d3a68316c40b257dec4f09f70490a49e18be4dd3a433ece23b2ea896f66085a3

Sharing

Copy URL

Twitter E-mail

General

Target

d3a68316c40b257dec4f09f70490a49e18be4dd3a433ece23b2ea896f66085a3
Size

68KB
MD5

1af2f1aa2eb2599ce41bd85eb0309678
SHA1

2f227e95e5e52ae22fd58a4a920992b9f3d6a28d
SHA256

d3a68316c40b257dec4f09f70490a49e18be4dd3a433ece23b2ea896f66085a3
SHA512

43e9a059188e680a7481c0c71f902d2e50014392d878d7569c75a443f7f5e475f0c75ebd4aecb778c244fca03598f0a337f973519c51561a9a404f6a9cb21f1b
SSDEEP

1536:dPLKDuKmrIYjbi8RxlgwB2Coy1+tMmgfKUKZwHGeY7Qz:xuv0I+eoz2CoC+tM/SUM7U

Score

N/A

Malware Config

Signatures

Files

d3a68316c40b257dec4f09f70490a49e18be4dd3a433ece23b2ea896f66085a3
.exe windows x86

7dc2bc2769d32734b683f1801494b97e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptGetUserKey
LookupPrivilegeNameA
DeregisterEventSource
GetAccessPermissionsForObjectW
RegNotifyChangeKeyValue
CryptSetProviderA
CryptDuplicateKey
RegQueryInfoKeyA
QueryServiceLockStatusW
GetSecurityDescriptorGroup
InitializeSecurityDescriptor
RegQueryValueExW
RegDeleteValueW
SetEntriesInAuditListA
BackupEventLogW
LogonUserW
OpenBackupEventLogW
LookupPrivilegeDisplayNameW
GetEffectiveRightsFromAclA
SetSecurityInfo
SetSecurityInfoExW
CryptEncrypt
QueryServiceObjectSecurity
RegQueryMultipleValuesA
AllocateLocallyUniqueId
BuildTrusteeWithNameW
SetSecurityInfoExA
GetNamedSecurityInfoW
ReportEventW
CryptGenRandom
NotifyChangeEventLog
RegCreateKeyExW
RegReplaceKeyW
SetAclInformation
OpenEventLogW
LookupPrivilegeValueA
ControlService
SetSecurityDescriptorOwner
GetAce
CryptDestroyKey
RegEnumKeyExW
SetNamedSecurityInfoExA
DuplicateToken
CryptEnumProvidersA
AddAccessAllowedAce
GetServiceKeyNameW
SetTokenInformation
CryptHashData
CryptGetDefaultProviderW

kernel32

MapViewOfFileEx
GetProcessHeaps
RemoveDirectoryW
GetNamedPipeHandleStateW
HeapWalk
GetBinaryTypeW
GlobalCompact
GetProfileStringA
SetWaitableTimer
VirtualAlloc
Thread32First
GetWriteWatch
GetSystemPowerStatus
FatalAppExitW
OutputDebugStringW
SetHandleInformation
SetMessageWaitingIndicator
SignalObjectAndWait
LoadModule
SetErrorMode
BackupSeek
SetConsoleScreenBufferSize
CreateDirectoryExW
RequestDeviceWakeup
CreateIoCompletionPort
GetCalendarInfoW
EnumTimeFormatsA
HeapValidate
GetStringTypeW
GlobalAlloc
CreateDirectoryW
CreateProcessW
GetCurrentDirectoryA
SearchPathW
ReadConsoleA
SwitchToThread
EnumResourceNamesA
CreateEventW
CreateProcessA
UnlockFileEx
LoadLibraryExA
GetExitCodeThread
CreateDirectoryA
SetTimeZoneInformation
lstrcat
ContinueDebugEvent
IsDBCSLeadByte
FreeLibraryAndExitThread
OpenProcess
MoveFileExW
Heap32ListNext
LocalCompact
GetFileAttributesA
GetSystemTimeAdjustment
SetThreadExecutionState
SetFileAttributesA
ResumeThread
SetEnvironmentVariableW
PurgeComm
FileTimeToLocalFileTime
VirtualProtect
MapViewOfFile

