53f101307b2a796663b7ec5e45c1df91734a67669ed9d689fc034d0e1d79ee5b

Sharing

Copy URL Twitter E-mail

General

Target

53f101307b2a796663b7ec5e45c1df91734a67669ed9d689fc034d0e1d79ee5b
Size

536KB
MD5

6741a2f162657f660282e4f666b05926
SHA1

2440e5a43a9c4024650208388f21c7b76f75f356
SHA256

53f101307b2a796663b7ec5e45c1df91734a67669ed9d689fc034d0e1d79ee5b
SHA512

aa6f52d73abfbf55ccd30161a2b562211f503c194d8ce7f5f146d33c1ca2d294f6f02aa0495704f2ab2b3bb0cbbc6bfcd8e151209ecd51ba9363dd2d9badefe9
SSDEEP

12288:XR63TcbJq99kB+TFVwbqte1wKwhKn/BdpIkvMAJi+IzYAZpi6qIcOy7toHCnxTLb:YT1CxTbJathWZWADJsI

Score

N/A

Malware Config

Signatures

Files

53f101307b2a796663b7ec5e45c1df91734a67669ed9d689fc034d0e1d79ee5b
.exe windows x86

f86463c0039e4f88a39189317d94a58b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteFileA
GetWindowsDirectoryA
GetCurrentThreadId
WriteFile
SetFilePointer
GetFileSize
CreateFileA
GetCurrentProcessId
GetLocalTime
WaitForSingleObject
SetThreadPriority
SetLastError
GetModuleFileNameA
SetEvent
ResetEvent
CreateEventA
OpenEventA
GetVersionExA
GetExitCodeProcess
CreateProcessA
ReleaseMutex
CreateMutexA
lstrcpynA
lstrcatA
lstrcpyA
GetLocaleInfoA
RaiseException
RtlUnwind
MultiByteToWideChar
GetStartupInfoA
ExitThread
TlsSetValue
TlsGetValue
CreateThread
HeapFree
HeapAlloc
GetCPInfo
HeapReAlloc
LCMapStringA
LCMapStringW
GetTimeFormatA
GetDateFormatA
CompareStringA
CompareStringW
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
TlsFree
TlsAlloc
QueryPerformanceCounter
GetSystemTimeAsFileTime
TerminateProcess
HeapSize
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
GetACP
GetOEMCP
FlushFileBuffers
VirtualAlloc
IsBadWritePtr
VirtualProtect
GetSystemInfo
VirtualQuery
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
IsBadReadPtr
IsBadCodePtr
GetTimeZoneInformation
SetStdHandle
ReadFile
GetLocaleInfoW
SetEndOfFile
SetEnvironmentVariableA
FormatMessageA
TerminateThread
CloseHandle
GetSystemDirectoryA
OpenFile
GetProfileStringA
WriteProfileStringA
GetCommandLineA
GetCurrentProcess
SetPriorityClass
GetTickCount
InterlockedDecrement
InterlockedIncrement
Sleep
GetModuleHandleA
LoadLibraryA
GetProcAddress
GetLastError
ExitProcess
FreeLibrary

user32

FindWindowA
SendMessageA

winspool.drv

DeleteMonitorA

advapi32

SetKernelObjectSecurity
SetSecurityInfo
InitializeAcl
AddAccessAllowedAce
IsValidSid
GetLengthSid
GetAce
AllocateAndInitializeSid
FreeSid
RegEnumValueA
RegCreateKeyExA
RegEnumKeyExA
RegDeleteKeyA
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
InitializeSecurityDescriptor
EqualSid
DeleteAce
AddAccessDeniedAce
GetAclInformation
RegSetValueExA
AddAce
LookupAccountNameA
CopySid
OpenProcessToken
GetTokenInformation
MakeSelfRelativeSD
GetSecurityDescriptorLength
GetSecurityDescriptorSacl
GetSecurityDescriptorOwner
GetSecurityDescriptorGroup
MakeAbsoluteSD
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
SetSecurityDescriptorDacl
GetSecurityDescriptorDacl

ole32

CoInitializeEx
CoInitializeSecurity
CoRevokeClassObject
CoCreateInstance
CoInitialize
CLSIDFromString
CoResumeClassObjects
CoRegisterClassObject
CoAddRefServerProcess
CoReleaseServerProcess
CoUninitialize

oleaut32

VariantClear
VariantInit
SysFreeString
SysAllocString
SysStringLen

Sections

.text
Size: 348KB - Virtual size: 347KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f86463c0039e4f88a39189317d94a58b

Headers

File Characteristics

Imports

kernel32

user32

winspool.drv

advapi32

ole32

oleaut32

Sections

.text Size: 348KB - Virtual size: 347KB

.rdata Size: 100KB - Virtual size: 99KB

.data Size: 24KB - Virtual size: 31KB

Size: 56KB - Virtual size: 55KB

.rsrc Size: 4KB - Virtual size: 832B

.text
Size: 348KB - Virtual size: 347KB

.rdata
Size: 100KB - Virtual size: 99KB

.data
Size: 24KB - Virtual size: 31KB

.rsrc
Size: 4KB - Virtual size: 832B