8ffe2a6e957d60541c8479a766e155cf58aebde04cdfe267ea41be7e2d8c2b10

Sharing

Copy URL Twitter E-mail

General

Target

8ffe2a6e957d60541c8479a766e155cf58aebde04cdfe267ea41be7e2d8c2b10
Size

972KB
MD5

6424ab018fb28f8def69e0309ee93920
SHA1

487aafdfa27a253478fe113f99d00ed57e0eda3d
SHA256

8ffe2a6e957d60541c8479a766e155cf58aebde04cdfe267ea41be7e2d8c2b10
SHA512

dc3c935039fd4dbbefc539b94431ff3e77039b68712f6750ed752b43eb77491ef9d2484884c89172cf88072c4ee88fd43ced3591e795650c3cd606dc2e0c4ceb
SSDEEP

12288:uJnVbpu7Ur2cWLI1u6uggCM+8HxkelyFAa+mjqhnyj0cw:4xpuK2cWLIEqgJxkeNmMyjf

Score

N/A

Malware Config

Signatures

Files

8ffe2a6e957d60541c8479a766e155cf58aebde04cdfe267ea41be7e2d8c2b10
.exe windows x64

80a61734f28acdf70918148e5a0b81ca

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

advapi32

RegEnumKeyW
RegOpenKeyW
RegDeleteValueW
RegEnumValueW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegRenameKey
OpenProcessToken
GetSecurityDescriptorControl
RegQueryValueExW
LookupPrivilegeValueW
GetSecurityInfo
RegSetKeySecurity
AdjustTokenPrivileges
RegConnectRegistryW
RegRestoreKeyW
RegSetValueExA
RegSetValueW
RegSaveKeyW
RegCreateKeyW
RegLoadKeyW
RegUnLoadKeyW
GetSidSubAuthority
SetSecurityDescriptorGroup
MapGenericMask
GetSidSubAuthorityCount
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetNamedSecurityInfoW
LookupAccountSidW
GetNamedSecurityInfoW
InitializeAcl
SetSecurityDescriptorOwner
GetSecurityDescriptorOwner
SetSecurityInfo
GetSecurityDescriptorSacl
IsValidSecurityDescriptor
GetInheritanceSourceW
SetSecurityDescriptorSacl
GetSecurityDescriptorGroup
GetSecurityDescriptorDacl
RegFlushKey
RegCloseKey

kernel32

DelayLoadFailureHook
LoadLibraryExA
GetProcAddress
FileTimeToLocalFileTime
FileTimeToSystemTime
MulDiv
GetTimeFormatW
LoadLibraryW
FreeLibrary
GetDateFormatW
DeleteFileW
GetLastError
MultiByteToWideChar
lstrcmpW
CreateFileW
ReadFile
GlobalAlloc
LocalReAlloc
GlobalUnlock
GetComputerNameW
lstrlenW
LocalAlloc
lstrcmpiW
GetWindowsDirectoryW
LocalFree
GetProcessHeap
FormatMessageW
ExitProcess
GetCommandLineW
GetModuleHandleW
RegisterApplicationRestart
GetLongPathNameW
GetThreadLocale
HeapSetInformation
GetCurrentProcess
CloseHandle
GetFileSize
SearchPathW
SetFilePointer
OutputDebugStringW
WriteFile
Sleep
GetStartupInfoW
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
WideCharToMultiByte
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
ExpandEnvironmentStringsA
RegQueryValueExA
RegOpenKeyExA
LoadLibraryA
GlobalLock

gdi32

SetBkColor
GetStockObject
GetTextExtentPoint32W
EndPage
SetViewportOrgEx
StartPage
DeleteDC
SetAbortProc
StartDocW
EndDoc
AbortDoc
CreateBitmap
CreatePatternBrush
PatBlt
ExcludeClipRect
SelectClipRgn
GetTextMetricsW
ExtTextOutW
SelectObject
DeleteObject
GetDeviceCaps
CreateFontIndirectW
SetTextColor

