ffd3e5f0f7f542c3ac2e78d8f75cf049448d92598a7a34ed7a74de64cee5a175

Sharing

Copy URL Twitter E-mail

General

Target

ffd3e5f0f7f542c3ac2e78d8f75cf049448d92598a7a34ed7a74de64cee5a175
Size

402KB
MD5

6933a87cf8fce1333efa619d4c6e01cc
SHA1

2c31a273dbc06ff1f002077d5edf079e16e4146c
SHA256

ffd3e5f0f7f542c3ac2e78d8f75cf049448d92598a7a34ed7a74de64cee5a175
SHA512

e5693f2127c6cfde1816e4a8da3337e4e922e13d9a985faae2b5915de76b3be8da9d2ef9f7d36f77ee617faba3184bcd838a63d3b23aeed30b0e8dd38f4440f3
SSDEEP

12288:zhuXDme+QnitXL3CUBzG+Rt1KFlgg60rkn:zDQniZLHBhIY0rk

Score

N/A

Malware Config

Signatures

Files

ffd3e5f0f7f542c3ac2e78d8f75cf049448d92598a7a34ed7a74de64cee5a175
.exe windows x86

64527bcf49cb52aa00d1769744062f4c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

DecryptFileW
LookupAccountSidW
RegFlushKey
RegSetValueExW
OpenThreadToken
QueryServiceStatus
DeleteAce
RegisterEventSourceW
OpenProcessToken
EncryptFileW
RegLoadKeyW
CloseServiceHandle
OpenEncryptedFileRawW
CheckTokenMembership
RegOpenKeyW

comctl32

ImageList_GetImageCount
DestroyPropertySheetPage
PropertySheetW

shell32

ExtractIconExW
SHGetFileInfoW

rpcrt4

UuidFromStringW

msacm32

acmFormatTagEnumA
acmStreamSize
acmDriverAddW
acmFilterTagEnumA
acmStreamPrepareHeader
acmDriverDetailsW
acmStreamUnprepareHeader
acmStreamReset
acmStreamMessage
acmDriverDetailsA
acmDriverClose
acmFormatSuggest
acmDriverID
acmFilterChooseA
acmStreamOpen
acmGetVersion
acmDriverPriority

comdlg32

GetSaveFileNameW

msorcl32

SQLExtendedFetch
DllMain
SQLColAttributes
SQLAllocConnect
SQLSetStmtOption
SQLAllocStmt
SQLGetData
SQLGetInfo
DllRegisterServer
SQLGetStmtOption
SQLExecute
SQLPrepare
DllUnregisterServer
LoadByOrdinal
SQLFetch

ole32

CoInitializeSecurity
CoCreateGuid
CoUninitialize
CoCreateInstance

mpr

WNetOpenEnumW

syssetup

AsrRestorePlugPlayRegistryData

netapi32

NetApiBufferSize
NetShareEnum
NetServerEnum

mapi32

MAPIFindNext
OpenTnefStream
cmc_logoff
MAPIReadMail
RTFSync
FGetComponentPath
BMAPIDetails
BMAPISendMail
cmc_query_configuration
MAPIResolveName
BMAPIGetAddress
LAUNCHWIZARD
MAPILogonEx
PRProviderInit
BMAPIAddress
MAPIFreeBuffer
MAPIOpenLocalFormContainer
cmc_read
MAPIAddress

setupapi

SetupOpenInfFileW

gdi32

DeleteObject
Polygon
GetTextExtentPoint32W

kernel32

GetFileSize
VirtualAlloc
FindNextFileW
FileTimeToSystemTime
SystemTimeToFileTime
GetTimeFormatW
QueryPerformanceCounter
GetVolumePathNameW
GetTapeParameters
VirtualFree
Sleep
GetDiskFreeSpaceExW
GetTapeStatus
BackupRead
LocalFree
SetLastError
WideCharToMultiByte
GetProcessHeap
CompareStringW
SetFilePointer
VerifyVersionInfoW
DeleteCriticalSection
GetNumberFormatW
ReadFile
GetCurrentProcessId
GetLocaleInfoW
GetFileInformationByHandle
CloseHandle
GetSystemTimeAsFileTime
LoadResource
ExpandEnvironmentStringsW
PrepareTape
HeapSize
FileTimeToLocalFileTime
GetCurrentThreadId
CreateFileW
GetVersionExW
FindVolumeMountPointClose
CloseHandle
FormatMessageW
UnhandledExceptionFilter
GetLogicalDriveStringsW
HeapAlloc
GlobalAlloc
GetExitCodeThread
LocalFree
RemoveDirectoryW

user32

FlashWindow
DestroyIcon
GetDlgItem
wvsprintfW
KillTimer
MessageBoxW
GetWindowTextLengthW
UpdateWindow
IsIconic
MapDialogRect
GetMonitorInfoW
SetWindowsHookExW
MonitorFromWindow
LoadMenuW
IsCharAlphaW
RemoveMenu
PostQuitMessage
SetClassLongW
EnableMenuItem
LoadStringW
GetMenuItemID
GetMenu
GetParent
DeleteMenu
BringWindowToTop
GetSystemMetrics
UnregisterClassW
ChildWindowFromPoint
SetWindowPos
PostMessageW
GetAsyncKeyState

Sections

.text
Size: 239KB - Virtual size: 239KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 684KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64527bcf49cb52aa00d1769744062f4c

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

comctl32

shell32

rpcrt4

msacm32

comdlg32

msorcl32

ole32

mpr

syssetup

netapi32

mapi32

setupapi

gdi32

kernel32

user32

Sections

.text Size: 239KB - Virtual size: 239KB

.data Size: 65KB - Virtual size: 64KB

.rsrc Size: 96KB - Virtual size: 684KB

.text
Size: 239KB - Virtual size: 239KB

.data
Size: 65KB - Virtual size: 64KB

.rsrc
Size: 96KB - Virtual size: 684KB