shlwapi

PathIsDirectoryA
StrCSpnIW
PathIsPrefixA
UrlHashW
PathUnmakeSystemFolderA
StrDupW
PathSearchAndQualifyW
PathRenameExtensionW
PathCommonPrefixW
wvnsprintfW
PathIsDirectoryW
SHRegQueryUSValueA
SHCopyKeyA
ChrCmpIW
PathIsNetworkPathA
SHCopyKeyW
StrChrA
PathUnquoteSpacesA
SHQueryInfoKeyA
SHRegQueryInfoUSKeyA
StrCmpNIW
StrFormatKBSizeW
ChrCmpIA
PathUndecorateW
StrStrW
SHRegWriteUSValueA
IntlStrEqWorkerW
SHEnumValueA
PathFindNextComponentW
PathFindExtensionA
SHEnumKeyExA
UrlHashA
SHDeleteEmptyKeyA
PathSkipRootA
StrRChrIW
PathIsFileSpecA
UrlApplySchemeW
wnsprintfW
SHRegEnumUSKeyA
SHRegOpenUSKeyA
SHRegEnumUSKeyW
SHRegDeleteUSValueA
PathMatchSpecA
SHRegDuplicateHKey
PathGetDriveNumberW
StrFromTimeIntervalW
PathCombineA
SHGetThreadRef
StrRChrW
PathCommonPrefixA
PathAddBackslashW
PathIsDirectoryEmptyA
PathRemoveFileSpecA
StrCmpNW
PathIsURLW
SHCreateStreamOnFileA
SHRegGetUSValueW
PathIsUNCW
PathStripPathW
PathRemoveBlanksW
PathRemoveArgsW
StrFromTimeIntervalA
UrlEscapeA
PathMakePrettyW
SHRegOpenUSKeyW
UrlCreateFromPathA
StrCSpnW
UrlGetPartA
StrNCatA
PathRenameExtensionA
PathFindNextComponentA
PathRemoveArgsA
UrlUnescapeA

ole32

CoGetInterfaceAndReleaseStream
ReadOleStg
CoTaskMemRealloc
CoGetCallContext
CoRegisterChannelHook
CoUnmarshalInterface
OleCreateStaticFromData
ReadClassStg
GetConvertStg
StringFromGUID2
GetClassFile
GetHGlobalFromStream
IsAccelerator
GetRunningObjectTable
CoSwitchCallContext
CreateILockBytesOnHGlobal
CoReleaseServerProcess
CreateDataAdviseHolder
CoImpersonateClient
CoRegisterMallocSpy
WriteOleStg
CoFileTimeToDosDateTime
OleCreateDefaultHandler
StgOpenStorageOnILockBytes
OleTranslateAccelerator
SetConvertStg
CoLoadLibrary
OleRegEnumVerbs
OleSaveToStream
CreateFileMoniker
OleGetIconOfClass
PropVariantCopy
OleQueryLinkFromData
OleLockRunning
CreateOleAdviseHolder
CoInitializeEx
CoReleaseMarshalData
OleCreateMenuDescriptor
OleRun
CoUninitialize
CoLockObjectExternal
StgOpenStorageEx
CoGetCurrentLogicalThreadId
CoMarshalHresult
CoRegisterPSClsid
CreateGenericComposite
OleUninitialize
CoFreeLibrary
RegisterDragDrop
CoQueryAuthenticationServices
CoGetMalloc

user32

GetClassInfoExA
RegisterClassA
UnloadKeyboardLayout
CharLowerBuffA
SendMessageCallbackW
DdeGetData
DefDlgProcA
GetMessageW
ClientToScreen
WinHelpA
DdeCreateStringHandleW
GetMessagePos
SetCaretPos
GetKeyboardType
GetClassInfoExW
MapVirtualKeyExW
OemToCharBuffW
SetProcessDefaultLayout
CharNextA
DrawStateA
GetDialogBaseUnits
SetScrollInfo
LoadImageA
ShowWindowAsync
MessageBoxW
CreateMDIWindowW
DestroyWindow
GetSystemMenu
IsCharAlphaA
CreateMDIWindowA
LoadAcceleratorsA
GetLastActivePopup
CreateIconFromResourceEx
RegisterClipboardFormatW
MenuItemFromPoint
InvalidateRect
AttachThreadInput
CreateDialogParamW
ChildWindowFromPoint
DialogBoxParamA
GetClassWord
MapVirtualKeyA
DefDlgProcW
GetKeyboardLayoutList
GetMenuCheckMarkDimensions
DdeDisconnectList
LoadStringW
ChangeClipboardChain
GetMenuItemRect
DestroyCursor
CreateWindowStationW
DdeInitializeW
EditWndProc
GetWindowModuleFileNameW
BringWindowToTop
MessageBeep
GetInputDesktop
DdeReconnect
SetClipboardViewer
DdeNameService
DialogBoxIndirectParamA
CallNextHookEx
SetClassLongA
SetThreadDesktop
SetDoubleClickTime
MonitorFromRect
ShowScrollBar
FillRect
SetRect

Sections

.text
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7dc2bc2769d32734b683f1801494b97e

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

shlwapi

ole32

user32

Sections

.text Size: 58KB - Virtual size: 57KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 16KB

.text
Size: 58KB - Virtual size: 57KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 16KB