734b94fca71377f8ebab2857f3a4a115

Sharing

Copy URL

Twitter E-mail

General

Target

734b94fca71377f8ebab2857f3a4a115
Size

151KB
MD5

734b94fca71377f8ebab2857f3a4a115
SHA1

85de4550cffe67e7867c72c21d8bcf42e3390809
SHA256

c251b0b9667c44968929f30600ebe00ffddbecdb7c3418dc02f4fe9057647444
SHA512

560a80cbc6b4b40f194369bfb57be89e2698e79486f217f079be7ad7e16d682cdd437ea699081fd3a81e533396a92c9df8e584c68ec9592ea7f4b03b6521a79e
SSDEEP

3072:TNMJoqRDOLP5JP2dflpBmY/nYKMamWH/d390mITPqsWpw/I+AN/fJNjY98:TNMJoqRKLHK9zB/uaLH/b0LqAIrtjt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
734b94fca71377f8ebab2857f3a4a115

Files

734b94fca71377f8ebab2857f3a4a115
.exe windows:5 windows x86 arch:x86

ed748961d0b70ada93c121887cd53e22

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetTapePosition
GetConsoleHardwareState
AddLocalAlternateComputerNameW
EnumTimeFormatsA
SetSystemPowerState
Process32NextW
CompareStringW
SetCalendarInfoW
LoadLibraryA
GetComputerNameExA
SetEvent
PurgeComm
WaitForMultipleObjects
lstrcmpA
ReadFile
Toolhelp32ReadProcessMemory
ReadFileEx
SignalObjectAndWait
GetSystemDirectoryW
GetNumberOfConsoleFonts
NlsGetCacheUpdateCount
SetClientTimeZoneInformation
SetFileApisToANSI
GetNumberFormatW
OpenFile
LockResource
GetConsoleAliasesW
LocalUnlock
GetConsoleWindow
LZRead
GetConsoleOutputCP
FindCloseChangeNotification
BeginUpdateResourceW
HeapQueryInformation
InitializeCriticalSectionAndSpinCount
EnumSystemCodePagesW
VirtualProtectEx
OutputDebugStringA
SetFileAttributesA
WritePrivateProfileSectionW
FindFirstVolumeMountPointA
VirtualAlloc
CommConfigDialogA
lstrcpyA
BaseDumpAppcompatCache
WriteProfileStringW
RegisterWaitForSingleObjectEx
SetThreadUILanguage
FlushInstructionCache
LZStart
HeapDestroy
GetFileSize
GlobalGetAtomNameA
MultiByteToWideChar
LZInit
Heap32ListNext
GetFileAttributesA
GetCurrentDirectoryA
GetNextVDMCommand
QueryDosDeviceA
FreeResource
SetEnvironmentVariableA
VerifyConsoleIoHandle
ResetEvent
SystemTimeToTzSpecificLocalTime
SetupComm
UnregisterWaitEx
AddAtomA
WriteConsoleInputVDMW
ProcessIdToSessionId
HeapCreate
QueryPerformanceCounter
SetConsoleOS2OemFormat
GlobalAddAtomA
ReadFileScatter
FileTimeToSystemTime
GetVolumeNameForVolumeMountPointW
CreateActCtxA
GlobalFindAtomA
GetStartupInfoA
WriteConsoleOutputW
GetDriveTypeW
GetWriteWatch
SleepEx
SetCurrentDirectoryA
SetConsoleMaximumWindowSize
GetDevicePowerState
BaseCleanupAppcompatCacheSupport

odbc32

SQLSetStmtOption
SQLDescribeCol
SQLSetStmtAttrW
SQLError
SQLGetTypeInfoA
SQLAllocHandle
SQLForeignKeysA
SQLSetPos
SQLSetCursorNameA
SQLBindParam
SQLBindCol
SQLSetCursorNameW
SQLGetInfoW
SQLTablePrivileges
SQLDriverConnect
SQLPrepareA
SQLExtendedFetch
SQLSetEnvAttr
SQLNumParams
ValidateErrorQueue
SQLRowCount
SQLColumns
SQLSetConnectOptionA
SQLPutData
SQLNativeSqlA
SQLGetDiagFieldW
SQLSetStmtAttr
SQLSetConnectAttr
SQLAllocStmt
SQLSpecialColumnsA
SQLSetDescField
SQLFetch
SQLGetStmtOption
SQLFreeEnv
SQLDriversA
SQLDescribeParam
SearchStatusCode
SQLColumnPrivilegesW
SQLSetParam
SQLPrepareW
SQLDescribeColA

