e78cbe4c5edc405933c34605ad01d7667e6458a9c956886541adffe9ed687dd2

Sharing

Copy URL Twitter E-mail

General

Target

e78cbe4c5edc405933c34605ad01d7667e6458a9c956886541adffe9ed687dd2
Size

873KB
MD5

f042789a89b9333134404936ea31861b
SHA1

a42b3edc045c63d41fb21c56b5609f722f0933d4
SHA256

e78cbe4c5edc405933c34605ad01d7667e6458a9c956886541adffe9ed687dd2
SHA512

3a8fedef8c58b6d037d8283356933f361cbcf0a8a82362d119291b8f63bc9568117d96d314a589de428496f8202be9bb43f6dca5fec5151fa1354dc7aa88c1f2
SSDEEP

12288:bvPDy7P0Qqc8AxhtSq4QVYZWGr2WttHOSYEK20DYwbLGTRunGiWV5zo/K22dvS5a:bw8lt6SQVYZX7twmqYULGVv62dGatR

Score

N/A

Malware Config

Signatures

Files

e78cbe4c5edc405933c34605ad01d7667e6458a9c956886541adffe9ed687dd2
.exe windows x86

1f7ba45632ec1166f4a2b188b2d6fedb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt20

__p__pctype
??5istream@@QAEAAV0@AAD@Z
_mbsncpy
_cscanf
??4ofstream@@QAEAAV0@ABV0@@Z
_mktemp
mblen
ferror
?out_waiting@streambuf@@QBEHXZ
__p__wpgmptr
??_8ostream@@7B@
?ipfx@istream@@QAEHH@Z
fputws
_mbsstr
??0ostream@@IAE@ABV0@@Z
__p__iob
iswlower
??_Dstdiostream@@QAEXXZ
?fill@ios@@QBEDXZ
??0istrstream@@QAE@ABV0@@Z
clearerr
??_8fstream@@7Bostream@@@
_eof
?putback@istream@@QAEAAV1@D@Z
toupper
_mbsnbcnt
?x_maxbit@ios@@0JA
??5istream@@QAEAAV0@PAC@Z
fgetwc
??0fstream@@QAE@XZ
?cin@@3Vistream_withassign@@A
??0strstreambuf@@QAE@XZ
fprintf
isleadbyte
__p___mb_cur_max
_lfind
??_Distream@@QAEXXZ
??0iostream@@IAE@XZ
??_Gistream@@UAEPAXI@Z
_tcsncat
wcstombs
??_8strstream@@7Bostream@@@
?setmode@ifstream@@QAEHH@Z
isxdigit
??5istream@@QAEAAV0@PAVstreambuf@@@Z
_wexecv
_ftol
_CIsin
wcslen
_isatty
??6ostream@@QAEAAV0@D@Z
_mbbtype
??_7strstreambuf@@6B@
??0filebuf@@QAE@H@Z
_wcsset
__iscsymf
_ismbcupper
_memccpy
_mbsncoll
fwscanf
??0istrstream@@QAE@PAD@Z

winscard

SCardIntroduceReaderA
SCardRemoveReaderFromGroupW
SCardConnectA
SCardAccessNewReaderEvent
SCardGetAttrib
SCardBeginTransaction
SCardTransmit
SCardAddReaderToGroupW
SCardForgetReaderGroupA
g_rgSCardT1Pci
SCardStatusA
SCardReleaseStartedEvent
SCardReleaseContext
SCardListCardsW
SCardListReaderGroupsW
SCardFreeMemory
SCardReleaseNewReaderEvent
SCardListCardsA
SCardIntroduceCardTypeA
SCardConnectW
SCardLocateCardsByATRW
SCardSetCardTypeProviderNameA
SCardForgetReaderA
SCardEndTransaction
SCardLocateCardsByATRA
SCardControl
SCardGetCardTypeProviderNameW
SCardLocateCardsA
SCardForgetReaderW
SCardForgetCardTypeA
SCardGetStatusChangeA
SCardListReadersA
SCardLocateCardsW
SCardGetStatusChangeW
SCardCancel
SCardIntroduceReaderGroupA
SCardSetAttrib
SCardListReadersW
SCardGetProviderIdA
ClassInstall32
SCardSetCardTypeProviderNameW
SCardDisconnect
SCardStatusW

