556863463343e0d0ffcebdefbf72f27be647650a70f06650ce0219b732cd2300

Sharing

Copy URL

Twitter E-mail

General

Target

556863463343e0d0ffcebdefbf72f27be647650a70f06650ce0219b732cd2300
Size

392KB
MD5

3b1d8817c3b53cd294686d8a7932e57d
SHA1

b79bb02b9741147b9c84d50500abf834927ba1a5
SHA256

556863463343e0d0ffcebdefbf72f27be647650a70f06650ce0219b732cd2300
SHA512

5c576fa03c99b44b768adcdbf21a4c455bc554640900c52846449d6e749e4542d2f630618b1e37a04e59a1fbc3cd16477e5fae2037b883f8c713c42b2526e38e
SSDEEP

6144:Zu6tVrgHU2GyWnDx8P6WKB4BOY+MmesKT/CbvuOAGvItf1rH8j7:Zu674Yx8PuB4BOYlmvKuv1ItfxcX

Score

N/A

Malware Config

Signatures

Files

556863463343e0d0ffcebdefbf72f27be647650a70f06650ce0219b732cd2300
.exe windows x86

aa3515ab62feffff98cac65c072bd086

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExW
RegQueryInfoKeyW
RegNotifyChangeKeyValue
SetServiceObjectSecurity
RegisterServiceCtrlHandlerA
RegSetValueExA
CreateServiceW
RegSetValueW
RegisterEventSourceA
OpenServiceA
CloseServiceHandle
ChangeServiceConfigW
ChangeServiceConfig2W
LogonUserA
GetServiceDisplayNameW
QueryServiceLockStatusW
ReportEventA
RegCreateKeyExA
RegCreateKeyExW
RegOverridePredefKey
RegCreateKeyA
RegDeleteKeyA
ChangeServiceConfig2A
GetUserNameW
LsaQueryInformationPolicy
RegCloseKey
RegisterServiceCtrlHandlerW
EnumServicesStatusA
ReportEventW
RegCreateKeyW
RegQueryInfoKeyA
RegEnumKeyExA
LockServiceDatabase
QueryServiceConfigW
ReadEventLogW
ChangeServiceConfigA
CreateProcessAsUserW
QueryServiceStatus
RegConnectRegistryA
RegSetValueExW
LsaOpenPolicy
DeleteService
OpenSCManagerW
RegEnumKeyW
EnumDependentServicesA
LsaFreeMemory
RegSetValueA
RegQueryValueA
RegOpenKeyExA
StartServiceCtrlDispatcherW
DecryptFileW
ControlService
RegRestoreKeyW
GetServiceKeyNameA

msvcrt

_cprintf
__dllonexit
_onexit
_open
_ultoa
putc
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_fsopen

user32

MessageBoxA
CharUpperW
CreateDialogIndirectParamA
CallMsgFilterA
GetFocus
SendDlgItemMessageA
CreateWindowStationW
GetDlgCtrlID
GetLastActivePopup
FillRect
InsertMenuA
VkKeyScanExA
FindWindowExW
GetScrollRange
DdeConnect
SetCaretPos
IsDialogMessageA
CharToOemA
ShowCursor
DrawIcon
CreateMenu
ReleaseDC
GetProcessWindowStation
SetWindowLongA
ClipCursor
WinHelpA
GetClipboardData
IsCharAlphaW
GetKeyNameTextW
GetSysColor
GetClassLongA
CharPrevW
SetRectEmpty
DestroyAcceleratorTable
SetCapture
IsWindow
SetWindowLongW
GetSystemMetrics
DestroyCursor
GetDlgItem
ValidateRect
DrawTextW
DdeQueryStringA
PtInRect
DrawTextExA
FindWindowExA
LoadIconA
CheckMenuItem
CopyImage
CreateDialogIndirectParamW
DrawIconEx
GetWindowModuleFileNameA
SetWindowTextW
UnpackDDElParam
CloseWindow
CharPrevA
MapVirtualKeyExW
SetForegroundWindow
GetTabbedTextExtentA
SendInput
EnableScrollBar
FindWindowA
ShowScrollBar
CloseDesktop
CopyAcceleratorTableW
IsWindowEnabled
WaitMessage
WinHelpW
GetWindow
GetScrollPos
PeekMessageW
GetMenuItemCount
GetUserObjectInformationW
GetClassNameA
RegisterClassExW
DestroyMenu
TranslateMessage
MapVirtualKeyExA
PostQuitMessage
IsCharAlphaNumericA
OffsetRect
ScreenToClient
RemoveMenu
CreateDialogParamA
GetClipCursor
SetRect
TranslateAcceleratorA
FrameRect
ModifyMenuA
DdeAccessData
RegisterHotKey
CheckRadioButton
DrawStateW
IsMenu
EnumThreadWindows
UnionRect
SendNotifyMessageW
ShowCaret
LoadImageA
GetSysColorBrush
SetWindowPlacement
MapVirtualKeyW
GetWindowThreadProcessId
IsClipboardFormatAvailable
LoadBitmapA
DrawStateA
ReuseDDElParam
TranslateMDISysAccel
DdeClientTransaction
GetDC
CharLowerA
DdeFreeStringHandle
RegisterClipboardFormatW
TranslateAcceleratorW
MoveWindow
PostMessageA
WindowFromPoint
GetGUIThreadInfo
ClientToScreen
DefWindowProcA
GetMessageExtraInfo
wvsprintfA
AttachThreadInput
SetDlgItemInt
SetActiveWindow
GetMenuItemID
MapVirtualKeyA
SetWindowPos
ChangeClipboardChain
GrayStringW
LoadKeyboardLayoutW
IntersectRect
SetClassLongA
LockWindowUpdate
GetKeyboardState
GetQueueStatus
DialogBoxIndirectParamA
IsZoomed

