cff5511b538c369243783864a5b2966659c7069e6df8fd77a0408a7e57efbb05

Sharing

Copy URL Twitter E-mail

General

Target

cff5511b538c369243783864a5b2966659c7069e6df8fd77a0408a7e57efbb05
Size

238KB
MD5

af54b7137e28d6f15a2d7bd4e230c51d
SHA1

7260e49ea0897fcab44fdc6ebf0a6bc072db1928
SHA256

cff5511b538c369243783864a5b2966659c7069e6df8fd77a0408a7e57efbb05
SHA512

2e9d0bce4fe5319817e5d741c5bc01a401187a0573504fd77e2d50db6ceefdd9b4205e30137013611ff538cea0e17a9327aa60c93e98f2319d41086666f6956d
SSDEEP

6144:Y0a4wvDO6gaiRaz6Wj2gOIUH5IVMwzILIvDMd13H:Tuq6VSa+Wj+IM5IiwE0vDMd13H

Score

N/A

Malware Config

Signatures

Files

cff5511b538c369243783864a5b2966659c7069e6df8fd77a0408a7e57efbb05
.exe windows x86

077fdcd18334de8eb3756fbede755b28

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleCreateFromFileEx
StgIsStorageFile
OleQueryLinkFromData
CoTreatAsClass
CreateDataCache
StgGetIFillLockBytesOnILockBytes
RevokeDragDrop
CoUnloadingWOW
OleFlushClipboard
GetHGlobalFromStream
OleCreateEx
CoRegisterPSClsid
OleBuildVersion
OleCreateLinkToFileEx
CoInitializeSecurity
CoGetInterfaceAndReleaseStream
OleDuplicateData
MonikerRelativePathTo
MonikerCommonPrefixWith
OleCreateDefaultHandler
CoReleaseMarshalData
OleCreateMenuDescriptor
CoGetClassObject
StgCreateStorageEx
OleCreateLinkFromData
UpdateDCOMSettings
OleRegEnumVerbs
WriteFmtUserTypeStg
OleRegGetMiscStatus
OleMetafilePictFromIconAndLabel
GetHGlobalFromILockBytes
OleCreateLinkFromDataEx
OleGetIconOfClass
StgCreateDocfileOnILockBytes
CoFreeUnusedLibraries
CoRevokeMallocSpy
CoCreateInstance
UtGetDvtd32Info
CLSIDFromProgID
OleConvertIStorageToOLESTREAM
StgOpenStorageOnILockBytes
CreateStreamOnHGlobal
CreateFileMoniker
OleCreateFromDataEx
CoFreeLibrary
CoIsOle1Class
GetDocumentBitStg

shlwapi

PathGetCharTypeW
StrToIntA
PathSkipRootA
PathBuildRootW
StrTrimW
PathQuoteSpacesA
UrlCompareW
PathIsRootA
PathRemoveBackslashA
PathIsDirectoryW
PathIsLFNFileSpecW
PathSetDlgItemPathA
PathFindSuffixArrayA
PathCombineW
PathCreateFromUrlA
SHRegEnumUSValueA
SHRegDeleteUSValueW
SHEnumValueA
PathAppendA
AssocQueryStringA
StrFormatByteSizeA
ColorAdjustLuma
PathIsNetworkPathW
PathRemoveBlanksA
StrChrW
PathAddBackslashA
StrStrIW
PathIsDirectoryEmptyA
UrlIsNoHistoryW
PathRemoveFileSpecW
SHEnumKeyExW
StrSpnW
UrlGetLocationW
PathGetCharTypeA
PathIsUNCServerW
PathUnquoteSpacesW
SHCreateStreamOnFileA
SHRegGetUSValueW
StrPBrkA
UrlCanonicalizeA
PathMakePrettyA

advapi32

GetNumberOfEventLogRecords
GetServiceKeyNameW
BuildTrusteeWithNameW
RegEnumKeyExW
SetServiceObjectSecurity
CopySid
AddAce
CryptAcquireContextA
GetAccessPermissionsForObjectW
GetSecurityDescriptorControl
CryptGetProvParam
RegUnLoadKeyW
IsTextUnicode
CryptGetUserKey
SetServiceStatus
CryptSetProviderExW
RegCreateKeyExW
InitiateSystemShutdownA
GetEffectiveRightsFromAclA
EnumDependentServicesW
RegEnumValueA
AbortSystemShutdownW
CryptGetHashParam
CryptSignHashA
CryptSetProviderW
StartServiceA
BuildImpersonateExplicitAccessWithNameA
AreAnyAccessesGranted
LookupAccountSidA
StartServiceCtrlDispatcherA
CryptCreateHash
SetNamedSecurityInfoA

kernel32

CreateProcessA
FreeLibraryAndExitThread
FindNextChangeNotification
OpenMutexA
GetLogicalDriveStringsA
GetFileAttributesW
LocalFlags
GetConsoleScreenBufferInfo
ExpandEnvironmentStringsW
VirtualAlloc
QueryDosDeviceW
CreateFileMappingW
IsBadReadPtr
GetTimeFormatW
GetSystemInfo
DeleteFiber
FindResourceExA
DuplicateHandle
PurgeComm
OpenSemaphoreW
SetCommMask
LoadResource
EnumResourceNamesA
VirtualAllocEx
WaitNamedPipeA
GetLogicalDriveStringsW
SetTimeZoneInformation
GetNamedPipeInfo
GetUserDefaultLangID
RtlFillMemory
ReadConsoleA
GetLogicalDrives
ReleaseSemaphore
DisconnectNamedPipe
SetConsoleTextAttribute
DeleteFileA
MapViewOfFileEx
GetCommProperties
SetCommConfig
ReadConsoleOutputCharacterW
GetSystemDirectoryA
EnumCalendarInfoExA
GetCompressedFileSizeA
EnumDateFormatsW
VirtualProtect
MulDiv

Sections

.text
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

077fdcd18334de8eb3756fbede755b28

Headers

DLL Characteristics

File Characteristics

Imports

ole32

shlwapi

advapi32

kernel32

Sections

.text Size: 59KB - Virtual size: 58KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 16KB

.text
Size: 59KB - Virtual size: 58KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 16KB