user32

CheckMenuItem
GetProcessDefaultLayout
SetMenuItemInfoW
EndDeferWindowPos
DestroyIcon
SetWindowTextW
EnableWindow
UpdateWindow
BeginDeferWindowPos
DeferWindowPos
SetCapture
SetMenuDefaultItem
CreateWindowExW
DrawMenuBar
ShowWindow
LoadStringW
GetSysColor
GetDesktopWindow
SetWindowLongW
GetWindowLongW
SetCursorPos
GetWindowPlacement
LoadIconW
RegisterClassExW
GetMenu
ShowCursor
InsertMenuItemW
GetMenuItemInfoW
DialogBoxParamW
DeleteMenu
PostMessageW
LoadImageW
GetMenuItemID
IsIconic
PostQuitMessage
GetMessageW
ScreenToClient
SetCursor
SetWindowPlacement
ClientToScreen
CreateDialogParamW
CheckDlgButton
DestroyWindow
DispatchMessageW
IntersectRect
ModifyMenuW
GetClientRect
DrawAnimatedRects
BringWindowToTop
LoadAcceleratorsW
TranslateMessage
FindWindowW
SetForegroundWindow
GetLastActivePopup
CharNextW
TranslateAcceleratorW
GetWindow
PeekMessageW
IsDialogMessageW
CharUpperBuffW
CharUpperW
IsCharAlphaNumericW
KillTimer
GetKeyState
GetSubMenu
IsClipboardFormatAvailable
LoadCursorW
MessageBeep
GetWindowLongPtrW
SetFocus
ShowCaret
CharLowerW
GetDC
TrackPopupMenuEx
InvalidateRect
LoadMenuW
GetClipboardData
ReleaseDC
EnableMenuItem
EmptyClipboard
GetDlgItem
EndDialog
DestroyCaret
SendDlgItemMessageW
GetWindowTextLengthW
GetDlgItemInt
CallWindowProcW
GetParent
GetWindowTextW
IsDlgButtonChecked
CheckRadioButton
SetWindowPos
CreateCaret
GetDlgItemTextW
SendMessageW
EndPaint
CloseClipboard
SetTimer
HideCaret
GetMessagePos
GetWindowRect
OpenClipboard
ReleaseCapture
ScrollWindowEx
RegisterClassW
GetSystemMetrics
SetCaretPos
SetWindowLongPtrW
RegisterClipboardFormatW
SetDlgItemTextW
MapWindowPoints
SetClipboardData
DestroyMenu
SetScrollInfo
DefWindowProcW
MoveWindow
InsertMenuW
BeginPaint

msvcrt

?terminate@@YAXXZ
__set_app_type
_fmode
_commode
__setusermatherr
_amsg_exit
_initterm
_acmdln
exit
_cexit
_ismbblead
_exit
memset
_vsnwprintf
atoi
wcschr
wcsrchr
iswctype
wcsncmp
_wcsnicmp
_resetstkoflw
iswprint
_purecall
__getmainargs
__C_specific_handler
_XcptFilter
memmove
memcpy

shlwapi

StrChrIW
StrChrW
StrRChrW
ord388
StrToIntW
StrStrIW
ord219

comctl32

ord334
ImageList_Create
ImageList_ReplaceIcon
ord337
ImageList_SetBkColor
CreateStatusWindowW
ImageList_Destroy
ord2
ord338
ord236
ord329
ord340
InitCommonControlsEx
ord4

comdlg32

PrintDlgExW
GetSaveFileNameW
GetOpenFileNameW

shell32

SHGetStockIconInfo
DragFinish
DragQueryFileW
ShellAboutW

authz

AuthzFreeResourceManager
AuthzAccessCheck
AuthzInitializeResourceManager
AuthzInitializeContextFromSid
AuthzFreeContext

aclui

ord2

ole32

CoInitializeEx
ReleaseStgMedium
CoUninitialize
CoCreateInstance

ulib

?SPrintfAppend@DSTRING@@UEAAEPEBGZZ
??1OBJECT@@UEAA@XZ
?Compare@OBJECT@@UEBAJPEBV1@@Z
??0OBJECT@@IEAA@XZ
?Initialize@WSTRING@@QEAAEPEBGK@Z
?Initialize@WSTRING@@QEAAEPEBV1@KK@Z
?Strcat@WSTRING@@QEAAEPEBV1@@Z
??0DSTRING@@QEAA@XZ
??1DSTRING@@UEAA@XZ
?SPrintf@DSTRING@@UEAAEPEBGZZ
??0ARRAY@@QEAA@XZ
?Initialize@ARRAY@@QEAAEKK@Z
?Resize@DSTRING@@UEAAEK@Z
?NewBuf@DSTRING@@UEAAEK@Z

clb

ClbSetColumnWidths
ClbAddData

ntdll

RtlVirtualUnwind
RtlIoDecodeMemIoResource
RtlCmDecodeMemIoResource
RtlAllocateHeap
RtlFreeHeap
RtlCaptureContext
RtlCreateUnicodeString
RtlInitUnicodeString
RtlFreeUnicodeString
RtlLookupFunctionEntry

uxtheme

SetWindowTheme

Sections

.text
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 259KB - Virtual size: 262KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 556KB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

80a61734f28acdf70918148e5a0b81ca

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

gdi32

user32

msvcrt

shlwapi

comctl32

comdlg32

shell32

authz

aclui

ole32

ulib

clb

ntdll

uxtheme

Sections

.text Size: 116KB - Virtual size: 116KB

.rdata Size: 22KB - Virtual size: 21KB

.data Size: 259KB - Virtual size: 262KB

.pdata Size: 4KB - Virtual size: 3KB

.rsrc Size: 13KB - Virtual size: 13KB

.reloc Size: 556KB - Virtual size: 2.4MB

.text
Size: 116KB - Virtual size: 116KB

.rdata
Size: 22KB - Virtual size: 21KB

.data
Size: 259KB - Virtual size: 262KB

.pdata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 13KB - Virtual size: 13KB

.reloc
Size: 556KB - Virtual size: 2.4MB