97f2b762c1c97fafa066e9026a2ed1aee6f31527f2af8b979c33d7dbf4f3259c

Sharing

Copy URL

Twitter E-mail

General

Target

97f2b762c1c97fafa066e9026a2ed1aee6f31527f2af8b979c33d7dbf4f3259c
Size

220KB
MD5

10c1905bdeb4c2b68b882686cabdb647
SHA1

5d35763d975c696f00a455393b8ddf9dd4865f7f
SHA256

97f2b762c1c97fafa066e9026a2ed1aee6f31527f2af8b979c33d7dbf4f3259c
SHA512

f11f51726ab1ba06bd7583f261524b30902e44f2632717b481c74599ae95d640fc915caa4f71df7245c2bad7c7b6fcd5ada49dbab2ad6d88d916a9fcfea8c969
SSDEEP

3072:/mPuIDBayr1iE7YGrsrpVhizsexQh3e07Fyo32FBHvex6oj:/MuIVayhiEMGrsjwA3euFT32Fpdg

Score

N/A

Malware Config

Signatures

Files

97f2b762c1c97fafa066e9026a2ed1aee6f31527f2af8b979c33d7dbf4f3259c
.dll windows x86

11e0ce1be130e74800309c765a9f5be6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnhandledExceptionFilter
TerminateProcess
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetStartupInfoA
GetModuleHandleA
GetModuleFileNameW
GetLastError
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
CreateFileW
GetSystemTime
LoadLibraryA
GetProcAddress

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

EnumServiceGroupW
WriteEncryptedFileRaw
UnlockServiceDatabase
TrusteeAccessToObjectW
SystemFunction020
SystemFunction013
SystemFunction011
SystemFunction002
SetUserFileEncryptionKey
SetSecurityInfoExA
SetSecurityDescriptorGroup
SetNamedSecurityInfoA
SetFileSecurityA
RegisterTraceGuidsW
RegisterEventSourceW
RegSetValueW
RegQueryValueA
RegNotifyChangeKeyValue
RegEnumKeyA
RegDeleteValueW
RegCreateKeyExW
RegOpenKeyW
AbortSystemShutdownA
AddUsersToEncryptedFile
AreAnyAccessesGranted
BackupEventLogA
BackupEventLogW
BuildImpersonateTrusteeA
BuildSecurityDescriptorW
BuildTrusteeWithObjectsAndNameW
BuildTrusteeWithSidA
BuildTrusteeWithSidW
ChangeServiceConfig2A
ControlTraceW
ConvertSecurityDescriptorToAccessA
ConvertSecurityDescriptorToAccessNamedA
ConvertSecurityDescriptorToAccessNamedW
ConvertSidToStringSidW
CopySid
CreatePrivateObjectSecurityEx
CryptDuplicateKey
CryptGetHashParam
CryptSetProviderA
CryptSetProviderExW
CryptSignHashA
CryptSignHashW
CryptVerifySignatureA
CryptVerifySignatureW
DeleteAce
DestroyPrivateObjectSecurity
DuplicateTokenEx
ElfOpenBackupEventLogW
ElfOpenEventLogA
ElfRegisterEventSourceW
EncryptionDisable
RegCloseKey
FileEncryptionStatusW
GetAccessPermissionsForObjectW
GetCurrentHwProfileA
GetEffectiveRightsFromAclW
GetFileSecurityW
GetLengthSid
GetSecurityDescriptorGroup
GetSecurityDescriptorLength
GetServiceDisplayNameA
GetSidSubAuthorityCount
GetTraceEnableFlags
GetTrusteeTypeW
InitiateSystemShutdownExA
LookupPrivilegeNameW
LsaAddAccountRights
LsaAddPrivilegesToAccount
LsaClose
LsaCreateTrustedDomain
LsaEnumerateAccountsWithUserRight
LsaGetQuotasForAccount
LsaGetRemoteUserName
LsaLookupPrivilegeName
LsaOpenAccount
LsaOpenSecret
LsaRemoveAccountRights
LsaSetSecret
ObjectCloseAuditAlarmW
ObjectDeleteAuditAlarmW
OpenEncryptedFileRawW
QueryRecoveryAgentsOnEncryptedFile

ole32

CoUninitialize
CoInitialize

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 167KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 196B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 632B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

11e0ce1be130e74800309c765a9f5be6

Headers

File Characteristics

Imports

kernel32

comdlg32

advapi32

ole32

Sections

.text Size: 3KB - Virtual size: 3KB

.text Size: 39KB - Virtual size: 39KB

.rdata Size: 167KB - Virtual size: 167KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 196B

.rsrc Size: 1024B - Virtual size: 632B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 3KB - Virtual size: 3KB

.text
Size: 39KB - Virtual size: 39KB

.rdata
Size: 167KB - Virtual size: 167KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 196B

.rsrc
Size: 1024B - Virtual size: 632B

.reloc
Size: 1KB - Virtual size: 1KB