80d3065b23382b58d028ccc93acd0ef69e2b4d74c8b688339ad42846d0f48e94

Sharing

Copy URL Twitter E-mail

General

Target

80d3065b23382b58d028ccc93acd0ef69e2b4d74c8b688339ad42846d0f48e94
Size

275KB
MD5

498eaf9e2963442c5cbef5804586c8c0
SHA1

88f91f06b90b5e53b2af4d428deb43a6a8c32e2b
SHA256

80d3065b23382b58d028ccc93acd0ef69e2b4d74c8b688339ad42846d0f48e94
SHA512

ff180cb5f3652a755038c9213a367eb587dd41f76704834c4833e3d364f764e9baf7840f66bd8dfe6f1446b44aef679ba0e916bde1a50bdcb90013f2b94247b6
SSDEEP

6144:1+PVIfWcRoBGQHubpqHuf9aIVrUKZUmq2zhthSUnYOeuUvqj/9BE4:mBKRXgqq2vYOeSFb

Score

N/A

Malware Config

Signatures

Files

80d3065b23382b58d028ccc93acd0ef69e2b4d74c8b688339ad42846d0f48e94
.exe windows x86

e3873ec5d2a9fa893ab7f70895cbe637

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mpr

WNetCloseEnum
WNetAddConnection2W
WNetOpenEnumW
WNetEnumResourceW
WNetCancelConnection2W

kernel32

lstrcpyA
GetStartupInfoA
GetSystemDirectoryA
FormatMessageA
GetCurrentProcessId
GetCurrentThread
ExpandEnvironmentStringsA
GetLocalTime
LocalFree
CreateNamedPipeW
GetCPInfo
GetSystemDirectoryW
QueryPerformanceCounter
LoadLibraryW
AllocConsole
GetOverlappedResult
LoadLibraryExW
GlobalFree
GetSystemDefaultLCID
CancelIo
lstrlenW
GetModuleHandleA
GenerateConsoleCtrlEvent
GetACP
GetLastError
GetCurrentProcess
FreeConsole
GetConsoleMode
lstrcpyW
MultiByteToWideChar
GetExitCodeProcess
ReadConsoleOutputW
GlobalAlloc
GetLocaleInfoW
DuplicateHandle
WriteConsoleInputA
CreateFileA
WaitForSingleObject
WriteConsoleInputW
SetHandleInformation
FormatMessageW
WriteFile
SetUnhandledExceptionFilter
GetConsoleCP
WideCharToMultiByte
HeapFree
GetConsoleScreenBufferInfo
ReleaseMutex
GetProcAddress
GetTickCount
SetLastError
SetConsoleCtrlHandler
SetConsoleWindowInfo
GetComputerNameW
CloseHandle
SetConsoleScreenBufferSize
IsDBCSLeadByte
HeapAlloc
VirtualFree
GetStdHandle
SetEnvironmentVariableW
GetProcessHeap
OpenProcess
WriteConsoleW
CreateFileW
ExpandEnvironmentStringsW
WaitForMultipleObjects
lstrcatA
LocalAlloc
GetModuleFileNameA
ReadConsoleOutputA
SetErrorMode
FreeLibrary
CreateEventW
GetSystemTimeAsFileTime
GlobalFindAtomA
SetEnvironmentVariableA
ReadFile

security

QuerySecurityPackageInfoW
FreeContextBuffer
AcquireCredentialsHandleW
DeleteSecurityContext
RevertSecurityContext
FreeCredentialsHandle
ImpersonateSecurityContext
AcceptSecurityContext

msvcrt

wcschr
free
towlower
strtoul
wcscmp
wcsncat
wcscpy
??2@YAPAXI@Z
wcscat
sprintf
_initterm
isdigit
strchr
__p__fmode
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
__setusermatherr
malloc
_wcsicmp
_except_handler3
??3@YAXPAX@Z
_c_exit
_exit
__initenv
_cexit
calloc
toupper
_snprintf
__getmainargs
wcslen
strncpy
_controlfp
memchr
_itoa
wcsncpy
strrchr
_snwprintf
memmove
_XcptFilter
_wcsnicmp
wcsrchr
_stricmp
_adjust_fdiv
_strcmpi

advapi32

InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
LogonUserW
RegQueryValueExA
FreeSid
AddAccessAllowedAce
RegSetKeySecurity
LsaOpenPolicy
LsaFreeMemory
RegCloseKey
AdjustTokenPrivileges
ImpersonateLoggedOnUser
SetSecurityDescriptorDacl
EqualSid
MakeSelfRelativeSD
CryptAcquireContextW
LookupAccountSidW
ReportEventW
RegOpenKeyExA
IsValidSid
CreateProcessAsUserW
LsaClose
GetSecurityDescriptorLength
GetSidSubAuthorityCount
LookupPrivilegeValueW
RegSetValueExW
OpenProcessToken
GetTokenInformation
LookupAccountNameW
DeregisterEventSource
GetSidIdentifierAuthority
AllocateAndInitializeSid
RegQueryValueExW
CryptReleaseContext
GetSidSubAuthority
CryptGenRandom
RegLoadKeyA
GetAce
RegisterEventSourceW
RegOpenKeyExW
RegCreateKeyExW
DuplicateTokenEx
RegOpenKeyW
OpenThreadToken
LsaQueryInformationPolicy
RegCreateKeyA
RevertToSelf

shell32

SHGetFolderPathW

netapi32

NetApiBufferFree
NetGetAnyDCName
NetUserGetInfo

ws2_32

WSASocketW

Sections

.text
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e3873ec5d2a9fa893ab7f70895cbe637

Headers

File Characteristics

Imports

mpr

kernel32

security

msvcrt

advapi32

shell32

netapi32

ws2_32

Sections

.text Size: 126KB - Virtual size: 126KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 58KB - Virtual size: 57KB

.rsrc Size: 78KB - Virtual size: 78KB

.text
Size: 126KB - Virtual size: 126KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 58KB - Virtual size: 57KB

.rsrc
Size: 78KB - Virtual size: 78KB