oermsg
MTxOciInit
oopt
oclose
oparse
ocom
oerhms
ofetch
oflng
obindps
Enlist
ofen
osetpi
oexec
oexfet
ogetpi
obndra
ocon
obndrv
olog

msvcrt

__set_app_type
_endthread
__getmainargs
_mbctolower
getc
_get_osfhandle
_Getmonths
fputws
system
vfwprintf
_ismbcpunct
exit
_ismbbpunct
swscanf
_strnicoll
fgetpos
_chgsign
_wcstoi64
_callnewh
wcsspn
_mbsdec
_EH_prolog
fscanf
ceil
towupper
wcspbrk
__p__commode
_seh_longjmp_unwind
_nextafter
longjmp
_wfopen

user32

MessageBoxW
EndDialog

atmlib

ATMFontAvailableA
ATMGetOutline
ATMGetGlyphListA
ATMGetBuildStr
ATMRemoveFontA
ATMClient
ATMGetNtmFieldsA
ATMFontStatusW
ATMSetFlags
ATMAddFontExW
ATMGetPostScriptNameW
ATMEnumMMFontsA
ATMGetVersionExW
ATMEnumFontsA

atl

AtlDevModeW2A
AtlModuleGetClassObject
AtlIPersistStreamInit_Load
AtlModuleRevokeClassObjects
AtlModuleTerm
AtlAxGetHost
AtlModuleAddCreateWndData
AtlHiMetricToPixel
AtlModuleUpdateRegistryFromResourceD
AtlPixelToHiMetric
AtlModuleUnRegisterTypeLib
AtlModuleRegisterWndClassInfoW
AtlAxAttachControl
AtlModuleRegisterClassObjects
AtlUnadvise
AtlAxDialogBoxA
AtlModuleUnregisterServer
AtlAxDialogBoxW
AtlGetVersion
AtlModuleInit
AtlModuleExtractCreateWndData
AtlModuleUnregisterServerEx
AtlIPersistPropertyBag_Load
AtlModuleRegisterWndClassInfoA
AtlGetObjectSourceInterface
AtlWaitWithMessageLoop

kernel32

IsBadReadPtr
GetProcessWorkingSetSize
GetOEMCP
GetProcessTimes
FileTimeToSystemTime
SetEvent
VirtualUnlock
CancelDeviceWakeupRequest
RemoveDirectoryW
LoadLibraryW
CreateFileMappingA
UnmapViewOfFile
DeviceIoControl
BindIoCompletionCallback
GetProfileSectionA
DefineDosDeviceW
SetFileShortNameA
RtlZeroMemory
Heap32ListFirst
GetExitCodeProcess
HeapCreate
GlobalHandle
EnumCalendarInfoA
EnumSystemCodePagesA

msdart

?RemoveTail@CLockedDoubleList@@QAEQAVCListEntry@@XZ
?_TryWriteLock@CReaderWriterLock2@@AAE_NJ@Z
?SetDefaultSpinCount@CSmallSpinLock@@SGXG@Z
MpHeapFree
?SetSpinCount@CSpinLock@@QAE_NG@Z
?_H1@CLKRLinearHashTable@@ABEKK@Z
?GetDefaultSpinAdjustmentFactor@CFakeLock@@SGNXZ
?ReadUnlock@CCritSec@@QAEXXZ
?SetDefaultSpinCount@CSpinLock@@SGXG@Z
?MaxSize@CLKRHashTable@@QBEKXZ

shell32

SHGetMalloc

Sections

.text
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2480fa2df410ee9825aa9525dc6b7ebf

Headers

File Characteristics

Imports

mtxoci

msvcrt

user32

atmlib

atl

kernel32

msdart

shell32

Sections

.text Size: 91KB - Virtual size: 90KB

.rdata Size: 36KB - Virtual size: 36KB

.data Size: 13KB - Virtual size: 81KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 91KB - Virtual size: 90KB

.rdata
Size: 36KB - Virtual size: 36KB

.data
Size: 13KB - Virtual size: 81KB

.rsrc
Size: 4KB - Virtual size: 3KB