7dd70f002b37020b7f4c79d3e2cc5796f7ce31b619b8cf87e37b02c61ee53b7c

Sharing

Copy URL Twitter E-mail

General

Target

7dd70f002b37020b7f4c79d3e2cc5796f7ce31b619b8cf87e37b02c61ee53b7c
Size

802KB
MD5

bbdcb2b4400e1f928d2116e332e96e72
SHA1

8edcbebb5a39fd85501caf88a726b3002586d448
SHA256

7dd70f002b37020b7f4c79d3e2cc5796f7ce31b619b8cf87e37b02c61ee53b7c
SHA512

654712ce0856569be4cf83e7d042f81d073e577199957cfdabed25813c6aee4e292e925128a43b85cb397ecff50df8c3b67c6125d31bbd6bf52c6d8c8eb74f54
SSDEEP

24576:ASBkc+lWi3aqXfVLzxpAHgmXMaEyGuDpNj:Jh+HqqZQg8MabDpx

Score

N/A

Malware Config

Signatures

Files

7dd70f002b37020b7f4c79d3e2cc5796f7ce31b619b8cf87e37b02c61ee53b7c
.exe windows x86

7445a9a783a0de94bf1a83d8b9c8bedd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateRemoteThread
VirtualFreeEx
UpdateResourceA
GetPrivateProfileSectionW
QueryDosDeviceW
OpenMutexA
GetPrivateProfileSectionNamesW
GlobalUnfix
VirtualProtect
FlushFileBuffers
ContinueDebugEvent
EnumResourceNamesA
LockFile
OpenWaitableTimerW
GetSystemDefaultLCID
VirtualAlloc
GetFileAttributesW
IsBadHugeWritePtr
SetSystemTime
TransactNamedPipe
FindResourceExA
GetProcessTimes
OpenSemaphoreW
WriteFile
SetConsoleTitleW
EnumCalendarInfoW
SetFileTime
ReleaseSemaphore
GetSystemTime
GetUserDefaultLangID
DisconnectNamedPipe
FoldStringA
IsProcessorFeaturePresent
BuildCommDCBA
GetWriteWatch
SetProcessPriorityBoost
GetPrivateProfileSectionNamesA
WaitForDebugEvent
BuildCommDCBAndTimeoutsA
EnumResourceTypesA
PulseEvent
EnumDateFormatsExA
OpenSemaphoreA
BackupSeek
MulDiv

advapi32

CryptDuplicateHash
CryptGetUserKey
CryptEnumProvidersA
ClearEventLogW
CryptSetProviderW
AdjustTokenGroups
RegOpenKeyA
CryptDestroyKey
GetSecurityInfo
CryptSignHashA
GetTrusteeTypeW
CryptSetProviderExA
GetAclInformation
OpenBackupEventLogW
CryptExportKey
GetServiceKeyNameW
SetSecurityDescriptorGroup
GetAuditedPermissionsFromAclW
ReadEventLogW
CryptSetProvParam
LookupPrivilegeDisplayNameW
CryptHashData
LookupPrivilegeNameW
CryptGetProvParam
GetMultipleTrusteeA
InitializeSecurityDescriptor
RegQueryMultipleValuesA
ImpersonateSelf
CryptSetProviderA
EqualSid
RegOpenKeyExW
CloseServiceHandle
AccessCheck
NotifyChangeEventLog
FreeSid
SetSecurityInfoExA
GetOverlappedAccessResults
RegEnumValueA
DuplicateTokenEx
RegDeleteValueA

ole32

OleSetAutoConvert
OleCreateLinkToFile
CoGetCallerTID
CoGetInstanceFromFile
OleCreateLinkFromData
CoDosDateTimeToFileTime
OleSetContainedObject
CoGetCurrentLogicalThreadId
CoCreateInstanceEx
CoSuspendClassObjects
OleCreateLink
OleGetClipboard
OleSetClipboard
UtGetDvtd16Info
OleDestroyMenuDescriptor
ReadFmtUserTypeStg
OleCreateEmbeddingHelper
OleSave
CreateGenericComposite
CoCopyProxy
CoMarshalInterface
CoInitializeWOW
OleCreateFromDataEx
WriteClassStm
OleRun
CoRegisterPSClsid
WriteClassStg
CoReleaseMarshalData
OleRegGetUserType
PropVariantClear
CoSetProxyBlanket
GetHGlobalFromILockBytes
CoQueryReleaseObject
WriteStringStream
OleConvertOLESTREAMToIStorageEx
OleSaveToStream
OleCreateLinkEx
GetConvertStg
EnableHookObject
CoQueryProxyBlanket
StringFromIID
StgCreateStorageEx
OleRegGetMiscStatus
OleCreateMenuDescriptor

shlwapi

PathIsPrefixA
UrlCompareW
PathAddExtensionA
PathIsUNCServerShareA
StrRetToBufW
PathFindFileNameW
PathIsUNCServerW
SHRegQueryUSValueW
PathFindOnPathW
PathMakePrettyA
PathIsUNCServerA
SHCopyKeyW
PathFindExtensionA
PathFindExtensionW
PathCompactPathW
UrlApplySchemeW
PathFileExistsA
StrCmpNW
SHDeleteValueA
StrRStrIW
PathGetCharTypeA
StrStrIW
StrRChrW
PathIsRootW
PathIsDirectoryEmptyW
SHOpenRegStreamA
PathCompactPathA
PathQuoteSpacesW
UrlGetLocationW
StrToIntExW
PathIsContentTypeW
PathSkipRootA
StrStrIA
AssocQueryStringByKeyW
PathIsDirectoryEmptyA
StrFormatByteSize64A
SHAutoComplete
PathRemoveBlanksA

Sections

.text
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7445a9a783a0de94bf1a83d8b9c8bedd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

ole32

shlwapi

Sections

.text Size: 59KB - Virtual size: 58KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 16KB

.text
Size: 59KB - Virtual size: 58KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 16KB