gdi32

DdEntry30
UpdateColors
GdiGetPageHandle
GetEnhMetaFileDescriptionW
GetTextCharacterExtra
GdiSetAttrs
GetMetaRgn
ExcludeClipRect
GdiEntry1
DdEntry40
DdEntry52
SetICMMode
GetCharWidthA
STROBJ_bGetAdvanceWidths
CreateFontIndirectExA
DdEntry14
EngDeleteSemaphore
GdiConvertBitmap
GetTextExtentExPointA
BitBlt
DdEntry13
GdiGetBatchLimit
GetRandomRgn
AddFontResourceExW
SetBitmapDimensionEx
CreateEllipticRgn
DdEntry7
EngCreateClip
CreatePenIndirect

kernel32

InterlockedIncrement
GetProfileIntA
LoadLibraryA
IsValidLanguageGroup
SetComPlusPackageInstallStatus
UTRegister
GetStringTypeExA
SetConsoleCursor
VirtualLock
GetVDMCurrentDirectories
VirtualAlloc
_lclose
DeleteCriticalSection
LeaveCriticalSection
GlobalFlags
ZombifyActCtx
SetTermsrvAppInstallMode
GetStartupInfoA
GetVolumeInformationA
CallNamedPipeA
AreFileApisANSI
GetFullPathNameW
CreateIoCompletionPort
WaitNamedPipeW
ShowConsoleCursor
GetDiskFreeSpaceA
ExitProcess
GetConsoleCP
FindAtomA
SetCalendarInfoW
SetFileAttributesW
EnterCriticalSection
QueryPerformanceCounter
FileTimeToDosDateTime
SetVolumeMountPointW
IsValidLocale
FindNextFileW
BaseCheckAppcompatCache
CreateTapePartition
PostQueuedCompletionStatus

ole32

SNB_UserSize
CoInvalidateRemoteMachineBindings
CoRetireServer
HWND_UserFree
OleCreateLinkToFileEx
OleInitialize
StgGetIFillLockBytesOnFile
OleQueryCreateFromData
ReadClassStm
HMETAFILEPICT_UserMarshal
OleGetClipboard
CoGetTreatAsClass
StgIsStorageFile
UtGetDvtd16Info
HACCEL_UserUnmarshal
CoRegisterSurrogateEx
HMETAFILEPICT_UserUnmarshal
CoRevertToSelf
StgCreatePropStg
HPALETTE_UserFree
STGMEDIUM_UserUnmarshal
ProgIDFromCLSID
CoGetInterceptorFromTypeInfo
HPALETTE_UserMarshal
CoFreeLibrary
CoMarshalInterface
CoWaitForMultipleHandles
HWND_UserSize

d3d8thk

OsThunkDdGetMoCompGuids
OsThunkDdLock
OsThunkDdGetMoCompBuffInfo
OsThunkDdAlphaBlt
OsThunkDdReenableDirectDrawObject
OsThunkDdLockD3D
OsThunkDdQueryDirectDrawObject
OsThunkD3dContextCreate
OsThunkDdGetMoCompFormats
OsThunkDdDestroyMoComp
OsThunkDdAttachSurface
OsThunkDdEndMoCompFrame
OsThunkDdCanCreateSurface
OsThunkD3dDrawPrimitives2
OsThunkDdCreateSurface
OsThunkDdCreateD3DBuffer
OsThunkDdCreateSurfaceEx
OsThunkDdGetDC
OsThunkDdColorControl
OsThunkDdWaitForVerticalBlank
OsThunkDdCreateDirectDrawObject
OsThunkD3dContextDestroyAll
OsThunkDdGetScanLine
OsThunkDdDestroyD3DBuffer
OsThunkDdGetDriverInfo
OsThunkDdUnlockD3D
OsThunkDdReleaseDC
OsThunkDdCreateSurfaceObject
OsThunkDdUpdateOverlay
OsThunkDdGetFlipStatus
OsThunkDdGetInternalMoCompInfo
OsThunkD3dContextDestroy
OsThunkDdFlipToGDISurface
OsThunkDdGetBltStatus
OsThunkDdUnattachSurface
OsThunkDdGetDriverState
OsThunkDdCreateMoComp
OsThunkDdSetColorKey
OsThunkDdSetExclusiveMode
OsThunkDdBeginMoCompFrame
OsThunkD3dValidateTextureStageState
OsThunkDdUnlock

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 220KB - Virtual size: 219KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 572KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1f7ba45632ec1166f4a2b188b2d6fedb

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt20

winscard

gdi32

kernel32

ole32

d3d8thk

Sections

.text Size: 48KB - Virtual size: 48KB

.rdata Size: 220KB - Virtual size: 219KB

.data Size: 572KB - Virtual size: 2.0MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 48KB - Virtual size: 48KB

.rdata
Size: 220KB - Virtual size: 219KB

.data
Size: 572KB - Virtual size: 2.0MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 1024B