626f781d61bb2b3eb6ac903f0a65632c4bb13f5ca9bbf318b70370f3b9b974e6

Sharing

Copy URL

Twitter E-mail

General

Target

626f781d61bb2b3eb6ac903f0a65632c4bb13f5ca9bbf318b70370f3b9b974e6
Size

802KB
MD5

663316ff108ac693360c68a5b0cadab0
SHA1

1bd8aab939007d5c93b161a67b1cd8d827c155bf
SHA256

626f781d61bb2b3eb6ac903f0a65632c4bb13f5ca9bbf318b70370f3b9b974e6
SHA512

dc7cf614460e950cfead7f254894fec2c2deaf7b9d3d9e9dc2bf918bb937a88571df8d6ffcfd2da677f2d693fb367c055d2fcf7b946cd934cc18bb16ae11109b
SSDEEP

3072:4l7GSJ4aMn5KqbjDHuribcLDT42tOXhIQ7wL7sVTS6FlBpWm:EiSJdMnIq7OrikAxFwSTJxUm

Score

N/A

Malware Config

Signatures

Files

626f781d61bb2b3eb6ac903f0a65632c4bb13f5ca9bbf318b70370f3b9b974e6
.exe windows x86

1362cce5b0a9b2b6bbff4eccbe0b81ac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

LsaRemovePrivilegesFromAccount
RegCloseKey
RegQueryValueA
SetFileSecurityA
ObjectCloseAuditAlarmA
BuildTrusteeWithObjectsAndSidW
CryptEncrypt
ImpersonateLoggedOnUser
RegQueryValueExW
RegSetValueExW
SystemFunction034
LsaDeleteTrustedDomain
LsaRemoveAccountRights
LsaSetInformationTrustedDomain
SetNamedSecurityInfoA
RegCreateKeyExW
RegDeleteKeyW
RegOpenKeyExW
CancelOverlappedAccess

kernel32

CreatePipe
ExpandEnvironmentStringsW
GetCompressedFileSizeW
GetCurrentProcess
GetFileAttributesW
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetVersion
LocalAlloc
LocalFree
OutputDebugStringA
SetEnvironmentVariableA
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
lstrcpyW
lstrcpynW
GetCurrentThreadId
GetDevicePowerState
GlobalHandle
GlobalSize
InterlockedDecrement
InterlockedIncrement
LoadLibraryA
MultiByteToWideChar
OpenWaitableTimerA
VirtualAlloc
VirtualFree
lstrlenW
CloseHandle
CreateFileW
CreateProcessW
CreateThread
DeviceIoControl
FindClose
FindFirstFileW
FindResourceW
FreeLibrary
GetSystemDirectoryW
LoadLibraryW
LoadResource
LockResource
OutputDebugStringW
DosDateTimeToFileTime
GetModuleFileNameW
GetModuleHandleW
GetShortPathNameW
GetTempFileNameW
GetTempPathW
GetTickCount
GetVolumeNameForVolumeMountPointA
GlobalAlloc
GlobalFree
InterlockedCompareExchange
InterlockedExchange
LocalFileTimeToFileTime
Sleep
WaitForDebugEvent
WriteFile
_lclose
_lread
lstrcmpiW
DisableThreadLibraryCalls
GetEnvironmentStrings
GetWindowsDirectoryW
lstrcmpW
CreateDirectoryA
DeleteFileA
FindFirstFileA
FindNextFileA
GetCurrentProcessId
GetSystemTimeAsFileTime
QueryPerformanceCounter
RemoveDirectoryA
WideCharToMultiByte
GetLocaleInfoW
GetLocaleInfoA
GetLastError
GetDriveTypeA
GetCurrentDirectoryA
GetFullPathNameA
DeleteFileW
HeapFree
HeapAlloc
HeapReAlloc
ExitProcess
GetStartupInfoA
GetCommandLineA
GetVersionExA
SetFileAttributesW
VirtualProtect
GetSystemInfo
VirtualQuery
TlsAlloc
SetLastError
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
FileTimeToSystemTime
FileTimeToLocalFileTime
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
GetACP
GetOEMCP
GetCPInfo
LCMapStringA
LCMapStringW
GetFileType
CreateFileA
HeapDestroy
HeapCreate
IsBadWritePtr
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
RtlUnwind
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
IsBadReadPtr
IsBadCodePtr
RaiseException
InitializeCriticalSection
SetFilePointer
ReadFile
SetEndOfFile
SetStdHandle
HeapSize
GetTimeZoneInformation
FlushFileBuffers
SetConsoleCtrlHandler
CompareStringA
CompareStringW

ole32

StgOpenAsyncDocfileOnIFillLockBytes
OleSetClipboard
CoUninitialize
CoInitializeEx
CoCreateInstance
WriteClassStm
CoUnloadingWOW
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
CoInitializeWOW
StringFromGUID2
OleInitialize
CoCreateGuid

oleaut32

DispInvoke
VarUI4FromDec
VarUI4FromI1
QueryPathOfRegTypeLi

shell32

ExtractIconW
SHGetFileInfoW
SHGetPathFromIDListW
ShellExecuteExW
SHBindToParent
SHBrowseForFolderW
SHGetSpecialFolderLocation

user32

InsertMenuW
GetSubMenu
IsCharLowerA
LoadMenuW
LockWindowUpdate
RegisterClipboardFormatW
RemoveMenu
SetMenuDefaultItem
ChangeDisplaySettingsW
DialogBoxParamW
EnumDisplayDevicesW
WinHelpW
ActivateKeyboardLayout
InsertMenuItemW
SetClipboardData
CheckMenuRadioItem
CreateIconIndirect
DefWindowProcW
EnableWindow
EndDialog
GetActiveWindow
GetClientRect
GetDlgItem
GetForegroundWindow
IsDlgButtonChecked
IsWindowEnabled
LoadStringW
MessageBoxExA
OemToCharA
SendDlgItemMessageW
SendMessageW
SetDlgItemTextW
SetFocus
SetWindowLongW
UpdateWindow
GetKeyboardState
GetQueueStatus
InvalidateRect
MsgWaitForMultipleObjects
SendNotifyMessageW
CheckDlgButton
DialogBoxIndirectParamW
GetParent
GetWindowLongW
IsCharAlphaNumericA
LoadCursorW
MessageBoxW
SetCursor
SetWindowTextW
CreatePopupMenu
DdeKeepStringHandle
DdeUninitialize
DeleteMenu
DestroyMenu
DrawIcon
EnableMenuItem
FillRect
GetComboBoxInfo
GetMenuItemCount
GetMenuItemInfoW

Sections

.text
Size: 132KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 572KB - Virtual size: 570KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1362cce5b0a9b2b6bbff4eccbe0b81ac

Headers

File Characteristics

Imports

advapi32

kernel32

ole32

oleaut32

shell32

user32

Sections

.text Size: 132KB - Virtual size: 128KB

.rdata Size: 572KB - Virtual size: 570KB

.data Size: 92KB - Virtual size: 101KB

.text
Size: 132KB - Virtual size: 128KB

.rdata
Size: 572KB - Virtual size: 570KB

.data
Size: 92KB - Virtual size: 101KB