e08d833d1513506cddc41bac431b030b6edc791b819b59efae5679364cc74b66

Sharing

Copy URL

Twitter E-mail

General

Target

e08d833d1513506cddc41bac431b030b6edc791b819b59efae5679364cc74b66
Size

1020KB
MD5

6d034c3bd203c3ed7fb52742f19901c0
SHA1

da77d66def3c590561a8dfc6f06a36ffb47b091e
SHA256

e08d833d1513506cddc41bac431b030b6edc791b819b59efae5679364cc74b66
SHA512

b656c6d55e130457b04ff7226a6cfbe98c189c641fa4ede41acf3744ababd76fa7161291c254f2c4ebba690587b4cb3fd759b8d47f14848c88d9fcee97c76d6d
SSDEEP

3072:yS+ScfCN+z3csdlWoNs0ZPhFwg84BylKG6oQ/K3/EV7vSuI:ylSI9z3PXWoNs0ZpFwg9c8G6ZVQ

Score

N/A

Malware Config

Signatures

Files

e08d833d1513506cddc41bac431b030b6edc791b819b59efae5679364cc74b66
.exe windows x86

66d92be9b09cc527ff7afb945717593b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AccessCheck
RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
AdjustTokenPrivileges
CloseServiceHandle
ConvertSDToStringSDRootDomainA
DecryptFileA
DuplicateTokenEx
GetAuditedPermissionsFromAclW
LookupPrivilegeValueW
LsaLookupPrivilegeDisplayName
OpenProcessToken
OpenThreadToken
ReadEncryptedFileRaw
SetThreadToken
AddAce
CryptDeriveKey
GetAce
GetOverlappedAccessResults
RegEnumValueA
RegQueryInfoKeyA
RegQueryValueA

kernel32

VirtualAlloc
DeleteFiber
DisableThreadLibraryCalls
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetModuleHandleA
GetProcAddress
GetSystemTime
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
SystemTimeToFileTime
TerminateProcess
CloseHandle
CreateEventW
CreateFileW
DeviceIoControl
GetCurrentThread
GetOverlappedResult
GetProcessHeap
QueryInformationJobObject
RaiseException
Sleep
TerminateJobObject
ConnectNamedPipe
CreateEventA
CreateMutexA
CreateNamedPipeA
CreateProcessA
CreateThread
DisconnectNamedPipe
FlushFileBuffers
GlobalAlloc
GlobalFree
ReadFileEx
ReleaseMutex
ResetEvent
SetEvent
WaitForMultipleObjectsEx
WaitForSingleObject
WaitForSingleObjectEx
WriteFile
GetModuleHandleW
ExitProcess
DecodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
EncodePointer
GetLastError
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
LoadLibraryW
GetLocaleInfoW
UnhandledExceptionFilter
IsDebuggerPresent
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetStdHandle
GetModuleFileNameW
IsProcessorFeaturePresent
GetStringTypeW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapCreate
HeapDestroy
HeapFree
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
RtlUnwind
MultiByteToWideChar
HeapAlloc
HeapReAlloc
LCMapStringW
GetConsoleCP
GetConsoleMode
WriteConsoleW
SetFilePointer
SetStdHandle
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale

ole32

StringFromGUID2
OleCreateEmbeddingHelper
IIDFromString
CoGetClassVersion
CoSetCancelObject

rpcrt4

RpcNetworkIsProtseqValidW
NdrFixedArrayBufferSize
NDRSContextUnmarshallEx
I_RpcLogEvent

user32

DefFrameProcA
GetMonitorInfoW
CallMsgFilter
InvalidateRect
CharLowerW
CheckDlgButton

Sections

.text
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 157KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 745KB - Virtual size: 759KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

66d92be9b09cc527ff7afb945717593b

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

ole32

rpcrt4

user32

Sections

.text Size: 113KB - Virtual size: 113KB

.rdata Size: 157KB - Virtual size: 156KB

.data Size: 745KB - Virtual size: 759KB

.text
Size: 113KB - Virtual size: 113KB

.rdata
Size: 157KB - Virtual size: 156KB

.data
Size: 745KB - Virtual size: 759KB