cde1f766ae4e5f37632101ff063220723505cf07da8a1023761c56b5e49ce776

Sharing

Copy URL Twitter E-mail

General

Target

cde1f766ae4e5f37632101ff063220723505cf07da8a1023761c56b5e49ce776
Size

246KB
MD5

42c55671365e0f15274eb1c23cc8ca90
SHA1

ff23e0442401d7c57c35e89515eed5a6daa9458c
SHA256

cde1f766ae4e5f37632101ff063220723505cf07da8a1023761c56b5e49ce776
SHA512

630d37077eb2cd39fc537481e6442c8a77b16b7ed35019d732ab5e5f81db4093fadf78bf186118911d67470a873f36b873c9fb8924f6e596cf848c2c332fb683
SSDEEP

6144:ZcYUxQoRAbkC/PrjmPHfYHe9OZgL1ZzZY:Z3romAC/jjm/fY+9OCBZO

Score

N/A

Malware Config

Signatures

Files

cde1f766ae4e5f37632101ff063220723505cf07da8a1023761c56b5e49ce776
.exe windows x86

77453bafc28b726dc97ff645f4666623

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

TraceMessage
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
RegisterTraceGuidsW
UnregisterTraceGuids
AddAce
InitializeAcl
GetSecurityDescriptorControl
MakeAbsoluteSD
GetSecurityDescriptorSacl
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
GetSecurityDescriptorOwner
InitializeSecurityDescriptor
CheckTokenMembership
CreateWellKnownSid
IsValidSid
GetAclInformation
SetSecurityDescriptorDacl
GetLengthSid
SetSecurityDescriptorOwner
CopySid
SetSecurityDescriptorGroup
GetSidSubAuthority
InitializeSid
GetSidLengthRequired
IsValidSecurityDescriptor
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
ControlTraceW
EnableTrace
StartTraceW
ConvertStringSecurityDescriptorToSecurityDescriptorW
CloseTrace
SetNamedSecurityInfoW
RevertToSelf
ImpersonateLoggedOnUser
LogonUserW
EventUnregister
EventWrite
EventEnabled
EventRegister

kernel32

GetDateFormatW
SystemTimeToTzSpecificLocalTime
GetTimeFormatW
GetDiskFreeSpaceExW
LoadLibraryW
CreateDirectoryW
GetFileAttributesW
DeleteFileW
MoveFileExW
DeviceIoControl
GetVolumeNameForVolumeMountPointW
GetVolumePathNameW
GetComputerNameExW
ExpandEnvironmentStringsW
CompareStringW
WriteFile
WriteConsoleW
WideCharToMultiByte
GetConsoleOutputCP
SetThreadUILanguage
GetStdHandle
GetFileType
LoadLibraryExW
FreeLibrary
CreateFileW
PeekConsoleInputW
GetConsoleMode
SetConsoleMode
FlushConsoleInputBuffer
ReadConsoleW
ReadFile
GetConsoleCP
MultiByteToWideChar
GetDriveTypeW
CloseHandle
Sleep
GetTimeZoneInformation
FileTimeToLocalFileTime
GetModuleHandleW
CompareFileTime
LocalFree
GetVersionExW
GetLastError
FormatMessageW
HeapSetInformation
GetSystemTimeAsFileTime
RaiseException
FileTimeToSystemTime
GetSystemTime
SystemTimeToFileTime
GetLocalTime
lstrlenW
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
InterlockedExchange
GetEnvironmentVariableW
InterlockedCompareExchange
SetUnhandledExceptionFilter
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId

msvcrt

wcsncmp
memcpy
_vsnprintf
_wcsupr
??3@YAXPAX@Z
_wcsicmp
memset
wcschr
_wtoi
wcscspn
exit
_controlfp
_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_amsg_exit
_initterm
_XcptFilter
_exit
_cexit
__wgetmainargs
_wsetlocale
_purecall
malloc
_ftol2
wcsstr
calloc
free
__CxxFrameHandler3
??2@YAPAXI@Z
memmove_s
memcpy_s
_ftol2_sse
wcsrchr
_wcsnicmp
_wtol
_vsnwprintf
wprintf

ole32

CoInitializeEx
CoInitializeSecurity
CoTaskMemFree
CoUninitialize
CoCreateInstance
CoTaskMemRealloc
CLSIDFromString
CoTaskMemAlloc

user32

LoadStringW

oleaut32

SysAllocStringByteLen
SysAllocString
SysAllocStringLen
SysStringLen
SysFreeString
SysStringByteLen

rpcrt4

UuidToStringW
RpcStringFreeW
UuidFromStringW

setupapi

SetupDiGetClassDevsW
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
SetupDiDestroyDeviceInfoList

slc

SLGetWindowsInformationDWORD

credui

CredUICmdLinePromptForCredentialsW

ntdll

NtQuerySystemInformation
NtQueryVolumeInformationFile
NtQueryInformationFile
RtlNtStatusToDosError

Sections

.text
Size: 195KB - Virtual size: 195KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 43KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ajvwshg
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

77453bafc28b726dc97ff645f4666623

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

msvcrt

ole32

user32

oleaut32

rpcrt4

setupapi

slc

credui

ntdll

Sections

.text Size: 195KB - Virtual size: 195KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 43KB - Virtual size: 44KB

ajvwshg Size: - Virtual size: 4KB

.text
Size: 195KB - Virtual size: 195KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 43KB - Virtual size: 44KB

ajvwshg
Size: - Virtual size: 4KB