gdi32

GetGlyphOutlineW
GetDIBColorTable
GetObjectA
SwapBuffers
CreateMetaFileA
GetClipRgn
SetWorldTransform
PolyDraw
SetPixelFormat
SelectPalette
GetMapMode
ExtFloodFill
ScaleWindowExtEx
EnumFontFamiliesExW
CreateRoundRectRgn
SetPixelV
SetPixel
CreateBitmap
EnumFontFamiliesA
Chord
SetAbortProc
SetStretchBltMode
EnumFontsW
GetObjectW
Ellipse
CreateEllipticRgn
SetWinMetaFileBits
SetRectRgn
Polyline
CreateCompatibleDC
PolyPolyline
TextOutA
GetEnhMetaFilePaletteEntries
DeleteDC
SetTextAlign
CopyEnhMetaFileA
GetSystemPaletteEntries
GetCharABCWidthsW
CreatePenIndirect
StretchBlt
MoveToEx
GetTextMetricsA
DeleteEnhMetaFile
GetDIBits
SetBitmapBits
StartPage
StartDocW
StrokePath
FillRgn
CreateSolidBrush
ExtCreateRegion
CreateICA
PolyBezierTo
GetStockObject
PlayEnhMetaFileRecord
SetDeviceGammaRamp
GetBkColor
GetPixel
LPtoDP
EndDoc
GetBitmapBits
FillPath
PatBlt
OffsetClipRgn
GetWinMetaFileBits
GetTextCharsetInfo
Polygon
CreateDIBSection
GetDeviceCaps
PtVisible
EndPage
RestoreDC
GetEnhMetaFileHeader
EndPath
ExtCreatePen
GetEnhMetaFileBits
GetGlyphOutlineA
CreateRectRgn
SetColorAdjustment
SetROP2
RectVisible
SetWindowOrgEx
CreateFontIndirectA
RemoveFontResourceA
CloseEnhMetaFile
AbortDoc
GetTextAlign
IntersectClipRect
EqualRgn
DeleteObject
SetBkColor
SelectClipRgn
CreateDCA
CreateDCW
GetKerningPairsA
SetTextCharacterExtra

kernel32

GetEnvironmentStringsW
OpenThread
GetTapePosition
CreateDirectoryExA

mfc42

ord6375
ord4486
ord2554
ord1088
ord5731
ord3922
ord1089
ord1054
ord2396
ord3346
ord1074
ord5302
ord2725
ord1013
ord4698
ord5307
ord1097
ord5714
ord815
ord2982
ord1082
ord1168
ord3259
ord4465
ord1046
ord3262
ord2985
ord3081
ord2976
ord3401
ord3830
ord3831
ord3825
ord3079
ord4080
ord1074
ord4424
ord3738
ord561
ord1576
ord1098

Sections

.text
Size: 252KB - Virtual size: 250KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aa3515ab62feffff98cac65c072bd086

Headers

File Characteristics

Imports

advapi32

msvcrt

user32

gdi32

kernel32

mfc42

Sections

.text Size: 252KB - Virtual size: 250KB

.rdata Size: 60KB - Virtual size: 56KB

.data Size: 64KB - Virtual size: 2.8MB

.rsrc Size: 12KB - Virtual size: 9KB

.text
Size: 252KB - Virtual size: 250KB

.rdata
Size: 60KB - Virtual size: 56KB

.data
Size: 64KB - Virtual size: 2.8MB

.rsrc
Size: 12KB - Virtual size: 9KB