d35685db4510e8c3370233712b3c0014fa5803475b8f9722594ecb2060c3a357

Sharing

Copy URL Twitter E-mail

General

Target

d35685db4510e8c3370233712b3c0014fa5803475b8f9722594ecb2060c3a357
Size

45KB
MD5

a6c8d6bfb3c1dd497c94ad0bf98922b5
SHA1

afed3e09f8dd05e5cd51853677463fef75e66286
SHA256

d35685db4510e8c3370233712b3c0014fa5803475b8f9722594ecb2060c3a357
SHA512

b7d4e3fc332a3d7118d453574a5d08d10a390f4b7d206059f8d9b6f5cc76ae2b9e9e380a02c53212c8fd868b5417a5b143dc3f42494e88de98b0eda9694ae968
SSDEEP

768:QtXpKPzfLtewq9VFY9Cl43dvY55xnED4VbSWg:spKbJ7iWClqdvY55BED4VeWg

Score

N/A

Malware Config

Signatures

Files

d35685db4510e8c3370233712b3c0014fa5803475b8f9722594ecb2060c3a357
.exe windows x86

0cac55cdaff6042fdb482186f0a97dae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

apphelp

SdbDeletePermLayerKeys
SdbEnumMsiTransforms
SdbFindFirstMsiPackage
SdbFindFirstMsiPackage_Str
SdbFindFirstNamedTag
SdbFindFirstTag
SdbFindFirstTagRef
SdbFindNextMsiPackage
SdbFindNextTag

mstask

NetrJobEnum
NetrJobGetInfo
SAGetAccountInformation
SAGetNSAccountInformation
SASetAccountInformation
SASetNSAccountInformation
SetNetScheduleAccountInformation

certcli

CAAccessCheck
CAAccessCheckEx

regapi

RegWdQueryA
RegWdQueryA
RegWdQueryA
RegWdQueryA
RegWdQueryA
RegWdQueryA
RegWdQueryA
RegWdQueryW
RegCdCreateW
RegCdDeleteA
RegCdDeleteW
RegCdEnumerateA
RegCdEnumerateW
RegCdQueryA
RegCdQueryW
RegCloseServer
RegUserConfigRename
RegOpenServerA
RegPdEnumerateA

msvcrt

fopen
fread

kernel32

GetWindowsDirectoryA
OutputDebugStringW
IsDebuggerPresent
MulDiv
GetTickCount
GetACP
LoadLibraryA
GetExitCodeProcess
GetCommandLineA

htui

HTUI_DeviceColorAdjustment
HTUI_DeviceColorAdjustmentA
HTUI_DeviceColorAdjustmentW
HTUI_DeviceColorAdjustment
HTUI_DeviceColorAdjustmentA
HTUI_DeviceColorAdjustmentW

iashlpr

AllocateAttributes

sti

StiCreateInstance

polstore

IPSecClosePolicyStore
IPSecCopyFilterData
IPSecCopyFilterSpec
IPSecCopyISAKMPData
IPSecCopyNFAData
IPSecCopyNegPolData
IPSecCopyPolicyData
IPSecCreateFilterData
IPSecCreateISAKMPData
IPSecCreateNFAData
IPSecCreateNegPolData
IPSecCreatePolicyData
IPSecDeleteFilterData
IPSecDeleteISAKMPData
IPSecDeleteNFAData
IPSecDeleteNegPolData
IPSecDeletePolicyData
IPSecEnumFilterData
IPSecEnumISAKMPData

dbghelp

ImageRvaToSection
ImageRvaToVa

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc4
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0cac55cdaff6042fdb482186f0a97dae

Headers

File Characteristics

Imports

apphelp

mstask

certcli

regapi

msvcrt

kernel32

htui

iashlpr

sti

polstore

dbghelp

Sections

.text Size: 4KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 77KB

.rsrc4 Size: 27KB - Virtual size: 27KB

.text
Size: 4KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 77KB

.rsrc4
Size: 27KB - Virtual size: 27KB