177a98828e07747377964a16d36bf53e51563d2aaf3ae0f1079445bec8d0ef79

Sharing

Copy URL Twitter E-mail

General

Target

177a98828e07747377964a16d36bf53e51563d2aaf3ae0f1079445bec8d0ef79
Size

275KB
MD5

8323e4b9f5a0ee1626e6959cd7948c00
SHA1

2b9c4013fcc30aaa12dd9caf59c6d50c4c35bbb7
SHA256

177a98828e07747377964a16d36bf53e51563d2aaf3ae0f1079445bec8d0ef79
SHA512

8a31f47d3e2555180e2f23161a8938655d1f825dedf4ed4f42fb7a3d277196d9bbfa8d9369f7d775c1e8b6cbbfa54117d01e1c71caf21922b15eedb3d17a157d
SSDEEP

6144:1+PVIfWcRoBGQHubpqHuf9aIVrUKZUmq2zhthSUnYOeuUvqj/9BEG:mBKRXgqq2vYOeSF9

Score

N/A

Malware Config

Signatures

Files

177a98828e07747377964a16d36bf53e51563d2aaf3ae0f1079445bec8d0ef79
.exe windows x86

e3873ec5d2a9fa893ab7f70895cbe637

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mpr

WNetCloseEnum
WNetAddConnection2W
WNetOpenEnumW
WNetEnumResourceW
WNetCancelConnection2W

kernel32

lstrcpyA
GetStartupInfoA
GetSystemDirectoryA
FormatMessageA
GetCurrentProcessId
GetCurrentThread
ExpandEnvironmentStringsA
GetLocalTime
LocalFree
CreateNamedPipeW
GetCPInfo
GetSystemDirectoryW
QueryPerformanceCounter
LoadLibraryW
AllocConsole
GetOverlappedResult
LoadLibraryExW
GlobalFree
GetSystemDefaultLCID
CancelIo
lstrlenW
GetModuleHandleA
GenerateConsoleCtrlEvent
GetACP
GetLastError
GetCurrentProcess
FreeConsole
GetConsoleMode
lstrcpyW
MultiByteToWideChar
GetExitCodeProcess
ReadConsoleOutputW
GlobalAlloc
GetLocaleInfoW
DuplicateHandle
WriteConsoleInputA
CreateFileA
WaitForSingleObject
WriteConsoleInputW
SetHandleInformation
FormatMessageW
WriteFile
SetUnhandledExceptionFilter
GetConsoleCP
WideCharToMultiByte
HeapFree
GetConsoleScreenBufferInfo
ReleaseMutex
GetProcAddress
GetTickCount
SetLastError
SetConsoleCtrlHandler
SetConsoleWindowInfo
GetComputerNameW
CloseHandle
SetConsoleScreenBufferSize
IsDBCSLeadByte
HeapAlloc
VirtualFree
GetStdHandle
SetEnvironmentVariableW
GetProcessHeap
OpenProcess
WriteConsoleW
CreateFileW
ExpandEnvironmentStringsW
WaitForMultipleObjects
lstrcatA
LocalAlloc
GetModuleFileNameA
ReadConsoleOutputA
SetErrorMode
FreeLibrary
CreateEventW
GetSystemTimeAsFileTime
GlobalFindAtomA
SetEnvironmentVariableA
ReadFile

security

QuerySecurityPackageInfoW
FreeContextBuffer
AcquireCredentialsHandleW
DeleteSecurityContext
RevertSecurityContext
FreeCredentialsHandle
ImpersonateSecurityContext
AcceptSecurityContext

msvcrt

wcschr
free
towlower
strtoul
wcscmp
wcsncat
wcscpy
??2@YAPAXI@Z
wcscat
sprintf
_initterm
isdigit
strchr
__p__fmode
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
__setusermatherr
malloc
_wcsicmp
_except_handler3
??3@YAXPAX@Z
_c_exit
_exit
__initenv
_cexit
calloc
toupper
_snprintf
__getmainargs
wcslen
strncpy
_controlfp
memchr
_itoa
wcsncpy
strrchr
_snwprintf
memmove
_XcptFilter
_wcsnicmp
wcsrchr
_stricmp
_adjust_fdiv
_strcmpi

advapi32

InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
LogonUserW
RegQueryValueExA
FreeSid
AddAccessAllowedAce
RegSetKeySecurity
LsaOpenPolicy
LsaFreeMemory
RegCloseKey
AdjustTokenPrivileges
ImpersonateLoggedOnUser
SetSecurityDescriptorDacl
EqualSid
MakeSelfRelativeSD
CryptAcquireContextW
LookupAccountSidW
ReportEventW
RegOpenKeyExA
IsValidSid
CreateProcessAsUserW
LsaClose
GetSecurityDescriptorLength
GetSidSubAuthorityCount
LookupPrivilegeValueW
RegSetValueExW
OpenProcessToken
GetTokenInformation
LookupAccountNameW
DeregisterEventSource
GetSidIdentifierAuthority
AllocateAndInitializeSid
RegQueryValueExW
CryptReleaseContext
GetSidSubAuthority
CryptGenRandom
RegLoadKeyA
GetAce
RegisterEventSourceW
RegOpenKeyExW
RegCreateKeyExW
DuplicateTokenEx
RegOpenKeyW
OpenThreadToken
LsaQueryInformationPolicy
RegCreateKeyA
RevertToSelf

shell32

SHGetFolderPathW

netapi32

NetApiBufferFree
NetGetAnyDCName
NetUserGetInfo

ws2_32

WSASocketW

Sections

.text
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e3873ec5d2a9fa893ab7f70895cbe637

Headers

File Characteristics

Imports

mpr

kernel32

security

msvcrt

advapi32

shell32

netapi32

ws2_32

Sections

.text Size: 126KB - Virtual size: 126KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 58KB - Virtual size: 57KB

.rsrc Size: 78KB - Virtual size: 78KB

.text
Size: 126KB - Virtual size: 126KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 58KB - Virtual size: 57KB

.rsrc
Size: 78KB - Virtual size: 78KB