9471ac20c9198dad333e3c037909344d978d93f7f7d09fa8295adae3e63a762b

Sharing

Copy URL Twitter E-mail

General

Target

9471ac20c9198dad333e3c037909344d978d93f7f7d09fa8295adae3e63a762b
Size

43KB
MD5

1e511222e6dcd5911507e214e8cddf2c
SHA1

67507e81859b9e79986bece54d84f3e6a1746904
SHA256

9471ac20c9198dad333e3c037909344d978d93f7f7d09fa8295adae3e63a762b
SHA512

e1d3457f233e330650bf56cd4b53db3646c6dd7dd7d30d9f93cc18b0e30fcb54695ecfd7d083f9ab0e789bed306de582effcb72547a041daf4406d74c185929b
SSDEEP

768:IOn4ilaf13ELch4J5kTAT92CXTPycMZ5GADeY6jY1WstW9F+:dnDMfhti5kTAT92APwjGHYkYwk4

Score

N/A

Malware Config

Signatures

Files

9471ac20c9198dad333e3c037909344d978d93f7f7d09fa8295adae3e63a762b
.exe windows x86

c1792dc4893b650e32276541919ea445

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

olecli32

OleIsDcMeta
BmGetData
ErrSetBounds
LeQueryOpen
OleGetData
LeSetBounds
PbCreateFromFile
ErrQueryOpen
OleQueryOutOfDate
DibChangeData
OleClone
LeClose
GenRelease
SetNetName
PbCopyToClipboard
OleGetLinkUpdateOptions
GenClone
SrvrWndProc
LeSetData
MfCallbackFunc
OleQueryType
OleQueryCreateFromClip

msvcrt40

?text@filebuf@@2HB
_mtunlock
?unbuffered@streambuf@@IAEXH@Z
?seekpos@streambuf@@UAEJJH@Z
mbtowc
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
??_Diostream@@QAEXXZ
isupper
clearerr
_lsearch
??0istream@@IAE@ABV0@@Z
__p__pctype
?overflow@filebuf@@UAEHH@Z
_fpclass
_inpd
strchr
strcmp
_wstrdate
_wenviron
?seekoff@strstreambuf@@UAEJJW4seek_dir@ios@@H@Z
_getdrives
_fgetwchar
strncmp
??_Gstrstream@@UAEPAXI@Z
_splitpath

cryptui

CryptUIFreeViewSignaturesPagesA
CryptUIDlgViewSignerInfoA
CryptUIDlgSelectCertificateFromStore
CryptUIDlgViewCertificatePropertiesW
DllUnregisterServer
CryptUIFreeCertificatePropertiesPagesA
CryptUIWizSubmitCertRequestNoDS
CryptUIDlgSelectStoreW
CryptUIWizImport
LocalEnroll
CryptUIGetViewSignaturesPagesA
EnrollmentCOMObjectFactory_getInstance
CryptUIDlgViewCertificateW
CryptUIWizCreateCertRequestNoDS
CryptUIStartCertMgr
CryptUIWizFreeCertRequestNoDS
CryptUIWizCertRequest
CryptUIDlgViewCertificateA
RetrievePKCS7FromCA
CryptUIWizDigitalSign
I_CryptUIProtectFailure
CryptUIWizFreeDigitalSignContext
CryptUIDlgSelectCertificateA
CryptUIDlgViewCTLA

kernel32

GetSystemInfo
GlobalCompact
EnumCalendarInfoW
VirtualAlloc
LoadLibraryA
PeekNamedPipe
GetShortPathNameA
GetConsoleCursorInfo
RaiseException
HeapAlloc
SetCalendarInfoA
ReadConsoleW
RegisterConsoleIME
CreateEventW
FatalAppExitA
CompareFileTime
GetModuleHandleA
TzSpecificLocalTimeToSystemTime
SetComPlusPackageInstallStatus
GetEnvironmentVariableW
DebugSetProcessKillOnExit
GetGeoInfoA
GetTempPathA
OutputDebugStringA

