a2ab500d1f77a6b9133ef3d31a60dd6ed1c795f767be9bb860e5785fc814759a

Sharing

Copy URL Twitter E-mail

General

Target

a2ab500d1f77a6b9133ef3d31a60dd6ed1c795f767be9bb860e5785fc814759a
Size

1007KB
MD5

01b7bd3c7d5a75036ab837b544955090
SHA1

1783eb7d6b51e1db8b45115afe378698aefb542e
SHA256

a2ab500d1f77a6b9133ef3d31a60dd6ed1c795f767be9bb860e5785fc814759a
SHA512

a43ac9a758c5bd5aa8fbdd93c1af730d832b481711ba02bc4e4f465d33141ae5a2f8d1f9512ae74805b2ffe093547af1fc614b53f1d2ab36747f43ef5e8da923
SSDEEP

24576:lqTqjg2V/LMW/HhxzGAhDd/WeQwORlhAwrEjK5rRyuvujk8XMAH:Jk21MyxzGAhD+hRlhAVqrGjk4JH

Score

N/A

Malware Config

Signatures

Files

a2ab500d1f77a6b9133ef3d31a60dd6ed1c795f767be9bb860e5785fc814759a
.exe windows x86

ced89c74206e40c97a17cea8e45f5e0e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

PeekNamedPipe
GetFileInformationByHandle
GetFileAttributesA
MoveFileA
FileTimeToLocalFileTime
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
GetCurrentProcess
GetProcessAffinityMask
GetVersionExA
CreateFileA
DeviceIoControl
ReleaseMutex
CreateMutexA
SetEvent
ResetEvent
CreateEventA
TerminateThread
WaitForSingleObject
WaitForMultipleObjects
ResumeThread
SuspendThread
CreateThread
GetCurrentThread
CloseHandle
LeaveCriticalSection
GetCommandLineA
MultiByteToWideChar
GetSystemTimeAsFileTime
GetLastError
HeapFree
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleHandleW
GetProcAddress
ExitProcess
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
WriteFile
FreeEnvironmentStringsA
EnterCriticalSection
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
RaiseException
HeapSize
SetEnvironmentVariableA
SetEnvironmentVariableW
VirtualAlloc
HeapReAlloc
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetTimeZoneInformation
SetFilePointer
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
FreeLibrary
LoadLibraryA
FlushFileBuffers
ReadFile
SetStdHandle
CompareStringA
CompareStringW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetLocaleInfoW
SetEndOfFile
GetProcessHeap
LocalFree
lstrlenA
lstrcmpA
LocalAlloc
GetVersion
GetSystemDirectoryA
UnmapViewOfFile
GetFileSize
MapViewOfFile
CreateFileMappingA
GetTempPathA
GetFullPathNameA
GetPrivateProfileStringA
GetPrivateProfileIntA
QueryPerformanceFrequency
DeleteFileA
GetCurrentDirectoryA
GetEnvironmentVariableA
DefineDosDeviceA
QueryDosDeviceA
SetFileAttributesA
SetFileTime
GetFileTime
FindClose
CreateDirectoryA
FindFirstFileA
FileTimeToSystemTime
LocalFileTimeToFileTime
SystemTimeToFileTime
FindNextFileA
FormatMessageA
GetVolumeInformationA
GetDriveTypeA
GetLogicalDriveStringsA
WinExec
CreateProcessA
MoveFileExA
GetCurrentThreadId
DeleteCriticalSection
InitializeCriticalSection
GetEnvironmentStrings
GetModuleFileNameA

user32

GetSystemMetrics
KillTimer
SetTimer
CharNextA
MessageBoxA

ws2_32

ntohs
gethostbyaddr
htons
getservbyname
getservbyport
inet_ntoa
gethostbyname
setsockopt
closesocket
inet_addr
WSAGetLastError
WSASetLastError
getsockname
getpeername
recv
send
connect
htonl

netapi32

Netbios

rpcrt4

UuidCreate

advapi32

RegQueryValueExA
RegOpenKeyA
SetFileSecurityA
SetSecurityDescriptorDacl
RegCloseKey
InitializeSecurityDescriptor
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegSetValueA
RegQueryValueA
RegSetKeySecurity
RegEnumKeyExA
GetUserNameA
RegCreateKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
FreeSid
OpenProcessToken
SetNamedSecurityInfoA
SetEntriesInAclA
AllocateAndInitializeSid
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA

ole32

CoInitializeSecurity
CoUninitialize
CoCreateInstance
CoSetProxyBlanket
CoInitializeEx

oleaut32

VariantClear
SysFreeString
SysAllocString

Sections

.text
Size: 713KB - Virtual size: 712KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 128KB - Virtual size: 917KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 74KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ced89c74206e40c97a17cea8e45f5e0e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ws2_32

netapi32

rpcrt4

advapi32

ole32

oleaut32

Sections

.text Size: 713KB - Virtual size: 712KB

.rdata Size: 85KB - Virtual size: 85KB

.data Size: 128KB - Virtual size: 917KB

.rsrc Size: 74KB - Virtual size: 76KB

.text
Size: 713KB - Virtual size: 712KB

.rdata
Size: 85KB - Virtual size: 85KB

.data
Size: 128KB - Virtual size: 917KB

.rsrc
Size: 74KB - Virtual size: 76KB