mfcsubs

?RemoveKey@CMapStringToPtr@@QAEHPBG@Z
?ConcatInPlace@CString@@IAEXHPBG@Z
?FindOneOf@CString@@QBEHPBG@Z
??H@YG?AVCString@@ABV0@D@Z
??ACStringArray@@QBE?AVCString@@H@Z
??_7CStringArray@@6B@
?Copy@CStringArray@@QAEXABV1@@Z
?GetData@CString@@IBEPAUCStringData@@XZ
?FormatMessageW@CString@@QAAXIZZ
??P@YG_NPBGABVCString@@@Z
?GetData@CStringArray@@QAEPAVCString@@XZ
??M@YG_NABVCString@@0@Z
?Lookup@CMapStringToPtr@@QBEHPBGAAPAX@Z
??9@YG_NABVCString@@0@Z
?GetAt@CStringArray@@QBE?AVCString@@H@Z
??H@YG?AVCString@@ABV0@G@Z
?FormatV@CString@@IAEXPBGPAD@Z
?LockBuffer@CString@@QAEPAGXZ
?Mid@CString@@QBE?AV1@H@Z
?Mid@CString@@QBE?AV1@HH@Z
?Release@CString@@IAEXXZ
??YCString@@QAEABV0@G@Z
??0CString@@QAE@PBE@Z
?SpanExcluding@CString@@QBE?AV1@PBG@Z
?TrimRight@CString@@QAEXXZ
?InsertAt@CStringArray@@QAEXHPAV1@@Z
?SetSize@CStringArray@@QAEXHH@Z
??BCString@@QBEPBGXZ
?Unlock@CCriticalSection@@UAEHXZ
??0CSyncObject@@QAE@PBG@Z
??_FCMapStringToPtr@@QAEXXZ
??0CCriticalSection@@QAE@XZ
??8@YG_NPBGABVCString@@@Z
??ACMapStringToPtr@@QAEAAPAXPBG@Z
?AfxLoadString@@YGHIPAGI@Z
??H@YG?AVCString@@DABV0@@Z
?Lock@CCriticalSection@@UAEHK@Z
?GetAssocAt@CMapStringToPtr@@IBEPAUCAssoc@1@PBGAAI@Z
?SetAtGrow@CStringArray@@QAEXHPBG@Z
?SetAt@CMapStringToPtr@@QAEXPBGPAX@Z

winscard

SCardListReaderGroupsW
SCardForgetReaderGroupW
SCardReleaseStartedEvent
SCardFreeMemory
SCardGetProviderIdW
SCardIntroduceReaderW
SCardEndTransaction
SCardState
SCardIntroduceReaderGroupA
SCardSetCardTypeProviderNameA
SCardListReadersW
SCardConnectW
SCardSetCardTypeProviderNameW
SCardReconnect
SCardIsValidContext
SCardReleaseNewReaderEvent
SCardListReadersA
SCardIntroduceCardTypeA
SCardDisconnect
SCardTransmit
SCardListInterfacesW
g_rgSCardT0Pci
SCardLocateCardsW
SCardForgetCardTypeW
SCardStatusW
SCardAccessNewReaderEvent
SCardEstablishContext
SCardListCardsA
SCardAddReaderToGroupW
SCardReleaseAllEvents
g_rgSCardRawPci
SCardIntroduceCardTypeW
SCardGetProviderIdA

opengl32

glTexEnviv
glBegin
glColor4s
wglSwapMultipleBuffers
glNormal3s
glTexCoord1i
glColor3ub
glIndexubv
glDeleteLists
glGetIntegerv
glPixelMapfv
glTexCoord3i
glPushClientAttrib
wglCreateLayerContext
glColor3f
glPixelStorei
glTexCoord1s
glPointSize
glGenLists
glInterleavedArrays
glCopyTexSubImage1D
glColor4i
glVertex2dv
glEdgeFlag
glNormal3dv
glRasterPos2f
glVertex4i
glVertex2d
glGetMaterialfv
glGetPointerv
glScissor
glListBase
glEdgeFlagPointer
glGetClipPlane
glIndexs
glMapGrid1d
wglUseFontBitmapsW
glDeleteTextures
glNormal3sv
glPushAttrib
glDrawElements
glEnd
glColor3iv
glPixelMapuiv
glNormal3fv

dsound

DirectSoundEnumerateW
DirectSoundCaptureEnumerateA
DirectSoundCreate
DirectSoundEnumerateA
DirectSoundCaptureCreate
DirectSoundCaptureCreate8
DirectSoundFullDuplexCreate
DirectSoundCreate8
GetDeviceID
DirectSoundCaptureEnumerateW
DllGetClassObject

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ed748961d0b70ada93c121887cd53e22

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

odbc32

mfcsubs

winscard

opengl32

dsound

Sections

.text Size: 57KB - Virtual size: 57KB

.rdata Size: 78KB - Virtual size: 78KB

.data Size: 12KB - Virtual size: 139KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 57KB - Virtual size: 57KB

.rdata
Size: 78KB - Virtual size: 78KB

.data
Size: 12KB - Virtual size: 139KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 1024B - Virtual size: 1024B