user32

UnregisterClassA
TrackPopupMenuEx
GetWindowPlacement
GetSystemMenu
GetWindowLongW
TabbedTextOutW
OpenIcon
FlashWindowEx
CreateWindowExA
ToUnicodeEx
AnimateWindow
IsCharAlphaNumericA
DrawIconEx
CharUpperBuffW
MBToWCSEx
DdeCreateStringHandleA
SetKeyboardState
OpenWindowStationW
GetPropA
SetWindowRgn
RegisterLogonProcess
DialogBoxParamA

setupapi

SetupDiRegisterCoDeviceInstallers
SetupDiLoadClassIcon
SetupDiGetClassImageList
CM_Get_Hardware_Profile_InfoW
SetupQueryDrivesInDiskSpaceListW
SetupDiCreateDeviceInterfaceRegKeyA
SetupAddToDiskSpaceListA
CM_Get_Child_Ex
pSetupSetQueueFlags
SetupDiDestroyDriverInfoList
SetupOpenMasterInf
CM_Delete_DevNode_Key
SetupGetSourceFileSizeA
SetupQueueRenameSectionW
SetupDiCreateDevRegKeyW
SetupGetMultiSzFieldA
CM_Get_Device_Interface_ListA
SetupRemoveSectionFromDiskSpaceListW
SetupDiGetWizardPage
SetupSetDirectoryIdA
CM_Get_DevNode_Registry_PropertyW
SetupDiDeleteDeviceInterfaceRegKey
SetupQuerySourceListA
CMP_WaitNoPendingInstallEvents
CM_Disable_DevNode
pSetupQueryMultiSzValueToArray
CM_Is_Dock_Station_Present_Ex
SetupDiGetSelectedDevice
CM_Query_And_Remove_SubTreeA
CM_Run_Detection
CM_Get_Res_Des_Data_Size_Ex
CM_Get_Parent_Ex
pSetupMalloc
SetupQuerySpaceRequiredOnDriveW
SetupVerifyInfFileW
SetupDiGetClassInstallParamsA
SetupDiSetDriverInstallParamsA
CM_Get_Device_ID_List_ExA
CM_Dup_Range_List
SetupDiSetClassInstallParamsA
CM_Get_Device_ID_ListA
SetupInitializeFileLogA
SetupGetSourceFileLocationA
SetupAddToDiskSpaceListW
CM_Request_Device_Eject_ExW
CM_Get_HW_Prof_FlagsW
CMP_UnregisterNotification
SetupQueueDeleteSectionA
SetupDefaultQueueCallbackA
SetupDiGetDeviceRegistryPropertyW
SetupDiInstallDriverFiles

expsrv

rtcGetErl
PutMemEvent
__vbaUbound
rtcRgb
__vbaVarTextCmpGt
rtcGetFileAttr
__vbaFPInt
__vbaI2Str
rtcIsError
_CItan
GetMem8
BASIC_CLASS_AddRef
__vbaVarLateMemCallSt
__vbaCyFix
__vbaI2ForNextCheck
rtcGetDayOfMonth
rtcFileReset
TipCreateInstanceProject2
rtcFormatDateTime
__vbaVarSetObj
rtcVarBstrFromAnsi
rtcLenVar
__vbaR4ForNextCheck
__vbaVarTextTstNe
rtcUpperCaseVar
__vbaExitEachColl
__vbaVarDateVar
__vbaVarSetVarAddref
EVENT_SINK2_AddRef
rtcStringVar

Sections

.text
Size: 1024B - Virtual size: 594B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c1792dc4893b650e32276541919ea445

Headers

DLL Characteristics

File Characteristics

Imports

olecli32

msvcrt40

cryptui

kernel32

user32

setupapi

expsrv

Sections

.text Size: 1024B - Virtual size: 594B

.rdata Size: 15KB - Virtual size: 15KB

.data Size: 16KB - Virtual size: 93KB

.rsrc Size: 9KB - Virtual size: 9KB

.reloc Size: 512B - Virtual size: 60B

.text
Size: 1024B - Virtual size: 594B

.rdata
Size: 15KB - Virtual size: 15KB

.data
Size: 16KB - Virtual size: 93KB

.rsrc
Size: 9KB - Virtual size: 9KB

.reloc
Size: 512B - Virtual size: 60B