2692658998992bd2d184f759a68d480a57891144eb9d9d86ecef25021dfd305a

Sharing

Copy URL Twitter E-mail

General

Target

2692658998992bd2d184f759a68d480a57891144eb9d9d86ecef25021dfd305a
Size

363KB
MD5

668d8d59468da07d746fc3538f5c29d0
SHA1

8e8657f54e0cddc65e1c6cf8314cd7e359ac0061
SHA256

2692658998992bd2d184f759a68d480a57891144eb9d9d86ecef25021dfd305a
SHA512

c14f617cf0d2465c32a7f860ba60ac35c5ddbcfdbccfca3d9202a57a4f31c202955659e30ebe24bb0cbe1d3aa1b9a9c7fc34c609f6b274355924f14143ecee57
SSDEEP

6144:tCIft1gnlXh9Z75HxGfPWnihv06/ONiJtraWhR+MNggKOoKassBO7x4gruL5rn:tPgnlfH+bGNiJtGW7+MCKassBO7xUVL

Score

N/A

Malware Config

Signatures

Files

2692658998992bd2d184f759a68d480a57891144eb9d9d86ecef25021dfd305a
.exe windows x86

4d52c2c4e145b7748b92dff407047e01

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetSidIdentifierAuthority
RegOpenKeyW
CloseServiceHandle
RegCloseKey
QueryServiceStatus
RegQueryValueExW
OpenSCManagerW
StartServiceW
IsValidSid
LookupAccountSidA
CreateServiceW
GetSidSubAuthorityCount
GetSidSubAuthority
OpenServiceW

kernel32

IsValidLocale
HeapDestroy
WideCharToMultiByte
IsValidCodePage
TlsSetValue
FindResourceW
GetCurrentThreadId
RtlUnwind
VirtualQuery
VirtualAlloc
GetSystemDirectoryW
GetStdHandle
TlsAlloc
WaitForSingleObject
FreeEnvironmentStringsA
SetLastError
DeleteCriticalSection
OpenFileMappingW
GetSystemTimeAsFileTime
VirtualFree
LeaveCriticalSection
GetCommandLineA
CompareStringW
EnterCriticalSection
SizeofResource
GetUserDefaultLCID
DeleteFileW
TlsFree
LockResource
CloseHandle
HeapAlloc
GetSystemInfo
GetFileType
GetComputerNameA
GetDateFormatA
GetOEMCP
GetACP
HeapFree
HeapReAlloc
CompareStringA
FreeEnvironmentStringsW
HeapSize
CreateFileW
CreateThread
SetFilePointer
TlsGetValue
FatalAppExitA
VirtualProtect
SetEnvironmentVariableA
MapViewOfFile
LCMapStringW
FlushFileBuffers
DeviceIoControl
UnhandledExceptionFilter
SetStdHandle
WriteFile
GetModuleHandleA
LCMapStringA
LoadResource
OpenEventW
SetHandleCount
GetTimeZoneInformation
GetTimeFormatA
EnumSystemLocalesA
LoadLibraryW

user32

LoadStringW

esent

JetCreateIndex
JetDelete
JetCreateTable
JetSetCurrentIndex3
JetOpenTempTable
JetCommitTransaction
JetSetColumnDefaultValue
JetConvertDDL
JetBeginSession
JetAttachDatabase2
JetRegisterCallback
JetCreateIndex2
JetCloseDatabase
JetGetDatabaseInfo
JetCloseFile
JetEnumerateColumns
JetDupCursor
JetGotoPosition
JetGetBookmark
JetGetTruncateLogInfoInstance

d3d8thk

OsThunkDdUnattachSurface
OsThunkDdQueryDirectDrawObject
OsThunkDdGetMoCompFormats
OsThunkDdGetMoCompGuids
OsThunkDdBeginMoCompFrame
OsThunkDdLock
OsThunkDdCanCreateD3DBuffer

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 334KB - Virtual size: 990KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4d52c2c4e145b7748b92dff407047e01

Headers

File Characteristics

Imports

advapi32

kernel32

user32

esent

d3d8thk

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 334KB - Virtual size: 990KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 334KB - Virtual size: 990KB

.rsrc
Size: 3KB - Virtual size: 3KB