4aab3e6ac278889322a964f069fa257ac2792dcd17293f8b9f0bfae12a4f7518

Sharing

Copy URL

Twitter E-mail

General

Target

4aab3e6ac278889322a964f069fa257ac2792dcd17293f8b9f0bfae12a4f7518
Size

340KB
MD5

74cdb42da9136b13a07e00a2bfc60323
SHA1

f4e02831a49a93bbba08986c896ef189cd76a755
SHA256

4aab3e6ac278889322a964f069fa257ac2792dcd17293f8b9f0bfae12a4f7518
SHA512

f36dffecf9a16427597275adbf9c6fbc4c672d0e987ea1fcfee043dc2df608601f088fe5e9f1e8a50a882bc5068afcf082c456f399cde7cc8a139a07897e22bb
SSDEEP

6144:iYAwVrav70c4ypVPDlhy2tbZ/fifR7B/5/zM1v2k4Lqv8ifX1:nNrcwc4cty2//0l/wvP4Lqvjl

Score

N/A

Malware Config

Signatures

Files

4aab3e6ac278889322a964f069fa257ac2792dcd17293f8b9f0bfae12a4f7518
.exe windows x86

218ca2d525e1f7f27df1fa156c82780d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

LPSAFEARRAY_UserMarshal

msvcrt

labs
__iscsym
__dllonexit
_onexit
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_y0
_wctime64
exit

user32

InSendMessage
CreateIconFromResource
CreateIconFromResourceEx

mpr

WNetAddConnectionA
WNetConnectionDialog
WNetConnectionDialog1A

advapi32

RegQueryInfoKeyW
GetTrusteeTypeA
SetNamedSecurityInfoA
GetTrusteeFormA
LogonUserA
SetServiceObjectSecurity
RegSetValueExW
RegQueryInfoKeyA
GetServiceDisplayNameW
RegConnectRegistryA
ControlService
OpenServiceA
LsaQueryInformationPolicy
RegUnLoadKeyW
DeleteService
RegRestoreKeyW
EnumDependentServicesA
RegCreateKeyA
RegQueryValueW
RegCreateKeyW
RegNotifyChangeKeyValue
RegCloseKey
GetUserNameW
RegOpenKeyExW
CreateServiceW
StartServiceCtrlDispatcherW
ReportEventA
LsaFreeMemory
CreateProcessAsUserW
RegDeleteKeyA
RegSetValueA
DecryptFileW
QueryServiceLockStatusW

mfc42

ord2982
ord1060
ord3259
ord4465
ord1063
ord3262
ord2985
ord3081
ord2976
ord1051
ord1071
ord3831
ord3825
ord3079
ord4080
ord1168
ord1017
ord4424
ord3738
ord561
ord1576
ord5714
ord1040
ord5307
ord3830
ord1086
ord815
ord6375
ord4486
ord1072
ord1015
ord5731
ord3922
ord1089
ord1022
ord2396
ord1096
ord1001
ord5302
ord2725
ord1026

Sections

.text
Size: 172KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

218ca2d525e1f7f27df1fa156c82780d

Headers

File Characteristics

Imports

oleaut32

msvcrt

user32

mpr

advapi32

mfc42

Sections

.text Size: 172KB - Virtual size: 168KB

.rdata Size: 52KB - Virtual size: 48KB

.data Size: 56KB - Virtual size: 2.8MB

.rsrc Size: 56KB - Virtual size: 54KB

.text
Size: 172KB - Virtual size: 168KB

.rdata
Size: 52KB - Virtual size: 48KB

.data
Size: 56KB - Virtual size: 2.8MB

.rsrc
Size: 56KB - Virtual size: 54KB