0c70ef221a446f72ce77f7ea584490df362f64401dd4d197854d39cdcf294f01

Sharing

Copy URL

Twitter E-mail

General

Target

0c70ef221a446f72ce77f7ea584490df362f64401dd4d197854d39cdcf294f01
Size

174KB
MD5

6624f7d4d2e150dbfc94c37777c03b50
SHA1

65ad406e4ab43dc848702d1b8747db4b1c39f7bd
SHA256

0c70ef221a446f72ce77f7ea584490df362f64401dd4d197854d39cdcf294f01
SHA512

dec1d3f4523126eeae1984528e28dc95aaafabc4857b0506e402eda2bb744498bf4784ef6286a54d504fafdfacced48a07741f531b5a4a5340a016d9b293d150
SSDEEP

3072:+pKtIHUsczWaeumY+tHioJaoCUv9yXu08ZSDTyESEldQeJ98mQJ4qIib2:+pKti9Y6umLCIH99xSfyESiQF4J

Score

N/A

Malware Config

Signatures

Files

0c70ef221a446f72ce77f7ea584490df362f64401dd4d197854d39cdcf294f01
.exe windows x86

e61d721d17f2524cf08f0f73e999ff1f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoQueryAuthenticationServices
GetHGlobalFromILockBytes
StringFromCLSID
WriteClassStm
CoSuspendClassObjects
OleCreateFromFile
CoRevokeMallocSpy
OleRegEnumVerbs
OleCreateLinkFromData
CoMarshalInterface
OleIsCurrentClipboard
UtGetDvtd16Info
OleDraw
CoUnloadingWOW
OleGetIconOfFile
CreateItemMoniker
StgOpenAsyncDocfileOnIFillLockBytes
CoQueryProxyBlanket
CoCopyProxy
OleConvertIStorageToOLESTREAMEx
CoGetInstanceFromFile
OleQueryCreateFromData
PropVariantClear
CoFreeLibrary
StgGetIFillLockBytesOnILockBytes
StgCreateDocfileOnILockBytes
CoGetStandardMarshal
OleCreateFromDataEx
OleSetContainedObject
OleDestroyMenuDescriptor
OleGetAutoConvert
OleCreateLinkFromDataEx
GetDocumentBitStg
OleDoAutoConvert
OleGetIconOfClass
PropVariantCopy
OleCreateLinkEx
OleCreate
CoRevertToSelf
CoGetPSClsid
OleCreateLinkToFile
OleGetClipboard
StgSetTimes
CoSwitchCallContext
StgOpenStorageOnILockBytes
CoTaskMemAlloc
CLSIDFromProgID
CoFileTimeNow
CreateFileMoniker
CreateILockBytesOnHGlobal

shlwapi

PathBuildRootA
SHDeleteKeyW
StrToIntW
StrDupA
SHRegGetBoolUSValueW
PathSkipRootA
SHRegEnumUSValueW
StrPBrkW
StrCSpnW
StrCmpIW
StrCatBuffA
PathUnquoteSpacesA
PathRemoveFileSpecW
PathIsPrefixW
StrRStrIW
SHRegDeleteUSValueA
SHEnumKeyExW
SHDeleteKeyA
StrRetToBufW
StrChrIW
StrIsIntlEqualA
PathIsLFNFileSpecA
wnsprintfA
PathCompactPathExA
UrlGetPartW
StrSpnA
PathGetCharTypeW
PathIsSystemFolderA
GetMenuPosFromID
SHRegSetUSValueW
PathRelativePathToA
SHCreateStreamOnFileA
StrChrA
SHRegGetUSValueA
SHRegCloseUSKey
SHRegCreateUSKeyW
wvnsprintfA
StrCpyW
StrChrIA
ColorAdjustLuma
PathIsContentTypeW
SHQueryInfoKeyW
SHCopyKeyA
StrCmpNA
StrFormatKBSizeA
PathCompactPathW

advapi32

BuildSecurityDescriptorW
BackupEventLogW
IsValidAcl
GetExplicitEntriesFromAclW
CryptSetHashParam
RegUnLoadKeyA
ObjectDeleteAuditAlarmW
GetKernelObjectSecurity
RegRestoreKeyA
CryptSetProviderExA
AllocateLocallyUniqueId
GetSecurityInfoExW
CryptReleaseContext
RegDeleteKeyA
AdjustTokenGroups
RegEnumKeyA
ObjectPrivilegeAuditAlarmW
OpenProcessToken
SetEntriesInAccessListW
QueryServiceConfigA
GetOldestEventLogRecord
RegisterEventSourceA
ConvertSecurityDescriptorToAccessW
PrivilegeCheck
DeregisterEventSource
RegDeleteValueW
GetSidSubAuthority
OpenServiceW
CryptGenRandom
OpenServiceA
BuildExplicitAccessWithNameA
SetFileSecurityW

kernel32

GetDateFormatW
GetProfileSectionW
CreatePipe
SetPriorityClass
GetNumberFormatW
Heap32Next
DeleteFiber
WaitForSingleObjectEx
DeleteFileW
SetThreadLocale
GetVersionExW
DuplicateHandle
GetProfileIntW
FindNextChangeNotification
LocalFileTimeToFileTime
EnumCalendarInfoW
GetCompressedFileSizeA
GlobalAlloc
FormatMessageA
HeapFree
EnumSystemCodePagesW
SetCommMask
GetThreadPriorityBoost
VerLanguageNameW
SetCommState
GetDiskFreeSpaceA
MulDiv
WriteFileGather
GetPriorityClass
SearchPathW
CloseHandle
RemoveDirectoryA
SetLocaleInfoW
SwitchToFiber
FindFirstChangeNotificationW
EnumDateFormatsW
GetShortPathNameW
OutputDebugStringW
GlobalGetAtomNameA
QueueUserAPC
GetPrivateProfileSectionA
SetFileAttributesW
VirtualAlloc
VirtualProtect

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e61d721d17f2524cf08f0f73e999ff1f

Headers

DLL Characteristics

File Characteristics

Imports

ole32

shlwapi

advapi32

kernel32

Sections

.text Size: 58KB - Virtual size: 58KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 16KB

.text
Size: 58KB - Virtual size: 58KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 16KB