d48bd2e651df6e7c9fab0524365e9e74966979c0da97801b2f1b48133469f55b

Sharing

Copy URL Twitter E-mail

General

Target

d48bd2e651df6e7c9fab0524365e9e74966979c0da97801b2f1b48133469f55b
Size

286KB
MD5

6471303e0266e68f75a35332a2b07440
SHA1

74b9a32b0362380b323eb337f70bfb366916bed7
SHA256

d48bd2e651df6e7c9fab0524365e9e74966979c0da97801b2f1b48133469f55b
SHA512

911a99072f7cf4117c5ec2e7b066ab0f95dd8491c1d8bc662c9ad0249786eb2ddbdacebce344b56f5ef32ffb0ebea43b88e152ad0b55dd4c6c951b972ea19c07
SSDEEP

6144:zp7+L3yGB9GXDC/g//9QpgFQhtrTAwjDuQdOeEqUE+GKcEZVRIHK5qRg7:t7+L+DC/g//KpIQht7vuQdfExdwHK5qY

Score

N/A

Malware Config

Signatures

Files

d48bd2e651df6e7c9fab0524365e9e74966979c0da97801b2f1b48133469f55b
.exe windows x86

3a5f3dc1a30046800e05fab4949fc458

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetPathFromIDListA
DoEnvironmentSubstW
ord179

kernel32

GetDevicePowerState
GetAtomNameA
GlobalUnlock
EnumResourceNamesA
DebugBreak
GetModuleHandleW
GetStringTypeExA
FormatMessageA
GetThreadPriority
ClearCommBreak
GetModuleHandleA
DisableThreadLibraryCalls
GetProcessAffinityMask
GlobalAlloc
BackupSeek
GetMailslotInfo
GetLargestConsoleWindowSize
GetModuleFileNameW
GetConsoleScreenBufferInfo
GetProfileStringA
BuildCommDCBAndTimeoutsA
GlobalAddAtomW
GetPrivateProfileStringA
GlobalFindAtomW
GetHandleInformation
GetSystemDefaultLangID
GetStartupInfoA
GetNumberFormatA
CreateDirectoryExA
GetThreadPriorityBoost
GetVersionExA
GetSystemPowerStatus
GetThreadSelectorEntry
CreateSemaphoreW
GetCommConfig
CreateDirectoryExW
GetNamedPipeHandleStateA
FatalExit
GetPrivateProfileSectionA
GetAtomNameW
DeleteFileA

advapi32

CreateProcessAsUserW
QueryServiceConfigW
SetAclInformation
RegSetValueA
GetEffectiveRightsFromAclW
AdjustTokenPrivileges
LookupSecurityDescriptorPartsW
GetMultipleTrusteeW
SetThreadToken
AreAnyAccessesGranted
BackupEventLogW
SetNamedSecurityInfoW
GetSidIdentifierAuthority
AllocateAndInitializeSid
CreateServiceA
RegQueryValueExW
NotifyChangeEventLog
EncryptFileW
GetSidSubAuthority
RegOpenKeyW
LsaEnumerateTrustedDomains
GetNamedSecurityInfoA
PrivilegeCheck
GetTrusteeNameA
LookupSecurityDescriptorPartsA
BuildTrusteeWithNameA
IsValidSecurityDescriptor
DecryptFileW
SetSecurityDescriptorOwner
PrivilegedServiceAuditAlarmA
CreatePrivateObjectSecurity
AreAllAccessesGranted
BackupEventLogA
RegRestoreKeyW
GetKernelObjectSecurity
RegDeleteValueA
RegisterEventSourceW
SetTokenInformation
MakeAbsoluteSD
RegEnumKeyA
BuildImpersonateExplicitAccessWithNameW
RegQueryValueA
ImpersonateSelf
LsaFreeMemory
GetSidLengthRequired
RegDeleteKeyW
RegDeleteValueW
RegFlushKey
GetUserNameW
AddAuditAccessAce
EqualSid
OpenBackupEventLogA

msvcrt

_controlfp
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3

user32

UpdateWindow
GetPropW
OemToCharA
ShowWindow

urlmon

HlinkGoForward
CoInternetCreateZoneManager
FindMediaTypeClass

resutils

ResUtilGetBinaryValue
ResUtilSetSzValue
ResUtilSetExpandSzValue
ResUtilGetResourceNameDependency
ResUtilGetDwordValue
ResUtilSetPrivatePropertyList
ResUtilStopResourceService

imm32

ImmAssociateContext
ImmGetIMEFileNameA
ImmSetCompositionFontW
ImmConfigureIMEW
ImmIsUIMessageA
ImmGetIMEFileNameW
ImmRegisterWordA
ImmSetOpenStatus
ImmGetGuideLineA
ImmGetCandidateWindow
ImmEnumRegisterWordA
ImmGetVirtualKey

gdi32

GetBitmapDimensionEx

oleacc

WindowFromAccessibleObject

ole32

OleCreateLinkToFile

oleaut32

VarBstrFromUI4
RevokeActiveObject
VarR8FromUI4
SafeArrayDestroyDescriptor

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a5f3dc1a30046800e05fab4949fc458

Headers

File Characteristics

Imports

shell32

kernel32

advapi32

msvcrt

user32

urlmon

resutils

imm32

gdi32

oleacc

ole32

oleaut32

Sections

.text Size: 36KB - Virtual size: 35KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 4KB - Virtual size: 1.1MB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 36KB - Virtual size: 35KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 4KB - Virtual size: 1.1MB

.rsrc
Size: 4KB - Virtual size: 1KB