184ff2a4b0adc60127b5f05bf527d0aad1c311133b7dea908bd69338271db492

Sharing

Copy URL Twitter E-mail

General

Target

184ff2a4b0adc60127b5f05bf527d0aad1c311133b7dea908bd69338271db492
Size

432KB
MD5

501ae15aec0079b8c28821e1758ad810
SHA1

af346adc17831b361fe89accd4d0d8e192a1c074
SHA256

184ff2a4b0adc60127b5f05bf527d0aad1c311133b7dea908bd69338271db492
SHA512

4887f9bb172ff62e740a118efd17d2e728ce627732826e0098f568a76653ca53dd0f11b9bea9ee6059f3cabdb22bd3a0e68a8a172a0abac826274dc4b9f0c092
SSDEEP

6144:T7JLD8gaMxhZHCI27Gw+QLCn+QdIyG7BJ8FhxWT8pPlZS/Gg7hlq+mgqzMNU5urW:XxDj/BoKrXdd+MJg7O+m+SE/s

Score

N/A

Malware Config

Signatures

Files

184ff2a4b0adc60127b5f05bf527d0aad1c311133b7dea908bd69338271db492
.exe windows x86

b5d15163b7555c0b76b2caeeee786806

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetMessageWaitingIndicator
GetThreadSelectorEntry
FindFirstVolumeMountPointA
IsProcessorFeaturePresent
SwitchToThread
SetSystemTimeAdjustment
GetPrivateProfileStringA
CreateJobObjectA
FindAtomA
SetCommTimeouts
UnlockFileEx
SetFileApisToOEM
SystemTimeToTzSpecificLocalTime
CreateTimerQueue
SetUnhandledExceptionFilter
EnterCriticalSection
GetThreadPriority
LeaveCriticalSection
GlobalMemoryStatusEx
GetProcessHeaps
VirtualQuery
HeapValidate
GlobalMemoryStatus
WritePrivateProfileStringA
EndUpdateResourceA
SetFileAttributesA
WaitForMultipleObjects
ReplaceFileA
InitializeSListHead
WritePrivateProfileSectionA
VirtualFreeEx
LocalFree
MoveFileExA
LocalAlloc
TerminateJobObject
CompareStringW
CompareStringA
ReadFile
GetProcessHeap
SetEndOfFile
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
HeapSize
LCMapStringW
LCMapStringA
GetTimeZoneInformation
CreateFileA
MultiByteToWideChar
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetCurrentProcessId
GetTickCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
QueryPerformanceCounter
CreateMailslotA
SleepEx
GetNumaHighestNodeNumber
SetCommState
MapUserPhysicalPages
DebugSetProcessKillOnExit
GetWindowsDirectoryA
SetThreadExecutionState
GetCommConfig
SetDefaultCommConfigA
GetProcAddress
IsBadHugeReadPtr
SetHandleInformation
CreateTimerQueueTimer
FreeUserPhysicalPages
HeapLock
GetModuleHandleA
SetEnvironmentVariableA
GetLastError
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
HeapAlloc
RtlUnwind
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
GetModuleHandleW
Sleep
ExitProcess
RaiseException
GetCommandLineA
GetStartupInfoA
CloseHandle
HeapCreate
VirtualFree
DeleteCriticalSection
VirtualAlloc
HeapReAlloc
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetStdHandle
GetModuleFileNameA
SetHandleCount
GetFileType
SetFilePointer
GetFullPathNameA
GetCurrentDirectoryA
FreeLibrary
InterlockedExchange
LoadLibraryA
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsA
CreateDirectoryA

user32

UpdateLayeredWindow
EnumClipboardFormats
EndMenu
SetMenuItemBitmaps
DeferWindowPos
SetUserObjectSecurity
ShowWindow
GetDoubleClickTime
GetWindowRgn
InvalidateRect
GetCaretBlinkTime
IsCharAlphaNumericA
GetScrollInfo
ActivateKeyboardLayout
ToUnicodeEx
TranslateMessage
HideCaret
FrameRect
MapVirtualKeyA
CloseDesktop
GetCursorPos
ShowScrollBar
ChangeDisplaySettingsA
SetLastErrorEx
BeginPaint
BeginDeferWindowPos
GetClassInfoExA
UnregisterClassA
IsWindowVisible
SetDoubleClickTime
LookupIconIdFromDirectoryEx
PostQuitMessage
CharToOemBuffA
OpenIcon
SetClassWord

advapi32

GetAce
LogonUserExA
ConvertToAutoInheritPrivateObjectSecurity
AddAccessAllowedAce
AddAccessDeniedAceEx
InitializeAcl
CreatePrivateObjectSecurityEx
AddAccessDeniedObjectAce
SetSecurityDescriptorGroup
OpenThreadToken
GetEventLogInformation
ReadEncryptedFileRaw
ObjectDeleteAuditAlarmA
AddAccessAllowedObjectAce
AddAce
IsValidSecurityDescriptor
CopySid
SetKernelObjectSecurity

Sections

.text
Size: 286KB - Virtual size: 286KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b5d15163b7555c0b76b2caeeee786806

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 286KB - Virtual size: 286KB

.rdata Size: 32KB - Virtual size: 32KB

.data Size: 100KB - Virtual size: 100KB

.text
Size: 286KB - Virtual size: 286KB

.rdata
Size: 32KB - Virtual size: 32KB

.data
Size: 100KB - Virtual size: 100KB