59b8019561d140a1e81e81007a74f5c905a92d5dbc72d6fade42456a5fd22d85

Sharing

Copy URL Twitter E-mail

General

Target

59b8019561d140a1e81e81007a74f5c905a92d5dbc72d6fade42456a5fd22d85
Size

46KB
MD5

61c34b3349983a3ce39fc4f2d3e70f50
SHA1

5e373c30b5bb77d8923eb3f94a9776262126ebdc
SHA256

59b8019561d140a1e81e81007a74f5c905a92d5dbc72d6fade42456a5fd22d85
SHA512

548a7bdb3b8153c7c1031a807151b8ab3c92f1d9d841d667c4793889ed1dc489a57e4ea73d3c5d0b95709163cdc2ac6bfd8d1c7351fc265790c5e52614c3ceea
SSDEEP

768:0/8wL3kvwZmf93lEDa0LVyGnU0BMBSaeF/cigWZBARkCDtjujr1e1HiCNzzUA5:DwB293lWaoVXnUutaeBxARXp081H9NzR

Score

N/A

Malware Config

Signatures

Files

59b8019561d140a1e81e81007a74f5c905a92d5dbc72d6fade42456a5fd22d85
.exe windows x86

119e1be3ae0732df90f0dab4486da717

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

olecli32

ErrQueryOpen
LeRelease
DibCopy
ErrReconnect
DibGetData
LeReconnect
ErrGetUpdateOptions
OleLockServer
ErrCopyFromLink
LeActivate
ErrQueryOutOfDate
LeSetTargetDevice
OleDelete
DibRelease
OleGetData
OleClose
PbCreateFromTemplate
DefCreateFromTemplate
OleEnumObjects
OleSetColorScheme
ErrObjectConvert
BmGetData
BmClone
GenDraw
BmChangeData
OleRegisterClientDoc

kernel32

GetTickCount
QueryDepthSList
GetModuleHandleA
FindActCtxSectionStringW
VirtualQueryEx
LoadLibraryA
GetMailslotInfo
QueryInformationJobObject
QueueUserWorkItem
ChangeTimerQueueTimer
DeactivateActCtx
GetDiskFreeSpaceW
GetFullPathNameW
EnumResourceTypesA
GetCurrencyFormatW
GetLongPathNameW
RegisterWowBaseHandlers
VirtualAlloc
SetConsoleInputExeNameW
CreateJobObjectA
BaseFlushAppcompatCache
GetTempFileNameW
BackupRead
BeginUpdateResourceA
CompareStringW
LZStart
SetComputerNameExA
GetFullPathNameA
GetModuleHandleW
GlobalAlloc
ExpandEnvironmentStringsA
SetPriorityClass
GetConsoleCommandHistoryA
SetConsoleIcon

advapi32

SetSecurityInfoExW
RegSetValueW
DeleteService
ChangeServiceConfigW
QueryServiceConfig2W
SaferComputeTokenFromLevel
ElfOpenBackupEventLogA
LsaClose
CryptVerifySignatureA
CredWriteW
SystemFunction041
SystemFunction007
LogonUserExA
RegDisablePredefinedCache
GetNamedSecurityInfoA
BuildImpersonateTrusteeW
SetSecurityInfo
DuplicateToken
StartServiceCtrlDispatcherW
BuildTrusteeWithNameA
SetNamedSecurityInfoExA
SystemFunction021
GetAccessPermissionsForObjectA
SetEntriesInAuditListW
SystemFunction014
SystemFunction028
CredpConvertTargetInfo
CredWriteDomainCredentialsA
RegDeleteValueW
AbortSystemShutdownW
SystemFunction017
WmiDevInstToInstanceNameW
GetAclInformation
AddAccessDeniedAceEx
CreateProcessWithLogonW

shdocvw

SHAddSubscribeFavorite
DoAddToFavDlg
URLQualifyW
SetQueryNetSessionCount
URLQualifyA
HlinkFindFrame
DoOrganizeFavDlgW
DllGetVersion
SoftwareUpdateMessageBox
DllRegisterWindowClasses
AddUrlToFavorites
SHGetIDispatchForFolder
OpenURL
DoPrivacyDlg
ImportPrivacySettings
HlinkFrameNavigate
DoOrganizeFavDlg
DoFileDownload
HlinkFrameNavigateNHL
DoAddToFavDlgW

hid

HidP_GetUsagesEx
HidD_SetConfiguration
HidD_GetSerialNumberString
HidP_GetSpecificValueCaps
HidD_GetMsGenreDescriptor
HidP_GetUsages
HidD_GetManufacturerString
HidD_GetFeature
HidD_GetHidGuid
HidD_GetAttributes
HidD_FlushQueue
HidD_Hello
HidD_SetNumInputBuffers
HidP_GetCaps
HidP_GetScaledUsageValue
HidP_GetData
HidP_GetUsageValueArray
HidP_SetUsages
HidP_GetUsageValue
HidP_GetExtendedAttributes
HidD_SetOutputReport
HidP_SetScaledUsageValue
HidP_GetValueCaps
HidD_GetPhysicalDescriptor
HidP_SetUsageValueArray
HidP_GetButtonCaps
HidP_SetUsageValue

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 586B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nxvactw
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

119e1be3ae0732df90f0dab4486da717

Headers

DLL Characteristics

File Characteristics

Imports

olecli32

kernel32

advapi32

shdocvw

hid

Sections

.text Size: 34KB - Virtual size: 33KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 1024B - Virtual size: 586B

.rsrc Size: 3KB - Virtual size: 31KB

nxvactw Size: - Virtual size: 4KB

.text
Size: 34KB - Virtual size: 33KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 1024B - Virtual size: 586B

.rsrc
Size: 3KB - Virtual size: 31KB

nxvactw
Size: - Virtual size: 4KB