daf83cba9807b12adeb8b128cc488d3fcaed4e753049f71e83200488ba6ca5ee

Sharing

Copy URL Twitter E-mail

General

Target

daf83cba9807b12adeb8b128cc488d3fcaed4e753049f71e83200488ba6ca5ee
Size

448KB
MD5

4023eb7521904b3dfae7d870b547e679
SHA1

d62f2f1a7c03aad29ee201f46d21317c12edabdc
SHA256

daf83cba9807b12adeb8b128cc488d3fcaed4e753049f71e83200488ba6ca5ee
SHA512

6bf764ff710cbc58a65a8ea167d613609a40daf5315b1019a288917e8b35ea44fa520cefd9e883d087deace93e0e4b062905353f8dda9ea8d3f75f1bba7a70d3
SSDEEP

6144:rk0nOQKzoTTrz0A+vczMO1hWZvlqUW2WWLX2v+LGisGTzb7mwHMXenh:o0nOQIoTTE//6hAvlqUDf8sTz3myh

Score

N/A

Malware Config

Signatures

Files

daf83cba9807b12adeb8b128cc488d3fcaed4e753049f71e83200488ba6ca5ee
.exe windows x86

99c715c956862ec98e31bfc08081c376

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

strncpy
_chsize
_c_exit
_wcslwr
strlen
_purecall
realloc
iswspace
wcscmp
strtok
isspace
isxdigit
_commit
towupper
_amsg_exit
memmove
_access
floor
_stat
?terminate@@YAXXZ
_CxxThrowException
_rotl
wcsrchr
ctime
fclose
_ftol
isdigit
wcstombs
wcsncat
exit
strstr
_rotr
__p__osver
wcscpy
towlower
swscanf
_XcptFilter
strtoul
_errno
rand
malloc
__p__commode
__p__iob
fflush

user32

GetDC
RegisterClassExW
MessageBeep
SetWindowRgn
GetMessageA
EndPaint
RegisterClassA
UpdateWindow
IsWindow
SetDlgItemTextW
LoadIconW
SetMenu
PtInRect
ExitWindowsEx
SystemParametersInfoA
GetWindow
SendDlgItemMessageW
GetMessagePos
LoadCursorA
InflateRect
RedrawWindow
GetMenu
InvalidateRect
SetWindowPos
EndDialog
LoadStringA
CharLowerW
RegisterClassExA
EnableWindow
CharPrevA
IsDlgButtonChecked
SendDlgItemMessageA
GetDlgCtrlID
PostMessageW

kernel32

FindResourceA
DeleteFileA
InterlockedIncrement
GetFullPathNameW
GetDriveTypeW
GetVersion
GetExitCodeThread
TlsAlloc
GetVersionExW
FormatMessageA
IsBadWritePtr
UnhandledExceptionFilter
lstrlenA
GetModuleHandleW
FindFirstFileA
SystemTimeToFileTime
SetErrorMode
LoadLibraryExA
GetFileAttributesA
UnmapViewOfFile
GetSystemTimeAsFileTime
GetSystemDirectoryW
HeapFree
GetCPInfo
GetStdHandle
SetLastError
CreateThread
ResumeThread
CompareStringA
InterlockedCompareExchange
WriteConsoleW
MulDiv
LockResource
SetEndOfFile
Sleep
OpenMutexW
GetThreadLocale
SetHandleCount
CreateProcessA
GetCurrentProcessId
GetLocaleInfoW
GetOEMCP
GetFileSize
WaitForMultipleObjects
SetFileAttributesW
lstrcmpW
GetTickCount
CreateFileMappingW
LeaveCriticalSection
GetDriveTypeA
CreateFileW
GetLocaleInfoA
OpenEventW
GetCurrentProcess
LCMapStringA
OutputDebugStringW
HeapAlloc
OutputDebugStringA
OpenEventA
TlsGetValue
VirtualAlloc
GetSystemTime
WriteTapemark
InitializeCriticalSection
CreateDirectoryA
lstrcpynA

advapi32

ConvertStringSidToSidW
ConvertSidToStringSidW
RegOpenKeyExW
SetSecurityDescriptorOwner
AdjustTokenPrivileges
RegEnumValueA
RegQueryValueExW
UnlockServiceDatabase
SetEntriesInAclW
RegEnumKeyExA
SetThreadToken
RegDeleteValueA
RegSetValueA
RegSetValueW
RegisterTraceGuidsW
SetFileSecurityW
LsaQueryInformationPolicy
IsValidSecurityDescriptor
OpenSCManagerA
AddAccessAllowedAce
GetLengthSid
GetAce
ControlService
RegOpenKeyExA
SetSecurityDescriptorDacl
RegQueryInfoKeyW
LsaOpenPolicy
ChangeServiceConfigW
RegDeleteKeyA
IsValidSid
ImpersonateLoggedOnUser
ReportEventW
RegQueryValueExA
OpenProcessToken
CheckTokenMembership
InitializeAcl
LookupAccountSidW
RegCloseKey
InitializeSecurityDescriptor
GetSecurityDescriptorOwner
SetNamedSecurityInfoW
CryptCreateHash
StartServiceW
RegDeleteValueW
GetTraceEnableLevel
DeregisterEventSource
GetTraceLoggerHandle
RegEnumKeyExW
GetTokenInformation
GetTraceEnableFlags
OpenSCManagerW
OpenServiceA
RegFlushKey
RegDeleteKeyW
LookupPrivilegeValueA
GetSidIdentifierAuthority
RegCreateKeyExW
AddAce
LsaClose
CloseServiceHandle
AllocateAndInitializeSid

Sections

.text
Size: 294KB - Virtual size: 293KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.textbss
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.textbss
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 3KB - Virtual size: 243KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 98KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

99c715c956862ec98e31bfc08081c376

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

user32

kernel32

advapi32

Sections

.text Size: 294KB - Virtual size: 293KB

.tls Size: 6KB - Virtual size: 6KB

.textbss Size: 3KB - Virtual size: 2KB

DATA Size: 7KB - Virtual size: 7KB

.tls Size: 8KB - Virtual size: 7KB

.tls Size: 1024B - Virtual size: 284KB

DATA Size: 5KB - Virtual size: 4KB

.textbss Size: 6KB - Virtual size: 6KB

.tls Size: 8KB - Virtual size: 7KB

.tls Size: 3KB - Virtual size: 243KB

.bss Size: 6KB - Virtual size: 6KB

.rsrc Size: 98KB - Virtual size: 100KB

.text
Size: 294KB - Virtual size: 293KB

.tls
Size: 6KB - Virtual size: 6KB

.textbss
Size: 3KB - Virtual size: 2KB

DATA
Size: 7KB - Virtual size: 7KB

.tls
Size: 8KB - Virtual size: 7KB

.tls
Size: 1024B - Virtual size: 284KB

DATA
Size: 5KB - Virtual size: 4KB

.textbss
Size: 6KB - Virtual size: 6KB

.tls
Size: 8KB - Virtual size: 7KB

.tls
Size: 3KB - Virtual size: 243KB

.bss
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 98KB - Virtual size: 100KB