a5885c126a0ae97d67954d5c51e5688fc081a8116f3ec0aa245f0091eb7a74ca

Sharing

Copy URL Twitter E-mail

General

Target

a5885c126a0ae97d67954d5c51e5688fc081a8116f3ec0aa245f0091eb7a74ca
Size

253KB
MD5

755e5ae71feb373dceae808a92700f70
SHA1

4196339756fa3d35a4443e5af75b1f4b6ee06152
SHA256

a5885c126a0ae97d67954d5c51e5688fc081a8116f3ec0aa245f0091eb7a74ca
SHA512

0aa1e7d0d206c261ca131892631a849c1b94ca998116e3a79253154ed613d9bc8ca79f58d39b3c5b4bc2a8506bf7095ad5b45a10b8489400c25030c35b4fcdde
SSDEEP

6144:Akos7T1dsYF7KbXOM6mm6HV2G1ROxOAsmb:AXwcA6HlKp

Score

N/A

Malware Config

Signatures

Files

a5885c126a0ae97d67954d5c51e5688fc081a8116f3ec0aa245f0091eb7a74ca
.exe windows x86

227ac2432c670a118f479a6e9dcc3fbf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CreateTraceInstanceId
BuildImpersonateExplicitAccessWithNameW
RegOpenKeyA
CryptSignHashA
LsaLookupNames
UninstallApplication
LsaFreeMemory
BuildTrusteeWithNameW
EnableTrace
SystemFunction017
SetNamedSecurityInfoW
StartServiceCtrlDispatcherA
CryptDeriveKey
LookupPrivilegeValueA
ConvertStringSidToSidA

advpack

FileSaveRestoreOnINF
NeedReboot
NeedRebootInit
RebootCheckOnInstall
AdvInstallFile
IsNTAdmin
SetPerUserSecValues
RegSaveRestoreOnINF
RegisterOCX
RunSetupCommand
CloseINFEngine
UserUnInstStubWrapper
GetVersionFromFile

kernel32

ExitProcess
CreateDirectoryExA
RtlUnwind
GetExitCodeProcess

user32

GetDlgItemTextA
GetCursorPos
GetFocus

comctl32

InitMUILanguage
MakeDragList
DrawStatusTextA
ImageList_SetBkColor
ImageList_SetImageCount
FlatSB_SetScrollInfo
ImageList_Draw
ImageList_DragShowNolock
ImageList_GetDragImage
FlatSB_GetScrollPos
CreateStatusWindowW
ImageList_GetIcon
FlatSB_SetScrollProp
InitializeFlatSB
ImageList_Add
_TrackMouseEvent
ImageList_Write
ImageList_DrawEx
CreateStatusWindowA
GetEffectiveClientRect
ImageList_Replace
ImageList_ReplaceIcon
CreatePropertySheetPageA
ImageList_EndDrag
MenuHelp
CreatePropertySheetPageW
ImageList_GetImageRect
PropertySheetW

Sections

.text
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 199KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

227ac2432c670a118f479a6e9dcc3fbf

Headers

File Characteristics

Imports

advapi32

advpack

kernel32

user32

comctl32

Sections

.text Size: 87KB - Virtual size: 86KB

.rdata Size: 10KB - Virtual size: 9KB

.data Size: 31KB - Virtual size: 199KB

.rsrc Size: 118KB - Virtual size: 118KB

.idata Size: 5KB - Virtual size: 5KB

.text
Size: 87KB - Virtual size: 86KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 31KB - Virtual size: 199KB

.rsrc
Size: 118KB - Virtual size: 118KB

.idata
Size: 5KB - Virtual size: 5KB