76eac52b7fc20b66570c81418d680169fac7c5fdbe7fbe3e8a164a6ccf1e582f

Sharing

Copy URL

Twitter E-mail

General

Target

76eac52b7fc20b66570c81418d680169fac7c5fdbe7fbe3e8a164a6ccf1e582f
Size

928KB
MD5

6f3edfb68fa76b6a8aaeda80ad3cecc7
SHA1

8ead2d84c130c6d3e33cf6a2cafdaaf37b75f55b
SHA256

76eac52b7fc20b66570c81418d680169fac7c5fdbe7fbe3e8a164a6ccf1e582f
SHA512

a45728158ecda787db511b1846d97115fbef2a031de10eb3536cac2031850ab7b58d2f18ce1f6e68342570e8442b92bc90383a0c76952c8c3c61ab3651d9a1b3
SSDEEP

24576:EUrYhmqvbAqd0bWbZr64BoHLqMia5VqE:HwvBdMWVr6VrqHa5VqE

Score

N/A

Malware Config

Signatures

Files

76eac52b7fc20b66570c81418d680169fac7c5fdbe7fbe3e8a164a6ccf1e582f
.exe windows x86

3a537062bb174667e487e058fd1ff4b8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

_wtoi64
_wchdir
_ltow
scanf
??8type_info@@QBEHABV0@@Z
asctime
wcscspn
_ismbcalnum
_iob
__p__environ
memmove
_stat
_snprintf
_adjust_fdiv
_mbsrchr
_CIlog
_wcsicoll
srand
isalpha
realloc
_wgetcwd
iswlower
_localtime64

kernel32

VirtualProtect
CompareStringA
GetVDMCurrentDirectories
GetFileAttributesW
GetEnvironmentVariableA
UnregisterWaitEx
SetConsoleOS2OemFormat
FormatMessageA
ClearCommError
VirtualAlloc
EnumResourceNamesW
lstrcpyA
QueueUserAPC
SetFilePointerEx
AreFileApisANSI
SetThreadIdealProcessor
GetTickCount
SetFilePointer
HeapLock
GetNamedPipeInfo
DeleteVolumeMountPointA
MoveFileExW
CreateSemaphoreA
WriteFileEx
GetStdHandle
Module32FirstW
EnterCriticalSection
SetConsoleScreenBufferSize
SearchPathW
OpenSemaphoreA
GetCurrentDirectoryW
PeekNamedPipe

uxtheme

GetThemeBool
CloseThemeData
SetWindowTheme
IsThemeActive
GetThemeSysFont
GetThemeAppProperties
GetThemeMetric
GetThemeMargins
GetThemeBackgroundRegion
OpenThemeData
GetThemeFont
DrawThemeText
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
GetThemeBackgroundExtent

comctl32

ImageList_DrawEx
ImageList_AddMasked
ImageList_Remove
ImageList_SetOverlayImage
ImageList_DragShowNolock
ImageList_Create
ImageList_Draw
ImageList_ReplaceIcon
ImageList_GetDragImage
ImageList_GetImageCount
InitCommonControls
PropertySheetW
ImageList_SetBkColor
ImageList_GetIconSize
ImageList_BeginDrag
ImageList_SetIconSize
PropertySheetA
_TrackMouseEvent
ImageList_DragEnter
ImageList_GetIcon
CreateStatusWindowA
ImageList_Add
ImageList_SetDragCursorImage

odbc32

CursorLibLockDbc
PostODBCError
CursorLibLockStmt
PostODBCComponentError
CursorLibTransact
CursorLibLockDesc
LockHandle
VFreeErrors
VRetrieveDriverErrorsRowCol
ValidateErrorQueue
SearchStatusCode

wintrust

CryptCATAdminAcquireContext
CryptCATEnumerateCatAttr
CryptCATAdminReleaseCatalogContext
WTHelperGetProvSignerFromChain
CryptCATAdminAddCatalog
WinVerifyTrust
CryptCATAdminCalcHashFromFileHandle
CryptCATGetMemberInfo
CryptCATOpen
CryptCATClose
CryptCATAdminEnumCatalogFromHash
IsCatalogFile
WTHelperGetFileHash
WTHelperGetProvCertFromChain
CryptCATGetAttrInfo
WintrustAddActionID
CryptCATGetCatAttrInfo
WintrustRemoveActionID
WTHelperProvDataFromStateData
CryptCATAdminReleaseContext
CryptCATEnumerateAttr
WintrustLoadFunctionPointers
CryptCATEnumerateMember
WinVerifyTrustEx
CryptCATCatalogInfoFromContext

advapi32

BackupEventLogW
GetCurrentHwProfileW
AddAuditAccessAceEx
ReadEventLogW
QueryRecoveryAgentsOnEncryptedFile
QueryServiceStatusEx
RegQueryMultipleValuesA
AreAnyAccessesGranted
AddAccessDeniedAce
RegSetKeySecurity
AllocateAndInitializeSid
WriteEncryptedFileRaw
GetEffectiveRightsFromAclW
LookupAccountNameA
RegSetValueA
SetPrivateObjectSecurity
BuildSecurityDescriptorW

crypt32

CertFreeCertificateContext

Sections

.data
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 207B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 211KB - Virtual size: 582KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 115KB - Virtual size: 369KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 199KB - Virtual size: 245KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 237KB - Virtual size: 306KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a537062bb174667e487e058fd1ff4b8

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

uxtheme

comctl32

odbc32

wintrust

advapi32

crypt32

Sections

.data Size: 1024B - Virtual size: 972B

.rdata Size: 512B - Virtual size: 207B

.text Size: 211KB - Virtual size: 582KB

.rdata Size: 115KB - Virtual size: 369KB

.idata Size: 199KB - Virtual size: 245KB

.data Size: 237KB - Virtual size: 306KB

.rsrc Size: 160KB - Virtual size: 159KB

.reloc Size: 2KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 972B

.rdata
Size: 512B - Virtual size: 207B

.text
Size: 211KB - Virtual size: 582KB

.rdata
Size: 115KB - Virtual size: 369KB

.idata
Size: 199KB - Virtual size: 245KB

.data
Size: 237KB - Virtual size: 306KB

.rsrc
Size: 160KB - Virtual size: 159KB

.reloc
Size: 2KB - Virtual size: 1KB